Subversion Repositories Tewi

Rev

Rev 11 | Rev 16 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 11 Rev 12
Line 1... Line 1...
1 
/* $Id: ssl.c 11 2024-09-13 12:47:34Z nishi $ */
 1 
/* $Id: ssl.c 12 2024-09-13 13:36:03Z nishi $ */
2 
 
 2 
 
3 
#include "tw_ssl.h"
 3 
#include "tw_ssl.h"
- 
 
 4 
 
- 
 
 5 
#include "tw_config.h"
- 
 
 6 
 
- 
 
 7 
#include <stdio.h>
- 
 
 8 
 
- 
 
 9 
#include <cm_log.h>
- 
 
 10 
 
- 
 
 11 
extern struct tw_config config;
- 
 
 12 
 
- 
 
 13 
int tw_ssl_cert_cb(SSL* ssl, void* arg) {
- 
 
 14 
	const char* s = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
- 
 
 15 
	if(s != NULL) {
- 
 
 16 
		cm_log("SSL", "Certificate request for %s", s);
- 
 
 17 
	} else {
- 
 
 18 
		s = config.hostname;
- 
 
 19 
		cm_log("SSL", "Could not get the servername, defaulting to the hostname: %s", s);
- 
 
 20 
	}
- 
 
 21 
	struct tw_config_entry* e = tw_vhost_match(s, (uint64_t)arg);
- 
 
 22 
	if(e != NULL && e->sslkey != NULL && e->sslcert != NULL) {
- 
 
 23 
		SSL_use_PrivateKey_file(ssl, e->sslkey, SSL_FILETYPE_PEM);
- 
 
 24 
		SSL_use_certificate_file(ssl, e->sslcert, SSL_FILETYPE_PEM);
- 
 
 25 
		return 1;
- 
 
 26 
	} else {
- 
 
 27 
		return 0;
- 
 
 28 
	}
- 
 
 29 
}
- 
 
 30 
 
- 
 
 31 
SSL_CTX* tw_create_ssl_ctx(uint64_t port) {
- 
 
 32 
	SSL_CTX* ctx = SSL_CTX_new(TLS_server_method());
- 
 
 33 
	SSL_CTX_set_cert_cb(ctx, tw_ssl_cert_cb, (void*)port);
- 
 
 34 
	return ctx;
- 
 
 35 
}