diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2020-03-18 23:21:19 -0400 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2020-07-08 22:51:31 -0400 |
commit | cb753ec5b51bda3f5630409e18205f874ecce7c7 (patch) | |
tree | e959902183887aa49a4ac53590ce93d3e9e5a337 /src/network.c | |
parent | 7de51cc77bc0d7ed7f93e65ee9cbd91c5f963c1b (diff) | |
download | lighttpd-git-cb753ec5b51bda3f5630409e18205f874ecce7c7.tar.gz |
[mod_mbedtls] mbedTLS option for TLS
(experimental)
mod_mbedtls supports most ssl.* config options supported by mod_openssl
thx Ward Willats for the initial discussion and attempt in the comments
https://redmine.lighttpd.net/boards/3/topics/7029
Diffstat (limited to 'src/network.c')
-rw-r--r-- | src/network.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/network.c b/src/network.c index 05d1f074..432a0011 100644 --- a/src/network.c +++ b/src/network.c @@ -142,6 +142,7 @@ typedef struct { /* global or per-socket config; not patched per connection */ int listen_backlog; unsigned char ssl_enabled; + unsigned char mbedtls_enabled; /* TODO: more integration needed ... */ unsigned char use_ipv6; unsigned char set_v6only; /* set_v6only is only a temporary option */ unsigned char defer_accept; @@ -264,7 +265,7 @@ static int network_server_init(server *srv, network_socket_config *s, buffer *ho memcpy(&srv_socket->addr, &addr, addr_len); srv_socket->fd = -1; srv_socket->sidx = sidx; - srv_socket->is_ssl = s->ssl_enabled; + srv_socket->is_ssl = (s->ssl_enabled || s->mbedtls_enabled); srv_socket->srv = srv; srv_socket->srv_token = buffer_init_buffer(host_token); @@ -383,7 +384,7 @@ static int network_server_init(server *srv, network_socket_config *s, buffer *ho return -1; } - if (s->ssl_enabled) { + if (s->ssl_enabled || s->mbedtls_enabled) { #ifdef TCP_DEFER_ACCEPT } else if (s->defer_accept) { int v = s->defer_accept; @@ -514,6 +515,11 @@ int network_init(server *srv, int stdin_fd) { ,{ CONST_STR_LEN("server.set-v6only"), T_CONFIG_BOOL, T_CONFIG_SCOPE_CONNECTION } + #if 0 /* TODO: more integration needed ... */ + ,{ CONST_STR_LEN("mbedtls.engine"), + T_CONFIG_BOOL, + T_CONFIG_SCOPE_CONNECTION } + #endif ,{ NULL, 0, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } |