[package] uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)

git-svn-id: svn://svn.openwrt.org/openwrt/trunk/package/uhttpd/src@27686 3c298f89-4303-0410-b956-a3cf2f4a3e73
author: jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> 2011-07-18 14:18:31 +0000
committer: jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> 2011-07-18 14:18:31 +0000
commit: 899abf342dbbf8fcf124ed0858b96ea50148b02b (patch)
tree: 05f3660ac90933f9aba6234501da3f5b11aed1e3
parent: 14589b1ba9103e2d5c2e08e1514690f957a43513 (diff)
download: uhttpd-899abf342dbbf8fcf124ed0858b96ea50148b02b.tar.gz
5 files changed, 65 insertions, 20 deletions
diff --git a/Makefile b/Makefile
index 6dcc355..e18833e 100644
--- a/Makefile
+++ b/Makefile
@@ -1,17 +1,28 @@
 CGI_SUPPORT ?= 1
 LUA_SUPPORT ?= 1
 TLS_SUPPORT ?= 1
+UHTTPD_TLS ?= cyassl
 
-CFLAGS ?= -I./lua-5.1.4/src -I./cyassl-1.4.0/include -O0 -ggdb3
-LDFLAGS ?= -L./lua-5.1.4/src -L./cyassl-1.4.0/src/.libs
+CFLAGS ?= -I./lua-5.1.4/src -I$(TLS_INCLUDE_DIR) -O0 -ggdb3
+LDFLAGS ?= -L./lua-5.1.4/src -L$(TLS_LIB_DIR)
 
 CFLAGS += -Wall --std=gnu99
 
-OBJ = uhttpd.o uhttpd-file.o uhttpd-utils.o
-LIB = -Wl,--export-dynamic -lcrypt -ldl
+ifeq ($(UHTTPD_TLS),openssl)
+  TLS_LDFLAGS := -lssl
+  TLS_INCLUDE_DIR := ./openssl-0.9.8m/include
+  TLS_LIB_DIR := ./openssl-0.9.8m
+else
+  TLS_LDFLAGS := -lcyassl
+  TLS_INCLUDE_DIR := ./cyassl-1.4.0/include
+  TLS_LIB_DIR := ./cyassl-1.4.0/src/.libs
+endif
+
+OBJ := uhttpd.o uhttpd-file.o uhttpd-utils.o
+LIB := -Wl,--export-dynamic -lcrypt -ldl
 
-TLSLIB =
-LUALIB =
+TLSLIB :=
+LUALIB :=
 
 HAVE_SHADOW=$(shell echo 'int main(void){ return !getspnam("root"); }' | \
 	$(CC) -include shadow.h -xc -o/dev/null - 2>/dev/null && echo yes)
@@ -29,7 +40,7 @@ endif
 
 ifeq ($(LUA_SUPPORT),1)
   CFLAGS += -DHAVE_LUA
-  LUALIB = uhttpd_lua.so
+  LUALIB := uhttpd_lua.so
 
   $(LUALIB): uhttpd-lua.c
 		$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
@@ -39,11 +50,11 @@ endif
 
 ifeq ($(TLS_SUPPORT),1)
   CFLAGS += -DHAVE_TLS
-  TLSLIB = uhttpd_tls.so
+  TLSLIB := uhttpd_tls.so
 
   $(TLSLIB): uhttpd-tls.c
 		$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
-			-shared -lcyassl \
+			-shared $(TLS_LDFLAGS) \
 			-o $(TLSLIB) uhttpd-tls.c
 endif
 
@@ -55,4 +66,3 @@ compile: $(OBJ) $(TLSLIB) $(LUALIB)
 
 clean:
 	rm -f *.o *.so uhttpd
-
diff --git a/uhttpd-tls.c b/uhttpd-tls.c
index 008f8e0..6beae25 100644
--- a/uhttpd-tls.c
+++ b/uhttpd-tls.c
@@ -23,7 +23,8 @@
 
 SSL_CTX * uh_tls_ctx_init()
 {
-	SSL_CTX *c = NULL;
+	SSL_CTX *c;
+
 	SSL_load_error_strings();
 	SSL_library_init();
 
@@ -59,13 +60,36 @@ void uh_tls_ctx_free(struct listener *l)
 }
 
 
-void uh_tls_client_accept(struct client *c)
+int uh_tls_client_accept(struct client *c)
 {
+	int rv;
+
 	if( c->server && c->server->tls )
 	{
 		c->tls = SSL_new(c->server->tls);
-		SSL_set_fd(c->tls, c->socket);
+		if( c->tls )
+		{
+			if( (rv = SSL_set_fd(c->tls, c->socket)) < 1 )
+				goto cleanup;
+			if( (rv = SSL_accept(c->tls)) < 1 )
+				goto cleanup;
+		}
+		else
+			rv = 0;
+	}
+	else
+	{
+		c->tls = NULL;
+		rv = 1;
 	}
+
+done:
+	return rv;
+
+cleanup:
+	SSL_free(c->tls);
+	c->tls = NULL;
+	goto done;
 }
 
 int uh_tls_client_recv(struct client *c, void *buf, int len)
@@ -90,5 +114,3 @@ void uh_tls_client_close(struct client *c)
 		c->tls = NULL;
 	}
 }
-
-
diff --git a/uhttpd-tls.h b/uhttpd-tls.h
index 4a98b78..24dfb44 100644
--- a/uhttpd-tls.h
+++ b/uhttpd-tls.h
@@ -26,10 +26,9 @@ int uh_tls_ctx_cert(SSL_CTX *c, const char *file);
 int uh_tls_ctx_key(SSL_CTX *c, const char *file);
 void uh_tls_ctx_free(struct listener *l);
 
-void uh_tls_client_accept(struct client *c);
+int uh_tls_client_accept(struct client *c);
 int uh_tls_client_recv(struct client *c, void *buf, int len);
 int uh_tls_client_send(struct client *c, void *buf, int len);
 void uh_tls_client_close(struct client *c);
 
 #endif
-
diff --git a/uhttpd.c b/uhttpd.c
index 4a3bced..3563d91 100644
--- a/uhttpd.c
+++ b/uhttpd.c
@@ -512,7 +512,22 @@ static void uh_mainloop(struct config *conf, fd_set serv_fds, int max_fd)
 #ifdef HAVE_TLS
 							/* setup client tls context */
 							if( conf->tls )
-								conf->tls_accept(cl);
+							{
+								if( conf->tls_accept(cl) < 1 )
+								{
+									fprintf(stderr,
+										"tls_accept failed, "
+										"connection dropped\n");
+
+									/* close client socket */
+									close(new_fd);
+
+									/* remove from global client list */
+									uh_client_remove(new_fd);
+
+									continue;
+								}
+							}
 #endif
 
 							/* add client socket to global fdset */
diff --git a/uhttpd.h b/uhttpd.h
index ff058d6..993bf93 100644
--- a/uhttpd.h
+++ b/uhttpd.h
@@ -98,7 +98,7 @@ struct config {
 	int (*tls_cert) (SSL_CTX *c, const char *file);
 	int (*tls_key) (SSL_CTX *c, const char *file);
 	void (*tls_free) (struct listener *l);
-	void (*tls_accept) (struct client *c);
+	int (*tls_accept) (struct client *c);
 	void (*tls_close) (struct client *c);
 	int (*tls_recv) (struct client *c, void *buf, int len);
 	int (*tls_send) (struct client *c, void *buf, int len);
@@ -159,4 +159,3 @@ struct interpreter {
 #endif
 
 #endif
-
author	jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>	2011-07-18 14:18:31 +0000
committer	jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>	2011-07-18 14:18:31 +0000
commit	899abf342dbbf8fcf124ed0858b96ea50148b02b (patch)
tree	05f3660ac90933f9aba6234501da3f5b11aed1e3
parent	14589b1ba9103e2d5c2e08e1514690f957a43513 (diff)
download	uhttpd-899abf342dbbf8fcf124ed0858b96ea50148b02b.tar.gz