2024-09-13 12:47:34 +00:00
|
|
|
/* $Id$ */
|
|
|
|
|
2024-09-13 15:09:52 +00:00
|
|
|
#define SOURCE
|
|
|
|
|
2024-09-13 12:47:34 +00:00
|
|
|
#include "tw_ssl.h"
|
2024-09-13 13:36:03 +00:00
|
|
|
|
|
|
|
#include "tw_config.h"
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
|
|
|
#include <cm_log.h>
|
|
|
|
|
|
|
|
extern struct tw_config config;
|
|
|
|
|
|
|
|
int tw_ssl_cert_cb(SSL* ssl, void* arg) {
|
|
|
|
const char* s = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
|
|
|
|
if(s != NULL) {
|
|
|
|
cm_log("SSL", "Certificate request for %s", s);
|
|
|
|
} else {
|
|
|
|
s = config.hostname;
|
|
|
|
cm_log("SSL", "Could not get the servername, defaulting to the hostname: %s", s);
|
|
|
|
}
|
2024-09-16 07:52:02 +00:00
|
|
|
struct tw_config_entry* e = tw_vhost_match(s, (__UINTPTR_TYPE__)arg);
|
2024-09-13 13:36:03 +00:00
|
|
|
if(e != NULL && e->sslkey != NULL && e->sslcert != NULL) {
|
|
|
|
SSL_use_PrivateKey_file(ssl, e->sslkey, SSL_FILETYPE_PEM);
|
|
|
|
SSL_use_certificate_file(ssl, e->sslcert, SSL_FILETYPE_PEM);
|
|
|
|
return 1;
|
2024-09-14 00:51:41 +00:00
|
|
|
} else if(config.root.sslkey != NULL && config.root.sslcert != NULL) {
|
|
|
|
SSL_use_PrivateKey_file(ssl, config.root.sslkey, SSL_FILETYPE_PEM);
|
|
|
|
SSL_use_certificate_file(ssl, config.root.sslcert, SSL_FILETYPE_PEM);
|
2024-09-14 09:59:15 +00:00
|
|
|
return 1;
|
2024-09-13 13:36:03 +00:00
|
|
|
} else {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-09-16 07:52:02 +00:00
|
|
|
SSL_CTX* tw_create_ssl_ctx(__UINTPTR_TYPE__ port) {
|
2024-09-13 13:36:03 +00:00
|
|
|
SSL_CTX* ctx = SSL_CTX_new(TLS_server_method());
|
|
|
|
SSL_CTX_set_cert_cb(ctx, tw_ssl_cert_cb, (void*)port);
|
|
|
|
return ctx;
|
|
|
|
}
|