diff options
author | José Bollo <jose.bollo@iot.bzh> | 2018-12-04 15:45:12 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2018-12-05 18:06:59 +0100 |
commit | 11eb7a48269b820f4c954127abdcd26e56111b99 (patch) | |
tree | 6def8471d4a2c1c999e078bd638468d6592b5950 | |
parent | 7b92bb1cdebfaefd0fe778f63542ce5d465daa94 (diff) | |
download | libmicrohttpd-11eb7a48269b820f4c954127abdcd26e56111b99.tar.gz libmicrohttpd-11eb7a48269b820f4c954127abdcd26e56111b99.zip |
Improve parsing of HTTPS options
The argument of the HTTPS options is now always
extracted from the list of variable arguments.
This removes strange errors like:
MHD HTTPS option 8 passed to MHD but MHD_USE_TLS not set
Invalid option 6313728! (Did you terminate the list with MHD_OPTION_END?)
And allows to activate/deactivate HTTPS fairly by
only setting or not the flag MHD_USE_TLS.
Change-Id: I31acedbdefe9c930e94c7227d240a36d2a9000d5
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Christian Grothoff <christian@grothoff.org>
-rw-r--r-- | src/microhttpd/daemon.c | 57 |
1 files changed, 38 insertions, 19 deletions
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c index 4f6f4128..12495841 100644 --- a/src/microhttpd/daemon.c +++ b/src/microhttpd/daemon.c | |||
@@ -4775,6 +4775,9 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4775 | #ifdef HTTPS_SUPPORT | 4775 | #ifdef HTTPS_SUPPORT |
4776 | int ret; | 4776 | int ret; |
4777 | const char *pstr; | 4777 | const char *pstr; |
4778 | #if GNUTLS_VERSION_MAJOR >= 3 | ||
4779 | gnutls_certificate_retrieve_function2 *pgcrf; | ||
4780 | #endif | ||
4778 | #endif /* HTTPS_SUPPORT */ | 4781 | #endif /* HTTPS_SUPPORT */ |
4779 | 4782 | ||
4780 | while (MHD_OPTION_END != (opt = (enum MHD_OPTION) va_arg (ap, int))) | 4783 | while (MHD_OPTION_END != (opt = (enum MHD_OPTION) va_arg (ap, int))) |
@@ -4892,9 +4895,10 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4892 | break; | 4895 | break; |
4893 | #ifdef HTTPS_SUPPORT | 4896 | #ifdef HTTPS_SUPPORT |
4894 | case MHD_OPTION_HTTPS_MEM_KEY: | 4897 | case MHD_OPTION_HTTPS_MEM_KEY: |
4898 | pstr = va_arg (ap, | ||
4899 | const char *); | ||
4895 | if (0 != (daemon->options & MHD_USE_TLS)) | 4900 | if (0 != (daemon->options & MHD_USE_TLS)) |
4896 | daemon->https_mem_key = va_arg (ap, | 4901 | daemon->https_mem_key = pstr; |
4897 | const char *); | ||
4898 | #ifdef HAVE_MESSAGES | 4902 | #ifdef HAVE_MESSAGES |
4899 | else | 4903 | else |
4900 | MHD_DLOG (daemon, | 4904 | MHD_DLOG (daemon, |
@@ -4903,9 +4907,10 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4903 | #endif | 4907 | #endif |
4904 | break; | 4908 | break; |
4905 | case MHD_OPTION_HTTPS_KEY_PASSWORD: | 4909 | case MHD_OPTION_HTTPS_KEY_PASSWORD: |
4910 | pstr = va_arg (ap, | ||
4911 | const char *); | ||
4906 | if (0 != (daemon->options & MHD_USE_TLS)) | 4912 | if (0 != (daemon->options & MHD_USE_TLS)) |
4907 | daemon->https_key_password = va_arg (ap, | 4913 | daemon->https_key_password = pstr; |
4908 | const char *); | ||
4909 | #ifdef HAVE_MESSAGES | 4914 | #ifdef HAVE_MESSAGES |
4910 | else | 4915 | else |
4911 | MHD_DLOG (daemon, | 4916 | MHD_DLOG (daemon, |
@@ -4914,9 +4919,10 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4914 | #endif | 4919 | #endif |
4915 | break; | 4920 | break; |
4916 | case MHD_OPTION_HTTPS_MEM_CERT: | 4921 | case MHD_OPTION_HTTPS_MEM_CERT: |
4922 | pstr = va_arg (ap, | ||
4923 | const char *); | ||
4917 | if (0 != (daemon->options & MHD_USE_TLS)) | 4924 | if (0 != (daemon->options & MHD_USE_TLS)) |
4918 | daemon->https_mem_cert = va_arg (ap, | 4925 | daemon->https_mem_cert = pstr; |
4919 | const char *); | ||
4920 | #ifdef HAVE_MESSAGES | 4926 | #ifdef HAVE_MESSAGES |
4921 | else | 4927 | else |
4922 | MHD_DLOG (daemon, | 4928 | MHD_DLOG (daemon, |
@@ -4925,9 +4931,10 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4925 | #endif | 4931 | #endif |
4926 | break; | 4932 | break; |
4927 | case MHD_OPTION_HTTPS_MEM_TRUST: | 4933 | case MHD_OPTION_HTTPS_MEM_TRUST: |
4934 | pstr = va_arg (ap, | ||
4935 | const char *); | ||
4928 | if (0 != (daemon->options & MHD_USE_TLS)) | 4936 | if (0 != (daemon->options & MHD_USE_TLS)) |
4929 | daemon->https_mem_trust = va_arg (ap, | 4937 | daemon->https_mem_trust = pstr; |
4930 | const char *); | ||
4931 | #ifdef HAVE_MESSAGES | 4938 | #ifdef HAVE_MESSAGES |
4932 | else | 4939 | else |
4933 | MHD_DLOG (daemon, | 4940 | MHD_DLOG (daemon, |
@@ -4940,10 +4947,10 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4940 | int); | 4947 | int); |
4941 | break; | 4948 | break; |
4942 | case MHD_OPTION_HTTPS_MEM_DHPARAMS: | 4949 | case MHD_OPTION_HTTPS_MEM_DHPARAMS: |
4950 | pstr = va_arg (ap, | ||
4951 | const char *); | ||
4943 | if (0 != (daemon->options & MHD_USE_TLS)) | 4952 | if (0 != (daemon->options & MHD_USE_TLS)) |
4944 | { | 4953 | { |
4945 | const char *arg = va_arg (ap, | ||
4946 | const char *); | ||
4947 | gnutls_datum_t dhpar; | 4954 | gnutls_datum_t dhpar; |
4948 | 4955 | ||
4949 | if (gnutls_dh_params_init (&daemon->https_mem_dhparams) < 0) | 4956 | if (gnutls_dh_params_init (&daemon->https_mem_dhparams) < 0) |
@@ -4954,8 +4961,8 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4954 | #endif | 4961 | #endif |
4955 | return MHD_NO; | 4962 | return MHD_NO; |
4956 | } | 4963 | } |
4957 | dhpar.data = (unsigned char *) arg; | 4964 | dhpar.data = (unsigned char *) pstr; |
4958 | dhpar.size = strlen (arg); | 4965 | dhpar.size = strlen (pstr); |
4959 | if (gnutls_dh_params_import_pkcs3 (daemon->https_mem_dhparams, | 4966 | if (gnutls_dh_params_import_pkcs3 (daemon->https_mem_dhparams, |
4960 | &dhpar, | 4967 | &dhpar, |
4961 | GNUTLS_X509_FMT_PEM) < 0) | 4968 | GNUTLS_X509_FMT_PEM) < 0) |
@@ -4969,22 +4976,21 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4969 | } | 4976 | } |
4970 | daemon->have_dhparams = true; | 4977 | daemon->have_dhparams = true; |
4971 | } | 4978 | } |
4972 | else | ||
4973 | { | ||
4974 | #ifdef HAVE_MESSAGES | 4979 | #ifdef HAVE_MESSAGES |
4980 | else | ||
4975 | MHD_DLOG (daemon, | 4981 | MHD_DLOG (daemon, |
4976 | _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"), | 4982 | _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"), |
4977 | opt); | 4983 | opt); |
4978 | #endif | 4984 | #endif |
4979 | return MHD_NO; | ||
4980 | } | ||
4981 | break; | 4985 | break; |
4982 | case MHD_OPTION_HTTPS_PRIORITIES: | 4986 | case MHD_OPTION_HTTPS_PRIORITIES: |
4987 | pstr = va_arg (ap, | ||
4988 | const char *); | ||
4983 | if (0 != (daemon->options & MHD_USE_TLS)) | 4989 | if (0 != (daemon->options & MHD_USE_TLS)) |
4984 | { | 4990 | { |
4985 | gnutls_priority_deinit (daemon->priority_cache); | 4991 | gnutls_priority_deinit (daemon->priority_cache); |
4986 | ret = gnutls_priority_init (&daemon->priority_cache, | 4992 | ret = gnutls_priority_init (&daemon->priority_cache, |
4987 | pstr = va_arg (ap, const char*), | 4993 | pstr, |
4988 | NULL); | 4994 | NULL); |
4989 | if (GNUTLS_E_SUCCESS != ret) | 4995 | if (GNUTLS_E_SUCCESS != ret) |
4990 | { | 4996 | { |
@@ -4998,6 +5004,12 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4998 | return MHD_NO; | 5004 | return MHD_NO; |
4999 | } | 5005 | } |
5000 | } | 5006 | } |
5007 | #ifdef HAVE_MESSAGES | ||
5008 | else | ||
5009 | MHD_DLOG (daemon, | ||
5010 | _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"), | ||
5011 | opt); | ||
5012 | #endif | ||
5001 | break; | 5013 | break; |
5002 | case MHD_OPTION_HTTPS_CERT_CALLBACK: | 5014 | case MHD_OPTION_HTTPS_CERT_CALLBACK: |
5003 | #if GNUTLS_VERSION_MAJOR < 3 | 5015 | #if GNUTLS_VERSION_MAJOR < 3 |
@@ -5007,9 +5019,16 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
5007 | #endif | 5019 | #endif |
5008 | return MHD_NO; | 5020 | return MHD_NO; |
5009 | #else | 5021 | #else |
5022 | pgcrf = va_arg (ap, | ||
5023 | gnutls_certificate_retrieve_function2 *); | ||
5010 | if (0 != (daemon->options & MHD_USE_TLS)) | 5024 | if (0 != (daemon->options & MHD_USE_TLS)) |
5011 | daemon->cert_callback = va_arg (ap, | 5025 | daemon->cert_callback = pgcrf; |
5012 | gnutls_certificate_retrieve_function2 *); | 5026 | else |
5027 | #ifdef HAVE_MESSAGES | ||
5028 | MHD_DLOG (daemon, | ||
5029 | _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"), | ||
5030 | opt); | ||
5031 | #endif | ||
5013 | break; | 5032 | break; |
5014 | #endif | 5033 | #endif |
5015 | #endif /* HTTPS_SUPPORT */ | 5034 | #endif /* HTTPS_SUPPORT */ |