ssl is now working

2025-03-15 20:28:56 +00:00 · 2019-03-11 14:44:43 +01:00 · 2019-03-11 14:44:43 +01:00 · 210eb7db07
commit 210eb7db07
parent 4399dd9001
5 changed files with 81 additions and 22 deletions
--- a/9
+++ b/9
@ -1,19 +1,18 @@
 CC       = gcc
-CFLAGS   = -std=c99 -Wall -D_POSIX_C_SOURCE=201112L -D_XOPEN_SOURCE=500 -D_GNU_SOURCE
+CFLAGS   = -std=c99 -Wall -D_POSIX_C_SOURCE=201112L -D_XOPEN_SOURCE=500 -D_GNU_SOURCE -static -g
 LD       = gcc
 LDFLAGS  = -lpthread -lrt
 BIN_NAME = cfloor
-OBJS     = obj/networking.o obj/linked.o obj/logging.o obj/signals.o obj/headers.o obj/misc.o obj/status.o obj/files.o obj/mime.o obj/cgi.o obj/util.o
+OBJS     = obj/networking.o obj/linked.o obj/logging.o obj/signals.o obj/headers.o obj/misc.o obj/status.o obj/files.o obj/mime.o obj/cgi.o obj/util.o obj/ssl.o
 DEPS     = $(OBJS:%.o=%.d)
 all: $(BIN_NAME)
 ssl: CFLAGS += -DSSL_SUPPORT -Icrypto
-ssl: LDFLAGS += -lcrypto
+ssl: LDFLAGS += -lcrypto -lssl
-ssl: OBJS += obj/ssl.o
+ssl: obj/ssl.o $(BIN_NAME)
 ssl: $(BIN_NAME)
 $(BIN_NAME): obj/main.o $(OBJS)
 	$(LD) $(LDFLAGS) -o $@ $^
--- a/src/main.c
+++ b/src/main.c
@ -9,11 +9,35 @@
 #include "files.h"
 #include "cgi.h"
 #include "util.h"
 #include "signals.h"
 #ifdef SSL_SUPPORT
 #include "ssl.h"
 #endif
 struct headers headers;
 char* documentRoot = NULL;
 void shutdownHandler() {
 	info("main: shutting down");
 	headers_free(&headers);
 	if (documentRoot != NULL)
 		free(documentRoot);
 	#ifdef SSL_SUPPORT
 	ssl_destroy();
 	#endif
 	exit(0);
 }
 void sigHandler(int signo) {
 	info("main: signal %d", signo);
 	shutdownHandler();
 }
 struct handlerSettings {
 	struct fileSettings fileSettings;
 	struct cgiSettings cgiSettings;
@ -48,7 +72,10 @@ int main(int argc, char** argv) {
 	setLogging(stderr, DEBUG, true);
 	setCriticalHandler(NULL);
-	char* documentRoot = realpath("./home/", NULL);
+	signal_setup(SIGINT, &sigHandler);
 	signal_setup(SIGTERM, &sigHandler);
 	documentRoot = realpath("./home/", NULL);
 	struct handlerSettings handlerSettings = {
 		.fileSettings =  {
@ -70,12 +97,27 @@ int main(int argc, char** argv) {
 	union userData settingsData;
 	settingsData.ptr = &handlerSettings;
-	struct headers headers = headers_create();
+	headers = headers_create();
 	headers_mod(&headers, "Server", "CFloor 0.1");
 	#ifdef SSL_SUPPORT
 	ssl_init();
 	struct ssl_settings ssl_settings = (struct ssl_settings) {
 		.privateKey = "certs/hiro.key",
 		.certificate = "certs/hiro.crt"
 	};
 	if (ssl_initSettings(&(ssl_settings)) < 0) {
 		error("main: error setting up ssl settings");
 		return 1;
 	}
 	#endif
 	struct networkingConfig config = {
 		.maxConnections = 1024,
-		.connectionTimeout = 30000,
+		.connectionTimeout = 2000,
 		.binds = {
 			.number = 1,
 			.binds = (struct bind[]) {
@ -85,7 +127,7 @@ int main(int argc, char** argv) {
 					.settings = settingsData,
 					#ifdef SSL_SUPPORT
-					.ssl_settings = NULL
+					.ssl_settings = &ssl_settings
 					#endif
 				}
 			}
@ -100,6 +142,5 @@ int main(int argc, char** argv) {
 		sleep(0xffff);
 	}
-	headers_free(&headers);
+	shutdownHandler();
 	free(documentRoot);
 }
--- a/src/networking.c
+++ b/src/networking.c
@ -73,7 +73,7 @@ void cleanup() {
 		if (connection->state != OPENED) {
 			unlink = true;
 		} else if (diffms > networkingConfig.connectionTimeout) {
-			unlink = true;
+			connection->state = ABORTED;
 		}
 		if (unlink) {	
@ -415,6 +415,7 @@ void dataHandler(int signo) {
 		struct connection* connection = link->data;
 		if (connection->state != OPENED)
 			continue;
 		connection->inUse++;
 		int tmp;
 		char c;
 		char buffer[BUFFER_LENGTH];
@ -424,6 +425,7 @@ void dataHandler(int signo) {
 		if (connection->currentHeaderLength > 0)
 			last = connection->currentHeader[connection->currentHeaderLength - 1];
 		while((tmp = read(connection->readfd, &c, 1)) > 0) {
 			printf("%c", c);
 			if (last == '\r' && c == '\n') {
 				if (dumpHeaderBuffer(&(buffer[0]), length, connection) < 0) {
 					dropConnection = true;
@ -526,6 +528,8 @@ void dataHandler(int signo) {
 			setSIGIO(connection->readfd, false);
 			connection->state = ABORTED;
 		}
 		connection->inUse--;
 	}
 }
 void* dataThread(void* ignore) {
@ -682,11 +686,17 @@ void* listenThread(void* _bind) {
 		snprintf(&(peer.portStr[0]), 5 + 1, "%d", peer.port);
 		info("networking: new connection from %s:%s", peer.addr, peer.portStr);
 		connection->readfd = tmp;
 		connection->writefd = tmp;
 		#ifdef SSL_SUPPORT
 		if (bindObj->ssl_settings != NULL) {
 			struct ssl_connection* sslConnection = ssl_initConnection(bindObj->ssl_settings, tmp);
 			if (sslConnection == NULL) {
 				free(connection);
 				close(tmp);
 				error("networking: failed to open ssl connection");
 				continue;
 			}
@ -696,8 +706,6 @@ void* listenThread(void* _bind) {
 			connection->writefd = sslConnection->writefd;
 		} else {
 			connection->sslConnection = NULL;
 			connection->readfd = tmp;
 			connection->writefd = tmp;
 		}
 		#endif
--- a/src/ssl.c
+++ b/src/ssl.c
@ -1,16 +1,18 @@
 #ifdef SSL_SUPPORT
 #include <stdlib.h>
 #include <errno.h>
 #include <string.h>
 #include <pthread.h>
 #include <unistd.h>
 #include <openssl/applink.c>
 #include <openssl/bio.h>
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include "ssl.h"
 #include "logging.h"
 #include "misc.h"
 void ssl_init() {
 	SSL_load_error_strings();
@ -26,7 +28,7 @@ int ssl_initSettings(struct ssl_settings* settings) {
 	SSL_CTX* ctx = SSL_CTX_new( SSLv23_server_method());
 	SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
-	if (!SSL_CTX_use_certificate_file(sslctx, settings->certificate, SSL_FILETYPE_PEM)) {
+	if (!SSL_CTX_use_certificate_file(ctx, settings->certificate, SSL_FILETYPE_PEM)) {
 		error("ssl: failed to set cert file for ctx: %s", ERR_error_string(ERR_get_error(), NULL));
 		return -1;
 	}
@ -36,7 +38,7 @@ int ssl_initSettings(struct ssl_settings* settings) {
 		return -1;
 	}
-	_private.ctx = ctx;
+	settings->_private.ctx = ctx;
 	return 0;
 }
@ -49,7 +51,9 @@ void* copyFromSslToFd(void* data) {
 		write(connection->_readfd, &b, 1);
 	}
-	close(connection->_writefd);
+	close(connection->_readfd);
 	return NULL;
 }
 void* copyFromFdToSsl(void* data) {
@ -59,6 +63,8 @@ void* copyFromFdToSsl(void* data) {
 	while(read(connection->_writefd, &b, 1) == 1) {
 		SSL_write(connection->instance, &b, 1);
 	}
 	return NULL;
 }
 struct ssl_connection* ssl_initConnection(struct ssl_settings* settings, int socket) {
@ -76,6 +82,7 @@ struct ssl_connection* ssl_initConnection(struct ssl_settings* settings, int soc
 	connection->_threads[1] = PTHREAD_NULL;
 	connection->instance = SSL_new(settings->_private.ctx);
 	info("ssl: instance created");
 	if (connection->instance == NULL) {
 		free(connection);
@ -121,11 +128,13 @@ struct ssl_connection* ssl_initConnection(struct ssl_settings* settings, int soc
 		return NULL;
 	}
 	info("ssl: copy threads started");
 	return connection;
 }
-int ssl_closeConnection(struct ssl_connection* connection) {
+void ssl_closeConnection(struct ssl_connection* connection) {
 	close(connection->writefd);
 	close(connection->readfd);
 	close(connection->_writefd);
@ -133,15 +142,17 @@ int ssl_closeConnection(struct ssl_connection* connection) {
 	if (connection->_threads[0] != PTHREAD_NULL) {
 		pthread_cancel(connection->_threads[0]);
-		pthread_join(connection->_threads[0]);
+		pthread_join(connection->_threads[0], NULL);
 	}
 	if (connection->_threads[1] != PTHREAD_NULL) {
 		pthread_cancel(connection->_threads[1]);
-		pthread_join(connection->_threads[1]);
+		pthread_join(connection->_threads[1], NULL);
 	} 
 	SSL_shutdown(connection->instance);
 	SSL_free(connection->instance);
 	free(connection);
 }
 #endif
--- a/src/ssl.h
+++ b/src/ssl.h
@ -27,6 +27,6 @@ void ssl_destroy();
 int ssl_initSettings(struct ssl_settings* settings);
 struct ssl_connection* ssl_initConnection(struct ssl_settings* settings, int socket);
-int ssl_closeConnection(struct ssl_connection* connection);
+void ssl_closeConnection(struct ssl_connection* connection);
 #endif