aboutsummaryrefslogtreecommitdiff
path: root/src/daemon/daemon.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon/daemon.c')
-rw-r--r--src/daemon/daemon.c97
1 files changed, 97 insertions, 0 deletions
diff --git a/src/daemon/daemon.c b/src/daemon/daemon.c
index 3578823a..cb70e9a9 100644
--- a/src/daemon/daemon.c
+++ b/src/daemon/daemon.c
@@ -29,6 +29,7 @@
29#include "response.h" 29#include "response.h"
30#include "connection.h" 30#include "connection.h"
31#include "memorypool.h" 31#include "memorypool.h"
32#include <gnutls/gnutls.h>
32 33
33/** 34/**
34 * Default connection limit. 35 * Default connection limit.
@@ -52,6 +53,12 @@
52 */ 53 */
53#define DEBUG_CONNECT MHD_NO 54#define DEBUG_CONNECT MHD_NO
54 55
56// TODO rm
57/* HTTPS file path limit, leaving room for file name */
58#define MHD_PATH_LEN 240
59
60int MHDS_init (struct MHD_Daemon *daemon);
61
55/** 62/**
56 * Obtain the select sets for this daemon. 63 * Obtain the select sets for this daemon.
57 * 64 *
@@ -174,6 +181,8 @@ MHDS_handle_connection (void *data)
174 if (con == NULL) 181 if (con == NULL)
175 abort (); 182 abort ();
176 183
184 // TODO add connection time out code
185
177 /* forward call to handler */ 186 /* forward call to handler */
178 con->daemon->default_handler (NULL, con, NULL, NULL, NULL, NULL, NULL, 187 con->daemon->default_handler (NULL, con, NULL, NULL, NULL, NULL, NULL,
179 NULL); 188 NULL);
@@ -690,6 +699,13 @@ MHD_start_daemon (unsigned int options,
690 retVal->pool_size = MHD_POOL_SIZE_DEFAULT; 699 retVal->pool_size = MHD_POOL_SIZE_DEFAULT;
691 retVal->connection_timeout = 0; /* no timeout */ 700 retVal->connection_timeout = 0; /* no timeout */
692 701
702 /* set server default document root path */
703 getcwd (retVal->doc_root, MHD_PATH_LEN);
704
705 /* initialize ssl path parameters to the local path */
706 strcpy (retVal->https_cert_path, "cert.pem");
707 strcpy (retVal->https_key_path, "key.pem");
708
693 /* initializes the argument pointer variable */ 709 /* initializes the argument pointer variable */
694 va_start (ap, dh_cls); 710 va_start (ap, dh_cls);
695 711
@@ -717,6 +733,22 @@ MHD_start_daemon (unsigned int options,
717 case MHD_OPTION_PER_IP_CONNECTION_LIMIT: 733 case MHD_OPTION_PER_IP_CONNECTION_LIMIT:
718 retVal->per_ip_connection_limit = va_arg (ap, unsigned int); 734 retVal->per_ip_connection_limit = va_arg (ap, unsigned int);
719 break; 735 break;
736 case MHD_OPTION_DOC_ROOT:
737 strncpy (retVal->doc_root, va_arg (ap, char *), MHD_PATH_LEN);
738 break;
739 case MHD_OPTION_HTTPS_KEY_PATH:
740 strncpy (retVal->https_key_path, va_arg (ap, char *), MHD_PATH_LEN);
741 strcat (retVal->https_key_path, DIR_SEPARATOR_STR);
742 strcat (retVal->https_key_path, "key.pem");
743 break;
744 case MHD_OPTION_HTTPS_CERT_PATH:
745
746 strncpy (retVal->https_cert_path,
747 va_arg (ap, char *), MHD_PATH_LEN);
748 strcat (retVal->https_cert_path, DIR_SEPARATOR_STR);
749 strcat (retVal->https_cert_path, "cert.pem");
750 break;
751
720 default: 752 default:
721#if HAVE_MESSAGES 753#if HAVE_MESSAGES
722 fprintf (stderr, 754 fprintf (stderr,
@@ -725,6 +757,29 @@ MHD_start_daemon (unsigned int options,
725 abort (); 757 abort ();
726 } 758 }
727 } 759 }
760
761 /* initialize HTTPS daemon certificate aspects */
762 if (options & MHD_USE_SSL)
763 {
764 /* test for private key & certificate file exsitance */
765 FILE *cert_file = fopen (retVal->https_cert_path, "r");
766 FILE *key_file = fopen (retVal->https_key_path, "r");
767 if (key_file == NULL || cert_file == NULL)
768 {
769 printf ("missing cert files");
770#if HAVE_MESSAGES
771 MHD_DLOG (retVal, "Missing X.509 key or certificate file\n");
772#endif
773 free (retVal);
774 CLOSE (socket_fd);
775 return NULL;
776 }
777
778 fclose (cert_file);
779 fclose (key_file);
780 MHDS_init (retVal);
781 }
782
728 va_end (ap); 783 va_end (ap);
729 if (((0 != (options & MHD_USE_THREAD_PER_CONNECTION)) || (0 != (options 784 if (((0 != (options & MHD_USE_THREAD_PER_CONNECTION)) || (0 != (options
730 & 785 &
@@ -793,9 +848,51 @@ MHD_stop_daemon (struct MHD_Daemon *daemon)
793 } 848 }
794 MHD_cleanup_connections (daemon); 849 MHD_cleanup_connections (daemon);
795 } 850 }
851
852 /* TLS clean up */
853 if (daemon->options & MHD_USE_SSL)
854 {
855 gnutls_priority_deinit (daemon->priority_cache);
856 gnutls_global_deinit ();
857 }
858
796 free (daemon); 859 free (daemon);
797} 860}
798 861
862int
863MHDS_init (struct MHD_Daemon *daemon)
864{
865 gnutls_global_init ();
866 /* Generate Diffie Hellman parameters - for use with DHE kx algorithms. */
867 gnutls_dh_params_init (&daemon->dh_params);
868 gnutls_dh_params_generate2 (daemon->dh_params, DH_BITS);
869
870 // TODO make room for cipher settings adjustment
871 gnutls_priority_init (&daemon->priority_cache,
872 "NORMAL:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL", NULL);
873
874 /* setup server certificate */
875 gnutls_certificate_allocate_credentials (&daemon->x509_cret);
876
877 // TODO remove if unused
878 /* add trusted CAs to certificate */
879 // gnutls_certificate_set_x509_trust_file(x509_cret, CAFILE,GNUTLS_X509_FMT_PEM);
880
881 /* add Certificate revocation list to certificate */
882 //gnutls_certificate_set_x509_crl_file(x509_cret, CRLFILE, GNUTLS_X509_FMT_PEM);
883
884 /* sets a certificate private key pair */
885 gnutls_certificate_set_x509_key_file (daemon->x509_cret,
886 daemon->https_cert_path,
887 daemon->https_key_path,
888 GNUTLS_X509_FMT_PEM);
889
890 gnutls_certificate_set_dh_params (daemon->x509_cret, daemon->dh_params);
891
892 // TODO address error case return value
893 return 0;
894}
895
799#ifndef WINDOWS 896#ifndef WINDOWS
800 897
801static struct sigaction sig; 898static struct sigaction sig;
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-20 03:28:56 +0000