Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
M
mongoose
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
esp
mongoose
Commits
dc513a9a
Commit
dc513a9a
authored
Jan 27, 2013
by
Sergey Lyubka
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Wrapped SSL code into #ifndef NO_SSL
parent
8ce6cf61
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
28 additions
and
12 deletions
+28
-12
mongoose.c
mongoose.c
+28
-12
No files found.
mongoose.c
View file @
dc513a9a
...
@@ -1455,9 +1455,12 @@ static int64_t push(FILE *fp, SOCKET sock, SSL *ssl, const char *buf,
...
@@ -1455,9 +1455,12 @@ static int64_t push(FILE *fp, SOCKET sock, SSL *ssl, const char *buf,
// How many bytes we send in this iteration
// How many bytes we send in this iteration
k
=
len
-
sent
>
INT_MAX
?
INT_MAX
:
(
int
)
(
len
-
sent
);
k
=
len
-
sent
>
INT_MAX
?
INT_MAX
:
(
int
)
(
len
-
sent
);
#ifndef NO_SSL
if
(
ssl
!=
NULL
)
{
if
(
ssl
!=
NULL
)
{
n
=
SSL_write
(
ssl
,
buf
+
sent
,
k
);
n
=
SSL_write
(
ssl
,
buf
+
sent
,
k
);
}
else
if
(
fp
!=
NULL
)
{
}
else
#endif
if
(
fp
!=
NULL
)
{
n
=
(
int
)
fwrite
(
buf
+
sent
,
1
,
(
size_t
)
k
,
fp
);
n
=
(
int
)
fwrite
(
buf
+
sent
,
1
,
(
size_t
)
k
,
fp
);
if
(
ferror
(
fp
))
if
(
ferror
(
fp
))
n
=
-
1
;
n
=
-
1
;
...
@@ -1487,9 +1490,11 @@ static int wait_until_socket_is_readable(struct mg_connection *conn) {
...
@@ -1487,9 +1490,11 @@ static int wait_until_socket_is_readable(struct mg_connection *conn) {
pfd
.
fd
=
conn
->
client
.
sock
;
pfd
.
fd
=
conn
->
client
.
sock
;
pfd
.
events
=
POLLIN
;
pfd
.
events
=
POLLIN
;
result
=
poll
(
&
pfd
,
1
,
200
);
result
=
poll
(
&
pfd
,
1
,
200
);
#ifndef NO_SSL
if
(
result
==
0
&&
conn
->
ssl
!=
NULL
)
{
if
(
result
==
0
&&
conn
->
ssl
!=
NULL
)
{
result
=
SSL_pending
(
conn
->
ssl
);
result
=
SSL_pending
(
conn
->
ssl
);
}
}
#endif
}
while
((
result
==
0
||
(
result
<
0
&&
ERRNO
==
EINTR
))
&&
}
while
((
result
==
0
||
(
result
<
0
&&
ERRNO
==
EINTR
))
&&
conn
->
ctx
->
stop_flag
==
0
);
conn
->
ctx
->
stop_flag
==
0
);
...
@@ -1508,8 +1513,10 @@ static int pull(FILE *fp, struct mg_connection *conn, char *buf, int len) {
...
@@ -1508,8 +1513,10 @@ static int pull(FILE *fp, struct mg_connection *conn, char *buf, int len) {
nread
=
read
(
fileno
(
fp
),
buf
,
(
size_t
)
len
);
nread
=
read
(
fileno
(
fp
),
buf
,
(
size_t
)
len
);
}
else
if
(
!
conn
->
must_close
&&
!
wait_until_socket_is_readable
(
conn
))
{
}
else
if
(
!
conn
->
must_close
&&
!
wait_until_socket_is_readable
(
conn
))
{
nread
=
-
1
;
nread
=
-
1
;
#ifndef NO_SSL
}
else
if
(
conn
->
ssl
!=
NULL
)
{
}
else
if
(
conn
->
ssl
!=
NULL
)
{
nread
=
SSL_read
(
conn
->
ssl
,
buf
,
len
);
nread
=
SSL_read
(
conn
->
ssl
,
buf
,
len
);
#endif
}
else
{
}
else
{
nread
=
recv
(
conn
->
client
.
sock
,
buf
,
(
size_t
)
len
,
0
);
nread
=
recv
(
conn
->
client
.
sock
,
buf
,
(
size_t
)
len
,
0
);
}
}
...
@@ -1809,12 +1816,6 @@ static void convert_uri_to_file_name(struct mg_connection *conn, char *buf,
...
@@ -1809,12 +1816,6 @@ static void convert_uri_to_file_name(struct mg_connection *conn, char *buf,
}
}
}
}
static
int
sslize
(
struct
mg_connection
*
conn
,
SSL_CTX
*
s
,
int
(
*
func
)(
SSL
*
))
{
return
(
conn
->
ssl
=
SSL_new
(
s
))
!=
NULL
&&
SSL_set_fd
(
conn
->
ssl
,
conn
->
client
.
sock
)
==
1
&&
func
(
conn
->
ssl
)
==
1
;
}
// Check whether full request is buffered. Return:
// Check whether full request is buffered. Return:
// -1 if request is malformed
// -1 if request is malformed
// 0 if request is not yet fully buffered
// 0 if request is not yet fully buffered
...
@@ -1828,7 +1829,8 @@ static int get_request_len(const char *buf, int buflen) {
...
@@ -1828,7 +1829,8 @@ static int get_request_len(const char *buf, int buflen) {
if
(
!
isprint
(
*
(
const
unsigned
char
*
)
s
)
&&
*
s
!=
'\r'
&&
if
(
!
isprint
(
*
(
const
unsigned
char
*
)
s
)
&&
*
s
!=
'\r'
&&
*
s
!=
'\n'
&&
*
(
const
unsigned
char
*
)
s
<
128
)
{
*
s
!=
'\n'
&&
*
(
const
unsigned
char
*
)
s
<
128
)
{
len
=
-
1
;
len
=
-
1
;
break
;
// [i_a] abort scan as soon as one malformed character is found; don't let subsequent \r\n\r\n win us over anyhow
break
;
// [i_a] abort scan as soon as one malformed character is found;
// don't let subsequent \r\n\r\n win us over anyhow
}
else
if
(
s
[
0
]
==
'\n'
&&
s
[
1
]
==
'\n'
)
{
}
else
if
(
s
[
0
]
==
'\n'
&&
s
[
1
]
==
'\n'
)
{
len
=
(
int
)
(
s
-
buf
)
+
2
;
len
=
(
int
)
(
s
-
buf
)
+
2
;
}
else
if
(
s
[
0
]
==
'\n'
&&
&
s
[
1
]
<
e
&&
}
else
if
(
s
[
0
]
==
'\n'
&&
&
s
[
1
]
<
e
&&
...
@@ -4500,6 +4502,12 @@ static int set_uid_option(struct mg_context *ctx) {
...
@@ -4500,6 +4502,12 @@ static int set_uid_option(struct mg_context *ctx) {
#if !defined(NO_SSL)
#if !defined(NO_SSL)
static
pthread_mutex_t
*
ssl_mutexes
;
static
pthread_mutex_t
*
ssl_mutexes
;
static
int
sslize
(
struct
mg_connection
*
conn
,
SSL_CTX
*
s
,
int
(
*
func
)(
SSL
*
))
{
return
(
conn
->
ssl
=
SSL_new
(
s
))
!=
NULL
&&
SSL_set_fd
(
conn
->
ssl
,
conn
->
client
.
sock
)
==
1
&&
func
(
conn
->
ssl
)
==
1
;
}
// Return OpenSSL error message
// Return OpenSSL error message
static
const
char
*
ssl_error
(
void
)
{
static
const
char
*
ssl_error
(
void
)
{
unsigned
long
err
;
unsigned
long
err
;
...
@@ -4686,16 +4694,20 @@ static void close_connection(struct mg_connection *conn) {
...
@@ -4686,16 +4694,20 @@ static void close_connection(struct mg_connection *conn) {
if
(
conn
->
client
.
sock
!=
INVALID_SOCKET
)
{
if
(
conn
->
client
.
sock
!=
INVALID_SOCKET
)
{
close_socket_gracefully
(
conn
);
close_socket_gracefully
(
conn
);
}
}
#ifndef NO_SSL
// Must be done AFTER socket is closed
// Must be done AFTER socket is closed
if
(
conn
->
ssl
!=
NULL
)
{
if
(
conn
->
ssl
!=
NULL
)
{
SSL_free
(
conn
->
ssl
);
SSL_free
(
conn
->
ssl
);
}
}
#endif
}
}
void
mg_close_connection
(
struct
mg_connection
*
conn
)
{
void
mg_close_connection
(
struct
mg_connection
*
conn
)
{
#ifndef NO_SSL
if
(
conn
->
client_ssl_ctx
!=
NULL
)
{
if
(
conn
->
client_ssl_ctx
!=
NULL
)
{
SSL_CTX_free
((
SSL_CTX
*
)
conn
->
client_ssl_ctx
);
SSL_CTX_free
((
SSL_CTX
*
)
conn
->
client_ssl_ctx
);
}
}
#endif
close_connection
(
conn
);
close_connection
(
conn
);
free
(
conn
);
free
(
conn
);
}
}
...
@@ -4743,12 +4755,14 @@ struct mg_connection *mg_connect(const char *host, int port, int use_ssl,
...
@@ -4743,12 +4755,14 @@ struct mg_connection *mg_connect(const char *host, int port, int use_ssl,
conn
->
client
.
sock
=
sock
;
conn
->
client
.
sock
=
sock
;
conn
->
client
.
rsa
.
sin
=
sin
;
conn
->
client
.
rsa
.
sin
=
sin
;
conn
->
client
.
is_ssl
=
use_ssl
;
conn
->
client
.
is_ssl
=
use_ssl
;
#ifndef NO_SSL
if
(
use_ssl
)
{
if
(
use_ssl
)
{
// SSL_CTX_set_verify call is needed to switch off server certificate
// SSL_CTX_set_verify call is needed to switch off server certificate
// checking, which is off by default in OpenSSL and on in yaSSL.
// checking, which is off by default in OpenSSL and on in yaSSL.
SSL_CTX_set_verify
(
conn
->
client_ssl_ctx
,
0
,
0
);
SSL_CTX_set_verify
(
conn
->
client_ssl_ctx
,
0
,
0
);
sslize
(
conn
,
conn
->
client_ssl_ctx
,
SSL_connect
);
sslize
(
conn
,
conn
->
client_ssl_ctx
,
SSL_connect
);
}
}
#endif
}
}
}
}
...
@@ -4925,9 +4939,11 @@ static void *worker_thread(void *thread_func_param) {
...
@@ -4925,9 +4939,11 @@ static void *worker_thread(void *thread_func_param) {
conn
->
request_info
.
remote_ip
=
ntohl
(
conn
->
request_info
.
remote_ip
);
conn
->
request_info
.
remote_ip
=
ntohl
(
conn
->
request_info
.
remote_ip
);
conn
->
request_info
.
is_ssl
=
conn
->
client
.
is_ssl
;
conn
->
request_info
.
is_ssl
=
conn
->
client
.
is_ssl
;
if
(
!
conn
->
client
.
is_ssl
||
if
(
!
conn
->
client
.
is_ssl
(
conn
->
client
.
is_ssl
&&
#ifndef NO_SSL
sslize
(
conn
,
conn
->
ctx
->
ssl_ctx
,
SSL_accept
)))
{
||
sslize
(
conn
,
conn
->
ctx
->
ssl_ctx
,
SSL_accept
)
#endif
)
{
process_new_connection
(
conn
);
process_new_connection
(
conn
);
}
}
...
@@ -5068,11 +5084,11 @@ static void free_context(struct mg_context *ctx) {
...
@@ -5068,11 +5084,11 @@ static void free_context(struct mg_context *ctx) {
free
(
ctx
->
config
[
i
]);
free
(
ctx
->
config
[
i
]);
}
}
#ifndef NO_SSL
// Deallocate SSL context
// Deallocate SSL context
if
(
ctx
->
ssl_ctx
!=
NULL
)
{
if
(
ctx
->
ssl_ctx
!=
NULL
)
{
SSL_CTX_free
(
ctx
->
ssl_ctx
);
SSL_CTX_free
(
ctx
->
ssl_ctx
);
}
}
#ifndef NO_SSL
if
(
ssl_mutexes
!=
NULL
)
{
if
(
ssl_mutexes
!=
NULL
)
{
free
(
ssl_mutexes
);
free
(
ssl_mutexes
);
ssl_mutexes
=
NULL
;
ssl_mutexes
=
NULL
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment