aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJosé Bollo <jose.bollo@iot.bzh>2018-12-04 15:45:12 +0100
committerChristian Grothoff <christian@grothoff.org>2018-12-05 18:06:59 +0100
commit11eb7a48269b820f4c954127abdcd26e56111b99 (patch)
tree6def8471d4a2c1c999e078bd638468d6592b5950
parent7b92bb1cdebfaefd0fe778f63542ce5d465daa94 (diff)
downloadlibmicrohttpd-11eb7a48269b820f4c954127abdcd26e56111b99.tar.gz
libmicrohttpd-11eb7a48269b820f4c954127abdcd26e56111b99.zip
Improve parsing of HTTPS options
The argument of the HTTPS options is now always extracted from the list of variable arguments. This removes strange errors like: MHD HTTPS option 8 passed to MHD but MHD_USE_TLS not set Invalid option 6313728! (Did you terminate the list with MHD_OPTION_END?) And allows to activate/deactivate HTTPS fairly by only setting or not the flag MHD_USE_TLS. Change-Id: I31acedbdefe9c930e94c7227d240a36d2a9000d5 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Signed-off-by: Christian Grothoff <christian@grothoff.org>
Diffstat
-rw-r--r--src/microhttpd/daemon.c57
1 files changed, 38 insertions, 19 deletions
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 4f6f4128..12495841 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -4775,6 +4775,9 @@ parse_options_va (struct MHD_Daemon *daemon,
4775#ifdef HTTPS_SUPPORT 4775#ifdef HTTPS_SUPPORT
4776 int ret; 4776 int ret;
4777 const char *pstr; 4777 const char *pstr;
4778#if GNUTLS_VERSION_MAJOR >= 3
4779 gnutls_certificate_retrieve_function2 *pgcrf;
4780#endif
4778#endif /* HTTPS_SUPPORT */ 4781#endif /* HTTPS_SUPPORT */
4779 4782
4780 while (MHD_OPTION_END != (opt = (enum MHD_OPTION) va_arg (ap, int))) 4783 while (MHD_OPTION_END != (opt = (enum MHD_OPTION) va_arg (ap, int)))
@@ -4892,9 +4895,10 @@ parse_options_va (struct MHD_Daemon *daemon,
4892 break; 4895 break;
4893#ifdef HTTPS_SUPPORT 4896#ifdef HTTPS_SUPPORT
4894 case MHD_OPTION_HTTPS_MEM_KEY: 4897 case MHD_OPTION_HTTPS_MEM_KEY:
4898 pstr = va_arg (ap,
4899 const char *);
4895 if (0 != (daemon->options & MHD_USE_TLS)) 4900 if (0 != (daemon->options & MHD_USE_TLS))
4896 daemon->https_mem_key = va_arg (ap, 4901 daemon->https_mem_key = pstr;
4897 const char *);
4898#ifdef HAVE_MESSAGES 4902#ifdef HAVE_MESSAGES
4899 else 4903 else
4900 MHD_DLOG (daemon, 4904 MHD_DLOG (daemon,
@@ -4903,9 +4907,10 @@ parse_options_va (struct MHD_Daemon *daemon,
4903#endif 4907#endif
4904 break; 4908 break;
4905 case MHD_OPTION_HTTPS_KEY_PASSWORD: 4909 case MHD_OPTION_HTTPS_KEY_PASSWORD:
4910 pstr = va_arg (ap,
4911 const char *);
4906 if (0 != (daemon->options & MHD_USE_TLS)) 4912 if (0 != (daemon->options & MHD_USE_TLS))
4907 daemon->https_key_password = va_arg (ap, 4913 daemon->https_key_password = pstr;
4908 const char *);
4909#ifdef HAVE_MESSAGES 4914#ifdef HAVE_MESSAGES
4910 else 4915 else
4911 MHD_DLOG (daemon, 4916 MHD_DLOG (daemon,
@@ -4914,9 +4919,10 @@ parse_options_va (struct MHD_Daemon *daemon,
4914#endif 4919#endif
4915 break; 4920 break;
4916 case MHD_OPTION_HTTPS_MEM_CERT: 4921 case MHD_OPTION_HTTPS_MEM_CERT:
4922 pstr = va_arg (ap,
4923 const char *);
4917 if (0 != (daemon->options & MHD_USE_TLS)) 4924 if (0 != (daemon->options & MHD_USE_TLS))
4918 daemon->https_mem_cert = va_arg (ap, 4925 daemon->https_mem_cert = pstr;
4919 const char *);
4920#ifdef HAVE_MESSAGES 4926#ifdef HAVE_MESSAGES
4921 else 4927 else
4922 MHD_DLOG (daemon, 4928 MHD_DLOG (daemon,
@@ -4925,9 +4931,10 @@ parse_options_va (struct MHD_Daemon *daemon,
4925#endif 4931#endif
4926 break; 4932 break;
4927 case MHD_OPTION_HTTPS_MEM_TRUST: 4933 case MHD_OPTION_HTTPS_MEM_TRUST:
4934 pstr = va_arg (ap,
4935 const char *);
4928 if (0 != (daemon->options & MHD_USE_TLS)) 4936 if (0 != (daemon->options & MHD_USE_TLS))
4929 daemon->https_mem_trust = va_arg (ap, 4937 daemon->https_mem_trust = pstr;
4930 const char *);
4931#ifdef HAVE_MESSAGES 4938#ifdef HAVE_MESSAGES
4932 else 4939 else
4933 MHD_DLOG (daemon, 4940 MHD_DLOG (daemon,
@@ -4940,10 +4947,10 @@ parse_options_va (struct MHD_Daemon *daemon,
4940 int); 4947 int);
4941 break; 4948 break;
4942 case MHD_OPTION_HTTPS_MEM_DHPARAMS: 4949 case MHD_OPTION_HTTPS_MEM_DHPARAMS:
4950 pstr = va_arg (ap,
4951 const char *);
4943 if (0 != (daemon->options & MHD_USE_TLS)) 4952 if (0 != (daemon->options & MHD_USE_TLS))
4944 { 4953 {
4945 const char *arg = va_arg (ap,
4946 const char *);
4947 gnutls_datum_t dhpar; 4954 gnutls_datum_t dhpar;
4948 4955
4949 if (gnutls_dh_params_init (&daemon->https_mem_dhparams) < 0) 4956 if (gnutls_dh_params_init (&daemon->https_mem_dhparams) < 0)
@@ -4954,8 +4961,8 @@ parse_options_va (struct MHD_Daemon *daemon,
4954#endif 4961#endif
4955 return MHD_NO; 4962 return MHD_NO;
4956 } 4963 }
4957 dhpar.data = (unsigned char *) arg; 4964 dhpar.data = (unsigned char *) pstr;
4958 dhpar.size = strlen (arg); 4965 dhpar.size = strlen (pstr);
4959 if (gnutls_dh_params_import_pkcs3 (daemon->https_mem_dhparams, 4966 if (gnutls_dh_params_import_pkcs3 (daemon->https_mem_dhparams,
4960 &dhpar, 4967 &dhpar,
4961 GNUTLS_X509_FMT_PEM) < 0) 4968 GNUTLS_X509_FMT_PEM) < 0)
@@ -4969,22 +4976,21 @@ parse_options_va (struct MHD_Daemon *daemon,
4969 } 4976 }
4970 daemon->have_dhparams = true; 4977 daemon->have_dhparams = true;
4971 } 4978 }
4972 else
4973 {
4974#ifdef HAVE_MESSAGES 4979#ifdef HAVE_MESSAGES
4980 else
4975 MHD_DLOG (daemon, 4981 MHD_DLOG (daemon,
4976 _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"), 4982 _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"),
4977 opt); 4983 opt);
4978#endif 4984#endif
4979 return MHD_NO;
4980 }
4981 break; 4985 break;
4982 case MHD_OPTION_HTTPS_PRIORITIES: 4986 case MHD_OPTION_HTTPS_PRIORITIES:
4987 pstr = va_arg (ap,
4988 const char *);
4983 if (0 != (daemon->options & MHD_USE_TLS)) 4989 if (0 != (daemon->options & MHD_USE_TLS))
4984 { 4990 {
4985 gnutls_priority_deinit (daemon->priority_cache); 4991 gnutls_priority_deinit (daemon->priority_cache);
4986 ret = gnutls_priority_init (&daemon->priority_cache, 4992 ret = gnutls_priority_init (&daemon->priority_cache,
4987 pstr = va_arg (ap, const char*), 4993 pstr,
4988 NULL); 4994 NULL);
4989 if (GNUTLS_E_SUCCESS != ret) 4995 if (GNUTLS_E_SUCCESS != ret)
4990 { 4996 {
@@ -4998,6 +5004,12 @@ parse_options_va (struct MHD_Daemon *daemon,
4998 return MHD_NO; 5004 return MHD_NO;
4999 } 5005 }
5000 } 5006 }
5007#ifdef HAVE_MESSAGES
5008 else
5009 MHD_DLOG (daemon,
5010 _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"),
5011 opt);
5012#endif
5001 break; 5013 break;
5002 case MHD_OPTION_HTTPS_CERT_CALLBACK: 5014 case MHD_OPTION_HTTPS_CERT_CALLBACK:
5003#if GNUTLS_VERSION_MAJOR < 3 5015#if GNUTLS_VERSION_MAJOR < 3
@@ -5007,9 +5019,16 @@ parse_options_va (struct MHD_Daemon *daemon,
5007#endif 5019#endif
5008 return MHD_NO; 5020 return MHD_NO;
5009#else 5021#else
5022 pgcrf = va_arg (ap,
5023 gnutls_certificate_retrieve_function2 *);
5010 if (0 != (daemon->options & MHD_USE_TLS)) 5024 if (0 != (daemon->options & MHD_USE_TLS))
5011 daemon->cert_callback = va_arg (ap, 5025 daemon->cert_callback = pgcrf;
5012 gnutls_certificate_retrieve_function2 *); 5026 else
5027#ifdef HAVE_MESSAGES
5028 MHD_DLOG (daemon,
5029 _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"),
5030 opt);
5031#endif
5013 break; 5032 break;
5014#endif 5033#endif
5015#endif /* HTTPS_SUPPORT */ 5034#endif /* HTTPS_SUPPORT */
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-18 06:20:33 +0000