discontinued / server · Commits

Commit f1215c675853ddf876f69cc40f955810fcb42af4

Authored by Georg Hopp
1 parent 4893b417

closes #19: first integration of OpenSSL...this makes leak testing with valgrind… 

… a pain so i will think about some conditional to activate and deactivate it. Additionally it seems that some memory will be left over somewhere, maybe i missed somed cleanup function i have to call and finally the integration really needs error handling.
Inline Side-by-side
Showing 9 changed files with 123 additions and 12 deletions
  1 +-----BEGIN CERTIFICATE-----
  2 +MIICrzCCAhgCCQDgHe3rh23alDANBgkqhkiG9w0BAQUFADCBmzELMAkGA1UEBhMC
  3 +REUxEDAOBgNVBAgMB0hhbWJ1cmcxEDAOBgNVBAcMB0hhbWJ1cmcxGjAYBgNVBAoM
  4 +EVdlaXJkIFdlYiBXb3JrZXJzMRQwEgYDVQQLDAtkZXZlbG9wbWVudDETMBEGA1UE
  5 +AwwKR2VvcmcgSG9wcDEhMB8GCSqGSIb3DQEJARYSZ2VvcmdAc3RlZmZlcnMub3Jn
  6 +MB4XDTEyMDMwOTExMjUxOVoXDTEzMDMwOTExMjUxOVowgZsxCzAJBgNVBAYTAkRF
  7 +MRAwDgYDVQQIDAdIYW1idXJnMRAwDgYDVQQHDAdIYW1idXJnMRowGAYDVQQKDBFX
  8 +ZWlyZCBXZWIgV29ya2VyczEUMBIGA1UECwwLZGV2ZWxvcG1lbnQxEzARBgNVBAMM
  9 +Ckdlb3JnIEhvcHAxITAfBgkqhkiG9w0BCQEWEmdlb3JnQHN0ZWZmZXJzLm9yZzCB
  10 +nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt5ntW8UUwImTL0s3l7Jm2AkMqBvk
  11 ++XCDjkO3g89dxfYyRaYjluANnUqeg/ilF2ZcxI/8GVlCBTDbsJeQXFtlRFr94S2d
  12 +i1358dZkjGIQAutmtwf8L1nbYi6mtvS6wBWJhtE9baPfj6HDRePnAC/YtKunKfz9
  13 +5TbOj+/2vjj//I8CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCWVZuqshFdOC3Vmf/7
  14 +CKrtA8/da2tgOIFB60LwGwcWicM3m/VIS6RPf3Ui/sUDFMempkmtkUYflr58T901
  15 +SAV5YubjNV3oaOySqDozsvfLsAxb7EUXk4VqY/g5VkK+pUxVAfE1biqf6LhPHzRd
  16 +KJrq5muIGeVx3YX1G9A1gdI0YQ==
  17 +-----END CERTIFICATE-----
  1 +-----BEGIN RSA PRIVATE KEY-----
  2 +MIICXgIBAAKBgQC3me1bxRTAiZMvSzeXsmbYCQyoG+T5cIOOQ7eDz13F9jJFpiOW
  3 +4A2dSp6D+KUXZlzEj/wZWUIFMNuwl5BcW2VEWv3hLZ2LXfnx1mSMYhAC62a3B/wv
  4 +WdtiLqa29LrAFYmG0T1to9+PocNF4+cAL9i0q6cp/P3lNs6P7/a+OP/8jwIDAQAB
  5 +AoGAMbOEkpwmQvy7EElvUixkNMU2XOe4M2Im6sMgEZl4DBfaggo4hiY+6T6C7LzJ
  6 +jC0Unc1QdFg6TAdu4T4WQToojkODjEXWd/QRltxJjkCz2vrDp68JldzfTovE2HDn
  7 +k5MQvUZCrH1jFnvzwC1Ak+X4ON5hlsu67u2EYNTfdEeTI6ECQQDwm6DNNjsGynGy
  8 +W+zCCGTPjuwYHG7zjaGQw9Ng7g+SyYHkg0zSsxcVpwKwI3m3Iuju1O85pgcl/Bj9
  9 +UDuPdtLxAkEAw1i3ZyGxW/CHmk8mG4w31eC7loyjFgN51lSJE7DrZ3VtKnzRwUrk
  10 +EEUgQMh1RxWKTc5F8QvmMpkWJha2+FTHfwJBALDtwBEnD8CunWzKrA8CnR8DuhkA
  11 +z5XJUEVjusxMQqduBlZDNvq5NwB1D0T20UoaIa9+ZWu+6wLDnpynoySb/AECQQDB
  12 +EDY63EbQqfkrHdx4z20DmZdsZFRuVkMc+/F6H5mYZ6rbmf8ofR7HoboNrNCTz4sf
  13 ++KSRZgQ9r6T/QeXVqtx7AkEApiC8VAYhH0Dz+Y6QSRqwjOww0kDBCnFlrdn+oyG4
  14 +kAC34PCOFHzvSsJ3tjcAwNJgcaN/qw49DRnHBlwti6gyBg==
  15 +-----END RSA PRIVATE KEY-----
@@ -29,6 +29,8 @@ @@ -29,6 +29,8 @@
29 #include <stdio.h> // for printf() and fprintf() 29 #include <stdio.h> // for printf() and fprintf()
30 #include <poll.h> // for poll system call and related 30 #include <poll.h> // for poll system call and related
31 31
  32 +#include <openssl/ssl.h>
  33 +
32 #include "class.h" 34 #include "class.h"
33 #include "socket.h" 35 #include "socket.h"
34 #include "logger.h" 36 #include "logger.h"
@@ -43,6 +45,8 @@ struct conns { @@ -43,6 +45,8 @@ struct conns {
43 CLASS(Server) { 45 CLASS(Server) {
44 Logger logger; 46 Logger logger;
45 Sock sock; 47 Sock sock;
  48 + Sock sockSSL;
  49 + SSL_CTX * ctx;
46 void * worker; 50 void * worker;
47 51
48 nfds_t nfds; 52 nfds_t nfds;
@@ -24,6 +24,9 @@ @@ -24,6 +24,9 @@
24 #include <unistd.h> 24 #include <unistd.h>
25 #include <stdlib.h> 25 #include <stdlib.h>
26 26
  27 +#include <openssl/ssl.h>
  28 +#include <openssl/err.h>
  29 +
27 #include "class.h" 30 #include "class.h"
28 #include "server.h" 31 #include "server.h"
29 #include "socket.h" 32 #include "socket.h"
@@ -57,16 +60,36 @@ serverCtor(void * _this, va_list * params) @@ -57,16 +60,36 @@ serverCtor(void * _this, va_list * params)
57 60
58 this->fds = calloc(sizeof(struct pollfd), this->max_fds); 61 this->fds = calloc(sizeof(struct pollfd), this->max_fds);
59 this->conns = calloc(sizeof(struct conns), this->max_fds); 62 this->conns = calloc(sizeof(struct conns), this->max_fds);
60 - this->sock = new(Sock, this->logger, port);  
61 63
  64 + this->sock = new(Sock, this->logger, port);
62 flags = fcntl(this->sock->handle, F_GETFL, 0); 65 flags = fcntl(this->sock->handle, F_GETFL, 0);
63 fcntl(this->sock->handle, F_SETFL, flags | O_NONBLOCK); 66 fcntl(this->sock->handle, F_SETFL, flags | O_NONBLOCK);
64 67
  68 + this->sockSSL = new(Sock, this->logger, port+1);
  69 + flags = fcntl(this->sockSSL->handle, F_GETFL, 0);
  70 + fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK);
  71 +
  72 + SSL_library_init();
  73 + SSL_load_error_strings();
  74 + this->ctx = SSL_CTX_new(SSLv23_server_method());
  75 + SSL_CTX_use_certificate_file(
  76 + this->ctx,
  77 + "./certs/server.crt",
  78 + SSL_FILETYPE_PEM);
  79 +
  80 + SSL_CTX_use_RSAPrivateKey_file(
  81 + this->ctx,
  82 + "./certs/server.key",
  83 + SSL_FILETYPE_PEM);
  84 +
65 socketListen(this->sock, backlog); 85 socketListen(this->sock, backlog);
  86 + socketListen(this->sockSSL, backlog);
66 87
67 (this->fds)[0].fd = this->sock->handle; 88 (this->fds)[0].fd = this->sock->handle;
68 (this->fds)[0].events = POLLIN; 89 (this->fds)[0].events = POLLIN;
69 - this->nfds = 1; 90 + (this->fds)[1].fd = this->sockSSL->handle;
  91 + (this->fds)[1].events = POLLIN;
  92 + this->nfds = 2;
70 93
71 return 0; 94 return 0;
72 } 95 }
@@ -80,8 +103,16 @@ serverDtor(void * _this) @@ -80,8 +103,16 @@ serverDtor(void * _this)
80 103
81 for (i=0; i<this->nfds; i++) { 104 for (i=0; i<this->nfds; i++) {
82 if (this->sock->handle != (this->fds)[i].fd) { 105 if (this->sock->handle != (this->fds)[i].fd) {
  106 + Stream st = (this->conns[(this->fds)[i].fd]).stream;
  107 +
83 delete((this->conns[(this->fds)[i].fd]).sock); 108 delete((this->conns[(this->fds)[i].fd]).sock);
84 delete((this->conns[(this->fds)[i].fd]).worker); 109 delete((this->conns[(this->fds)[i].fd]).worker);
  110 +
  111 + if (NULL != st && STREAM_SSL == st->type) {
  112 + SSL_shutdown((st->handle).ssl);
  113 + SSL_free((st->handle).ssl);
  114 + }
  115 +
85 delete((this->conns[(this->fds)[i].fd]).stream); 116 delete((this->conns[(this->fds)[i].fd]).stream);
86 } 117 }
87 } 118 }
@@ -90,6 +121,9 @@ serverDtor(void * _this) @@ -90,6 +121,9 @@ serverDtor(void * _this)
90 FREE(this->conns); 121 FREE(this->conns);
91 122
92 delete(this->sock); 123 delete(this->sock);
  124 + delete(this->sockSSL);
  125 + SSL_CTX_free(this->ctx);
  126 + ERR_free_strings();
93 } 127 }
94 128
95 INIT_IFACE(Class, serverCtor, serverDtor, NULL); 129 INIT_IFACE(Class, serverCtor, serverDtor, NULL);
@@ -25,14 +25,21 @@ @@ -25,14 +25,21 @@
25 25
26 #include "server.h" 26 #include "server.h"
27 #include "interface/class.h" 27 #include "interface/class.h"
  28 +#include "stream.h"
28 29
29 void 30 void
30 serverCloseConn(Server this, unsigned int i) 31 serverCloseConn(Server this, unsigned int i)
31 { 32 {
32 - int fd = (this->fds)[i].fd; 33 + int fd = (this->fds)[i].fd;
  34 + Stream st = (this->conns[(this->fds)[i].fd]).stream;
33 35
34 delete((this->conns)[fd].sock); 36 delete((this->conns)[fd].sock);
35 delete((this->conns)[fd].worker); 37 delete((this->conns)[fd].worker);
  38 +
  39 + if (NULL != st && STREAM_SSL == st->type) {
  40 + SSL_shutdown((st->handle).ssl);
  41 + }
  42 +
36 delete((this->conns)[fd].stream); 43 delete((this->conns)[fd].stream);
37 44
38 memset(&(this->fds[i]), 0, sizeof(struct pollfd)); 45 memset(&(this->fds[i]), 0, sizeof(struct pollfd));
@@ -24,6 +24,8 @@ @@ -24,6 +24,8 @@
24 #include <stdio.h> 24 #include <stdio.h>
25 #include <stdlib.h> 25 #include <stdlib.h>
26 26
  27 +#include <openssl/ssl.h>
  28 +
27 #include "http/worker.h" 29 #include "http/worker.h"
28 #include "server.h" 30 #include "server.h"
29 #include "interface/class.h" 31 #include "interface/class.h"
@@ -31,16 +33,37 @@ @@ -31,16 +33,37 @@
31 #include "stream.h" 33 #include "stream.h"
32 34
33 int 35 int
34 -serverHandleAccept(Server this) 36 +serverHandleAccept(Server this, unsigned int i)
35 { 37 {
36 - char remoteAddr[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";  
37 - Sock acc = NULL; 38 + char remoteAddr[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
  39 + Sock acc = NULL;
  40 + Stream st;
38 41
39 if (this->nfds >= this->max_fds) { 42 if (this->nfds >= this->max_fds) {
40 return -1; 43 return -1;
41 } 44 }
42 45
43 - acc = socketAccept(this->sock, &remoteAddr); 46 + switch(i) {
  47 + case 0:
  48 + // no SSL
  49 + acc = socketAccept(this->sock, &remoteAddr);
  50 + st = new(Stream, STREAM_FD, acc->handle);
  51 + break;
  52 +
  53 + case 1:
  54 + // SSL
  55 + {
  56 + SSL * ssl = SSL_new(this->ctx);
  57 + acc = socketAccept(this->sockSSL, &remoteAddr);
  58 + SSL_set_fd(ssl, acc->handle);
  59 + SSL_accept(ssl);
  60 + st = new(Stream, STREAM_SSL, ssl);
  61 + }
  62 + break;
  63 +
  64 + default:
  65 + break;
  66 + }
44 67
45 if (-1 != acc->handle) { 68 if (-1 != acc->handle) {
46 // save the socket handle 69 // save the socket handle
@@ -48,7 +71,7 @@ serverHandleAccept(Server this) @@ -48,7 +71,7 @@ serverHandleAccept(Server this)
48 71
49 // clone worker 72 // clone worker
50 (this->conns)[acc->handle].worker = clone(this->worker); 73 (this->conns)[acc->handle].worker = clone(this->worker);
51 - (this->conns)[acc->handle].stream = new(Stream, STREAM_FD, acc->handle); 74 + (this->conns)[acc->handle].stream = st;
52 75
53 (this->fds)[this->nfds].fd = acc->handle; 76 (this->fds)[this->nfds].fd = acc->handle;
54 (this->fds)[this->nfds].events = POLLIN; 77 (this->fds)[this->nfds].events = POLLIN;
@@ -38,7 +38,7 @@ serverPoll(Server this) { @@ -38,7 +38,7 @@ serverPoll(Server this) {
38 /** 38 /**
39 * put all closed fds to end of array in O(this->nfds) 39 * put all closed fds to end of array in O(this->nfds)
40 */ 40 */
41 - struct pollfd * fda = &(this->fds[1]); 41 + struct pollfd * fda = &(this->fds[2]);
42 struct pollfd * fdb = &(this->fds[this->nfds-1]); 42 struct pollfd * fdb = &(this->fds[this->nfds-1]);
43 43
44 while (fda <= fdb) { 44 while (fda <= fdb) {
@@ -26,7 +26,7 @@ @@ -26,7 +26,7 @@
26 #include "utils/signalHandling.h" 26 #include "utils/signalHandling.h"
27 27
28 int serverPoll(Server); 28 int serverPoll(Server);
29 -int serverHandleAccept(Server); 29 +int serverHandleAccept(Server, unsigned int);
30 void serverCloseConn(Server, unsigned int); 30 void serverCloseConn(Server, unsigned int);
31 ssize_t serverRead(Server, unsigned int); 31 ssize_t serverRead(Server, unsigned int);
32 ssize_t serverWrite(Server, unsigned int); 32 ssize_t serverWrite(Server, unsigned int);
@@ -50,12 +50,22 @@ serverRun(Server this) @@ -50,12 +50,22 @@ serverRun(Server this)
50 */ 50 */
51 if (0 != ((this->fds)[0].revents & POLLIN)) { 51 if (0 != ((this->fds)[0].revents & POLLIN)) {
52 events--; 52 events--;
53 - while(-1 != serverHandleAccept(this) && 0 < naccs) { 53 + while(-1 != serverHandleAccept(this, 0) && 0 < naccs) {
54 naccs--; 54 naccs--;
55 } 55 }
56 } 56 }
57 57
58 - for (i=1; i < this->nfds; i++) { 58 + /**
  59 + * handle accept SSL
  60 + */
  61 + if (0 != ((this->fds)[1].revents & POLLIN)) {
  62 + events--;
  63 + while(-1 != serverHandleAccept(this, 1) && 0 < naccs) {
  64 + naccs--;
  65 + }
  66 + }
  67 +
  68 + for (i=2; i < this->nfds; i++) {
59 int nreads = 10, nwrites = 10; 69 int nreads = 10, nwrites = 10;
60 70
61 /** 71 /**
@@ -40,6 +40,7 @@ @@ -40,6 +40,7 @@
40 #include "http/worker.h" 40 #include "http/worker.h"
41 41
42 #include "interface/class.h" 42 #include "interface/class.h"
  43 +#include "interface/logger.h"
43 44
44 #include "utils/signalHandling.h" 45 #include "utils/signalHandling.h"
45 46
Please register or login to post a comment