diff options
author | ng0 <ng0@n0.is> | 2019-07-22 10:52:17 +0000 |
---|---|---|
committer | ng0 <ng0@n0.is> | 2019-07-22 10:52:17 +0000 |
commit | 7054ad4d559d630034eb511201131a3567110cbb (patch) | |
tree | 7435c9a1d9543d82cce7a22de76c1779fc4c0dc1 /src/microhttpd | |
parent | bc251e7f51bca12a376f39b587b828e6537c3cfc (diff) | |
parent | 9c7dc624ac5b251101e5f5b351ec660f67b312af (diff) | |
download | libmicrohttpd-7054ad4d559d630034eb511201131a3567110cbb.tar.gz libmicrohttpd-7054ad4d559d630034eb511201131a3567110cbb.zip |
Merge remote-tracking branch 'origin/master' into dev/ng0/gsoc2019
Diffstat (limited to 'src/microhttpd')
-rw-r--r-- | src/microhttpd/daemon.c | 44 | ||||
-rw-r--r-- | src/microhttpd/internal.h | 8 | ||||
-rw-r--r-- | src/microhttpd/response.c | 10 |
3 files changed, 60 insertions, 2 deletions
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c index 8e1a7ab8..d3595fe0 100644 --- a/src/microhttpd/daemon.c +++ b/src/microhttpd/daemon.c | |||
@@ -546,6 +546,14 @@ MHD_init_daemon_certificate (struct MHD_Daemon *daemon) | |||
546 | daemon->cert_callback); | 546 | daemon->cert_callback); |
547 | } | 547 | } |
548 | #endif | 548 | #endif |
549 | #if GNUTLS_VERSION_NUMBER >= 0x030603 | ||
550 | else if (NULL != daemon->cert_callback2) | ||
551 | { | ||
552 | gnutls_certificate_set_retrieve_function3 (daemon->x509_cred, | ||
553 | daemon->cert_callback2); | ||
554 | } | ||
555 | #endif | ||
556 | |||
549 | if (NULL != daemon->https_mem_trust) | 557 | if (NULL != daemon->https_mem_trust) |
550 | { | 558 | { |
551 | size_t paramlen; | 559 | size_t paramlen; |
@@ -634,6 +642,10 @@ MHD_init_daemon_certificate (struct MHD_Daemon *daemon) | |||
634 | if (NULL != daemon->cert_callback) | 642 | if (NULL != daemon->cert_callback) |
635 | return 0; | 643 | return 0; |
636 | #endif | 644 | #endif |
645 | #if GNUTLS_VERSION_NUMBER >= 0x030603 | ||
646 | else if (NULL != daemon->cert_callback2) | ||
647 | return 0; | ||
648 | #endif | ||
637 | #ifdef HAVE_MESSAGES | 649 | #ifdef HAVE_MESSAGES |
638 | MHD_DLOG (daemon, | 650 | MHD_DLOG (daemon, |
639 | "You need to specify a certificate and key location\n"); | 651 | "You need to specify a certificate and key location\n"); |
@@ -2540,7 +2552,7 @@ internal_add_connection (struct MHD_Daemon *daemon, | |||
2540 | #if (GNUTLS_VERSION_NUMBER+0 >= 0x030605) | 2552 | #if (GNUTLS_VERSION_NUMBER+0 >= 0x030605) |
2541 | if (0 != (daemon->options & MHD_USE_INSECURE_TLS_EARLY_DATA)) | 2553 | if (0 != (daemon->options & MHD_USE_INSECURE_TLS_EARLY_DATA)) |
2542 | flags |= GNUTLS_ENABLE_EARLY_DATA; | 2554 | flags |= GNUTLS_ENABLE_EARLY_DATA; |
2543 | #endif | 2555 | #endif |
2544 | connection->tls_state = MHD_TLS_CONN_INIT; | 2556 | connection->tls_state = MHD_TLS_CONN_INIT; |
2545 | MHD_set_https_callbacks (connection); | 2557 | MHD_set_https_callbacks (connection); |
2546 | gnutls_init (&connection->tls_session, | 2558 | gnutls_init (&connection->tls_session, |
@@ -4930,6 +4942,9 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
4930 | #if GNUTLS_VERSION_MAJOR >= 3 | 4942 | #if GNUTLS_VERSION_MAJOR >= 3 |
4931 | gnutls_certificate_retrieve_function2 *pgcrf; | 4943 | gnutls_certificate_retrieve_function2 *pgcrf; |
4932 | #endif | 4944 | #endif |
4945 | #if GNUTLS_VERSION_NUMBER >= 0x030603 | ||
4946 | gnutls_certificate_retrieve_function3 *pgcrf2; | ||
4947 | #endif | ||
4933 | #endif /* HTTPS_SUPPORT */ | 4948 | #endif /* HTTPS_SUPPORT */ |
4934 | 4949 | ||
4935 | while (MHD_OPTION_END != (opt = (enum MHD_OPTION) va_arg (ap, int))) | 4950 | while (MHD_OPTION_END != (opt = (enum MHD_OPTION) va_arg (ap, int))) |
@@ -5196,6 +5211,26 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
5196 | #endif | 5211 | #endif |
5197 | break; | 5212 | break; |
5198 | #endif | 5213 | #endif |
5214 | case MHD_OPTION_HTTPS_CERT_CALLBACK2: | ||
5215 | #if GNUTLS_VERSION_NUMBER < 0x030603 | ||
5216 | #ifdef HAVE_MESSAGES | ||
5217 | MHD_DLOG (daemon, | ||
5218 | _("MHD_OPTION_HTTPS_CERT_CALLBACK2 requires building MHD with GnuTLS >= 3.6.3\n")); | ||
5219 | #endif | ||
5220 | return MHD_NO; | ||
5221 | #else | ||
5222 | pgcrf2 = va_arg (ap, | ||
5223 | gnutls_certificate_retrieve_function3 *); | ||
5224 | if (0 != (daemon->options & MHD_USE_TLS)) | ||
5225 | daemon->cert_callback2 = pgcrf2; | ||
5226 | else | ||
5227 | #ifdef HAVE_MESSAGES | ||
5228 | MHD_DLOG (daemon, | ||
5229 | _("MHD HTTPS option %d passed to MHD but MHD_USE_TLS not set\n"), | ||
5230 | opt); | ||
5231 | #endif | ||
5232 | break; | ||
5233 | #endif | ||
5199 | #endif /* HTTPS_SUPPORT */ | 5234 | #endif /* HTTPS_SUPPORT */ |
5200 | #ifdef DAUTH_SUPPORT | 5235 | #ifdef DAUTH_SUPPORT |
5201 | case MHD_OPTION_DIGEST_AUTH_RANDOM: | 5236 | case MHD_OPTION_DIGEST_AUTH_RANDOM: |
@@ -5347,6 +5382,7 @@ parse_options_va (struct MHD_Daemon *daemon, | |||
5347 | case MHD_OPTION_HTTPS_PRIORITIES: | 5382 | case MHD_OPTION_HTTPS_PRIORITIES: |
5348 | case MHD_OPTION_ARRAY: | 5383 | case MHD_OPTION_ARRAY: |
5349 | case MHD_OPTION_HTTPS_CERT_CALLBACK: | 5384 | case MHD_OPTION_HTTPS_CERT_CALLBACK: |
5385 | case MHD_OPTION_HTTPS_CERT_CALLBACK2: | ||
5350 | if (MHD_YES != parse_options (daemon, | 5386 | if (MHD_YES != parse_options (daemon, |
5351 | servaddr, | 5387 | servaddr, |
5352 | opt, | 5388 | opt, |
@@ -6960,6 +6996,12 @@ MHD_is_feature_supported(enum MHD_FEATURE feature) | |||
6960 | #else /* !HTTPS_SUPPORT || GNUTLS_VERSION_MAJOR < 3 */ | 6996 | #else /* !HTTPS_SUPPORT || GNUTLS_VERSION_MAJOR < 3 */ |
6961 | return MHD_NO; | 6997 | return MHD_NO; |
6962 | #endif /* !HTTPS_SUPPORT || GNUTLS_VERSION_MAJOR < 3 */ | 6998 | #endif /* !HTTPS_SUPPORT || GNUTLS_VERSION_MAJOR < 3 */ |
6999 | case MHD_FEATURE_HTTPS_CERT_CALLBACK2: | ||
7000 | #if defined(HTTPS_SUPPORT) && GNUTLS_VERSION_NUMBER >= 0x030603 | ||
7001 | return MHD_YES; | ||
7002 | #else /* !HTTPS_SUPPORT || GNUTLS_VERSION_NUMBER < 0x030603 */ | ||
7003 | return MHD_NO; | ||
7004 | #endif /* !HTTPS_SUPPORT || GNUTLS_VERSION_NUMBER < 0x030603 */ | ||
6963 | case MHD_FEATURE_IPv6: | 7005 | case MHD_FEATURE_IPv6: |
6964 | #ifdef HAVE_INET6 | 7006 | #ifdef HAVE_INET6 |
6965 | return MHD_YES; | 7007 | return MHD_YES; |
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h index 8dc813a2..1f5aeaf3 100644 --- a/src/microhttpd/internal.h +++ b/src/microhttpd/internal.h | |||
@@ -1670,6 +1670,14 @@ struct MHD_Daemon | |||
1670 | void *cred_callback_cls; | 1670 | void *cred_callback_cls; |
1671 | #endif | 1671 | #endif |
1672 | 1672 | ||
1673 | #if GNUTLS_VERSION_NUMBER >= 0x030603 | ||
1674 | /** | ||
1675 | * Function that can be used to obtain the certificate. Needed | ||
1676 | * for OCSP stapling support. See #MHD_OPTION_HTTPS_CERT_CALLBACK2. | ||
1677 | */ | ||
1678 | gnutls_certificate_retrieve_function3 *cert_callback2; | ||
1679 | #endif | ||
1680 | |||
1673 | /** | 1681 | /** |
1674 | * Pointer to our SSL/TLS key (in ASCII) in memory. | 1682 | * Pointer to our SSL/TLS key (in ASCII) in memory. |
1675 | */ | 1683 | */ |
diff --git a/src/microhttpd/response.c b/src/microhttpd/response.c index 035e3054..e9d5a4bf 100644 --- a/src/microhttpd/response.c +++ b/src/microhttpd/response.c | |||
@@ -400,7 +400,6 @@ MHD_create_response_from_callback (uint64_t size, | |||
400 | return response; | 400 | return response; |
401 | } | 401 | } |
402 | 402 | ||
403 | |||
404 | /** | 403 | /** |
405 | * Set special flags and options for a response. | 404 | * Set special flags and options for a response. |
406 | * | 405 | * |
@@ -425,6 +424,15 @@ MHD_set_response_options (struct MHD_Response *response, | |||
425 | { | 424 | { |
426 | switch (ro) | 425 | switch (ro) |
427 | { | 426 | { |
427 | case MHD_RO_FREE_FUNCTION: | ||
428 | va_start (ap, flags); | ||
429 | if (NULL != (response->crfc = va_arg (ap, MHD_ContentReaderFreeCallback))) { | ||
430 | ret = MHD_YES; | ||
431 | } else { | ||
432 | ret = MHD_NO; | ||
433 | } | ||
434 | va_end (ap); | ||
435 | break; | ||
428 | default: | 436 | default: |
429 | ret = MHD_NO; | 437 | ret = MHD_NO; |
430 | break; | 438 | break; |