more work on MHD2 API

author: Christian Grothoff <christian@grothoff.org> 2018-02-09 06:13:12 +0100
committer: Christian Grothoff <christian@grothoff.org> 2018-02-09 06:13:12 +0100
commit: 48dd53c7eb6a0ec3f47c23511bcf94d3f6f52e24 (patch)
tree: c5ce7234dc91ba6d0a2bc2348972f15eb8180a18
parent: f65dd8e0969d6c43913da51b585437c7f8447cac (diff)
download: libmicrohttpd-48dd53c7eb6a0ec3f47c23511bcf94d3f6f52e24.tar.gz
libmicrohttpd-48dd53c7eb6a0ec3f47c23511bcf94d3f6f52e24.zip
2 files changed, 118 insertions, 5 deletions
diff --git a/src/include/microhttpd_tls.h b/src/include/microhttpd_tls.h
new file mode 100644
index 00000000..cbb50aa2
--- /dev/null
+++ b/src/include/microhttpd_tls.h
@@ -0,0 +1,104 @@
+#ifndef MICROHTTPD_TLS_H
+#define MICROHTTPD_TLS_H
+/**
+ * Version of the TLS ABI.
+ */
+#define MHD_TLS_ABI_VERSION 0
+/**
+ * Version of the TLS ABI as a string.
+ * Must match #MHD_TLS_ABI_VERSION!
+ */
+#define MHD_TLS_ABI_VERSION_STR "0"
+/**
+ * Callback functions to use for TLS operations.
+ */
+struct MHD_TLS_Plugin
+{
+  /**
+   * Closure with plugin's internal state, opaque to MHD.
+   */ 
+  void *cls;
+  
+  /**
+   * Destroy the plugin, we are done with it.
+   */
+  void
+  (*done)(struct MHD_TLS_Plugin *plugin);
+  /**
+   * Initialize key and certificate data from memory.
+   *
+   * @param cls the @e cls of this struct
+   * @param mem_key private key (key.pem) to be used by the
+   *     HTTPS daemon.  Must be the actual data in-memory, not a filename.
+   * @param mem_cert certificate (cert.pem) to be used by the
+   *     HTTPS daemon.  Must be the actual data in-memory, not a filename.
+   * @param pass passphrase phrase to decrypt 'key.pem', NULL
+   *     if @param mem_key is in cleartext already
+   * @return #MHD_SC_OK upon success; TODO: define failure modes
+   */
+  enum MHD_StatusCode
+  (*init_kcp)(void *cls,
+              const char *mem_key,
+              const char *mem_cert,
+              const char *pass);
+  /**
+   * Initialize DH parameters.
+   *
+   * @param cls the @e cls of this struct
+   * @param dh parameters to use
+   * @return #MHD_SC_OK upon success; TODO: define failure modes
+   */
+  enum MHD_StatusCode
+  (*init_dhparams)(void *cls,
+                   const char *dh);
+  /**
+   * Initialize certificate to use for client authentication.
+   *
+   * @param cls the @e cls of this struct
+   * @param mem_trust client certificate
+   * @return #MHD_SC_OK upon success; TODO: define failure modes
+   */
+  enum MHD_StatusCode
+  (*init_mem_trust)(void *cls,
+                    const char *mem_trust);
+  
+  
+  /**
+   * TODO: More functions here....
+   */
+  
+};
+/**
+ * Signature of the initialization function each TLS plugin must
+ * export.
+ *
+ * @param ciphers desired cipher suite
+ * @return NULL on errors (in particular, invalid cipher suite)
+ */
+typedef struct MHD_TLS_Plugin *
+MHD_TLS_PluginInit (const char *ciphers);
+/**
+ * Define function to be exported from the TLS plugin.
+ *
+ * @a body function body that receives `ciphers` argument
+ *    and must return the plugin API, or NULL on error.
+ */
+#define MHD_TLS_INIT(body) \
+  struct MHD_TLS_Plugin * \
+  MHD_TLS_init_ ## MHD_TLS_ABI_VERSION (const char *ciphers) \\
+  {  body  }
+#endif
diff --git a/src/lib/daemon_start.c b/src/lib/daemon_start.c
index 51c48a28..5ed6d29d 100644
--- a/src/lib/daemon_start.c
+++ b/src/lib/daemon_start.c
@@ -177,11 +177,12 @@ static enum MHD_StatusCode
 open_listen_socket (struct MHD_Daemon *daemon)
 {
  enum MHD_StatusCode sc;
-  bool usev6;
  socklen_t addrlen;
  struct sockaddr_storage ss;
  const struct sockaddr *sa;
+  int pf;
+  bool use_v6;
+      
  if (MHD_INVALID_SOCKET != daemon->listen_fd)
    return MHD_SC_OK; /* application opened it for us! */
@@ -194,17 +195,21 @@ open_listen_socket (struct MHD_Daemon *daemon)
          abort ();
        case MHD_AF_AUTO:
 #if HAVE_INET6
+          pf = PF_INET6;
          use_v6 = true;
 #else
+          pf = PF_INET;
          use_v6 = false;
 #endif
          break;
        case MHD_AF_INET:
          use_v6 = false;
+          pf = PF_INET;
          break;
        case MHD_AF_INET6:
        case MHD_AF_DUAL:
 #if HAVE_INET6
+          pf = PF_INET6;
          use_v6 = true;
          break;
 #else
@@ -219,21 +224,24 @@ open_listen_socket (struct MHD_Daemon *daemon)
    }
  else if (0 != daemon->listen_sa_len)
    {
+      
      /* we have a listen address, get AF from there! */
      switch (daemon->listen_sa.ss_family)
      {
      case AF_INET:
+        pf = PF_INET;
        use_v6 = false;
        break;
 #ifdef AF_INET6
      case AF_INET6:
+        pf = PF_INET6;
        use_v6 = true;
        break;
 #endif
 #ifdef AF_UNIX
      case AF_UNIX:
-        // FIXME: not implemented
+        pf = PF_UNIX;
-        // (need to change MHD_socket_create_listen_() API!)
+        use_v6 = false;
 #endif
      default:
        return MHD_SC_AF_NOT_SUPPORTED_BY_BUILD;
@@ -247,12 +255,13 @@ open_listen_socket (struct MHD_Daemon *daemon)
  
  /* try to open listen socket */
 try_open_listen_socket:
-  daemon->listen_socket = MHD_socket_create_listen_(use_v6);
+  daemon->listen_socket = MHD_socket_create_listen_(pf);
  if ( (MHD_INVALID_SOCKET == daemon->listen_socket) &&
       (MHD_AF_AUTO == daemon->address_family) &&
       (use_v6) )
    {
      use_v6 = false;
+      pf = PF_INET;
      goto try_open_listen_socket;
    }
  if (MHD_INVALID_SOCKET == daemon->listen_socket)
author	Christian Grothoff <christian@grothoff.org>	2018-02-09 06:13:12 +0100
committer	Christian Grothoff <christian@grothoff.org>	2018-02-09 06:13:12 +0100
commit	48dd53c7eb6a0ec3f47c23511bcf94d3f6f52e24 (patch)
tree	c5ce7234dc91ba6d0a2bc2348972f15eb8180a18
parent	f65dd8e0969d6c43913da51b585437c7f8447cac (diff)
download	libmicrohttpd-48dd53c7eb6a0ec3f47c23511bcf94d3f6f52e24.tar.gz libmicrohttpd-48dd53c7eb6a0ec3f47c23511bcf94d3f6f52e24.zip

diff --git a/src/include/microhttpd_tls.h b/src/include/microhttpd_tls.h new file mode 100644 index 00000000..cbb50aa2 --- /dev/null +++ b/src/include/microhttpd_tls.h
@@ -0,0 +1,104 @@
		1	#ifndef MICROHTTPD_TLS_H
		2	#define MICROHTTPD_TLS_H
		3
		4	/**
		5	* Version of the TLS ABI.
		6	*/
		7	#define MHD_TLS_ABI_VERSION 0
		8
		9	/**
		10	* Version of the TLS ABI as a string.
		11	* Must match #MHD_TLS_ABI_VERSION!
		12	*/
		13	#define MHD_TLS_ABI_VERSION_STR "0"
		14
		15
		16	/**
		17	* Callback functions to use for TLS operations.
		18	*/
		19	struct MHD_TLS_Plugin
		20	{
		21	/**
		22	* Closure with plugin's internal state, opaque to MHD.
		23	*/
		24	void *cls;
		25
		26	/**
		27	* Destroy the plugin, we are done with it.
		28	*/
		29	void
		30	(done)(struct MHD_TLS_Plugin plugin);
		31
		32	/**
		33	* Initialize key and certificate data from memory.
		34	*
		35	* @param cls the @e cls of this struct
		36	* @param mem_key private key (key.pem) to be used by the
		37	* HTTPS daemon. Must be the actual data in-memory, not a filename.
		38	* @param mem_cert certificate (cert.pem) to be used by the
		39	* HTTPS daemon. Must be the actual data in-memory, not a filename.
		40	* @param pass passphrase phrase to decrypt 'key.pem', NULL
		41	* if @param mem_key is in cleartext already
		42	* @return #MHD_SC_OK upon success; TODO: define failure modes
		43	*/
		44	enum MHD_StatusCode
		45	(init_kcp)(void cls,
		46	const char *mem_key,
		47	const char *mem_cert,
		48	const char *pass);
		49
		50
		51	/**
		52	* Initialize DH parameters.
		53	*
		54	* @param cls the @e cls of this struct
		55	* @param dh parameters to use
		56	* @return #MHD_SC_OK upon success; TODO: define failure modes
		57	*/
		58	enum MHD_StatusCode
		59	(init_dhparams)(void cls,
		60	const char *dh);
		61
		62
		63	/**
		64	* Initialize certificate to use for client authentication.
		65	*
		66	* @param cls the @e cls of this struct
		67	* @param mem_trust client certificate
		68	* @return #MHD_SC_OK upon success; TODO: define failure modes
		69	*/
		70	enum MHD_StatusCode
		71	(init_mem_trust)(void cls,
		72	const char *mem_trust);
		73
		74
		75	/**
		76	* TODO: More functions here....
		77	*/
		78
		79	};
		80
		81
		82	/**
		83	* Signature of the initialization function each TLS plugin must
		84	* export.
		85	*
		86	* @param ciphers desired cipher suite
		87	* @return NULL on errors (in particular, invalid cipher suite)
		88	*/
		89	typedef struct MHD_TLS_Plugin *
		90	MHD_TLS_PluginInit (const char *ciphers);
		91
		92
		93	/**
		94	* Define function to be exported from the TLS plugin.
		95	*
		96	* @a body function body that receives `ciphers` argument
		97	* and must return the plugin API, or NULL on error.
		98	*/
		99	#define MHD_TLS_INIT(body) \
		100	struct MHD_TLS_Plugin * \
		101	MHD_TLS_init_ ## MHD_TLS_ABI_VERSION (const char *ciphers) \\
		102	{ body }
		103
		104	#endif


diff --git a/src/lib/daemon_start.c b/src/lib/daemon_start.c index 51c48a28..5ed6d29d 100644 --- a/src/lib/daemon_start.c +++ b/src/lib/daemon_start.c
@@ -177,11 +177,12 @@ static enum MHD_StatusCode
177	open_listen_socket (struct MHD_Daemon *daemon)	177	open_listen_socket (struct MHD_Daemon *daemon)
178	{	178	{
179	enum MHD_StatusCode sc;	179	enum MHD_StatusCode sc;
180	bool usev6;
181	socklen_t addrlen;	180	socklen_t addrlen;
182	struct sockaddr_storage ss;	181	struct sockaddr_storage ss;
183	const struct sockaddr *sa;	182	const struct sockaddr *sa;
184		183	int pf;
		184	bool use_v6;
		185
185	if (MHD_INVALID_SOCKET != daemon->listen_fd)	186	if (MHD_INVALID_SOCKET != daemon->listen_fd)
186	return MHD_SC_OK; /* application opened it for us! */	187	return MHD_SC_OK; /* application opened it for us! */
187		188
@@ -194,17 +195,21 @@ open_listen_socket (struct MHD_Daemon *daemon)
194	abort ();	195	abort ();
195	case MHD_AF_AUTO:	196	case MHD_AF_AUTO:
196	#if HAVE_INET6	197	#if HAVE_INET6
		198	pf = PF_INET6;
197	use_v6 = true;	199	use_v6 = true;
198	#else	200	#else
		201	pf = PF_INET;
199	use_v6 = false;	202	use_v6 = false;
200	#endif	203	#endif
201	break;	204	break;
202	case MHD_AF_INET:	205	case MHD_AF_INET:
203	use_v6 = false;	206	use_v6 = false;
		207	pf = PF_INET;
204	break;	208	break;
205	case MHD_AF_INET6:	209	case MHD_AF_INET6:
206	case MHD_AF_DUAL:	210	case MHD_AF_DUAL:
207	#if HAVE_INET6	211	#if HAVE_INET6
		212	pf = PF_INET6;
208	use_v6 = true;	213	use_v6 = true;
209	break;	214	break;
210	#else	215	#else
@@ -219,21 +224,24 @@ open_listen_socket (struct MHD_Daemon *daemon)
219	}	224	}
220	else if (0 != daemon->listen_sa_len)	225	else if (0 != daemon->listen_sa_len)
221	{	226	{
		227
222	/* we have a listen address, get AF from there! */	228	/* we have a listen address, get AF from there! */
223	switch (daemon->listen_sa.ss_family)	229	switch (daemon->listen_sa.ss_family)
224	{	230	{
225	case AF_INET:	231	case AF_INET:
		232	pf = PF_INET;
226	use_v6 = false;	233	use_v6 = false;
227	break;	234	break;
228	#ifdef AF_INET6	235	#ifdef AF_INET6
229	case AF_INET6:	236	case AF_INET6:
		237	pf = PF_INET6;
230	use_v6 = true;	238	use_v6 = true;
231	break;	239	break;
232	#endif	240	#endif
233	#ifdef AF_UNIX	241	#ifdef AF_UNIX
234	case AF_UNIX:	242	case AF_UNIX:
235	// FIXME: not implemented	243	pf = PF_UNIX;
236	// (need to change MHD_socket_create_listen_() API!)	244	use_v6 = false;
237	#endif	245	#endif
238	default:	246	default:
239	return MHD_SC_AF_NOT_SUPPORTED_BY_BUILD;	247	return MHD_SC_AF_NOT_SUPPORTED_BY_BUILD;
@@ -247,12 +255,13 @@ open_listen_socket (struct MHD_Daemon *daemon)
247		255
248	/* try to open listen socket */	256	/* try to open listen socket */
249	try_open_listen_socket:	257	try_open_listen_socket:
250	daemon->listen_socket = MHD_socket_create_listen_(use_v6);	258	daemon->listen_socket = MHD_socket_create_listen_(pf);
251	if ( (MHD_INVALID_SOCKET == daemon->listen_socket) &&	259	if ( (MHD_INVALID_SOCKET == daemon->listen_socket) &&
252	(MHD_AF_AUTO == daemon->address_family) &&	260	(MHD_AF_AUTO == daemon->address_family) &&
253	(use_v6) )	261	(use_v6) )
254	{	262	{
255	use_v6 = false;	263	use_v6 = false;
		264	pf = PF_INET;
256	goto try_open_listen_socket;	265	goto try_open_listen_socket;
257	}	266	}
258	if (MHD_INVALID_SOCKET == daemon->listen_socket)	267	if (MHD_INVALID_SOCKET == daemon->listen_socket)