uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)

SVN-Revision: 27686
This commit is contained in:
Jo-Philipp Wich 2011-07-18 14:18:31 +00:00
parent 75d2ba7a5c
commit 6576d110d2
6 changed files with 98 additions and 27 deletions

View File

@ -8,10 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=uhttpd
PKG_RELEASE:=23
PKG_RELEASE:=24
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
PKG_BUILD_DEPENDS := libcyassl liblua
PKG_CONFIG_DEPENDS := \
CONFIG_PACKAGE_uhttpd-mod-tls_cyassl \
CONFIG_PACKAGE_uhttpd-mod-tls_openssl
include $(INCLUDE_DIR)/package.mk
@ -38,13 +40,39 @@ endef
define Package/uhttpd-mod-tls
$(Package/uhttpd/default)
TITLE+= (TLS plugin)
DEPENDS:=uhttpd +libcyassl
DEPENDS:=uhttpd +PACKAGE_uhttpd-mod-tls_cyassl:libcyassl +PACKAGE_uhttpd-mod-tls_openssl:libopenssl
endef
define Package/uhttpd-mod-tls/description
The TLS plugin adds HTTPS support to uHTTPd.
endef
define Package/uhttpd-mod-tls/config
choice
depends on PACKAGE_uhttpd-mod-tls
prompt "TLS Provider"
default PACKAGE_uhttpd-mod-tls_cyassl
config PACKAGE_uhttpd-mod-tls_cyassl
bool "CyaSSL"
config PACKAGE_uhttpd-mod-tls_openssl
bool "OpenSSL"
endchoice
endef
UHTTPD_TLS:=
TLS_CFLAGS:=
ifneq ($(CONFIG_PACKAGE_uhttpd-mod-tls_cyassl),)
UHTTPD_TLS:=cyassl
TLS_CFLAGS:=-I$(STAGING_DIR)/usr/include/cyassl
endif
ifneq ($(CONFIG_PACKAGE_uhttpd-mod-tls_openssl),)
UHTTPD_TLS:=openssl
endif
define Package/uhttpd-mod-lua
$(Package/uhttpd/default)
@ -57,10 +85,8 @@ define Package/uhttpd-mod-lua/description
endef
# hack to use CyASSL headers
TARGET_CFLAGS += -I$(firstword $(wildcard $(BUILD_DIR)/cyassl-*/include))
TARGET_LDFLAGS += -lm
MAKE_VARS += FPIC="$(FPIC)"
TARGET_CFLAGS += $(TLS_CFLAGS)
MAKE_VARS += FPIC="$(FPIC)" UHTTPD_TLS="$(UHTTPD_TLS)"
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)

View File

@ -1,17 +1,28 @@
CGI_SUPPORT ?= 1
LUA_SUPPORT ?= 1
TLS_SUPPORT ?= 1
UHTTPD_TLS ?= cyassl
CFLAGS ?= -I./lua-5.1.4/src -I./cyassl-1.4.0/include -O0 -ggdb3
LDFLAGS ?= -L./lua-5.1.4/src -L./cyassl-1.4.0/src/.libs
CFLAGS ?= -I./lua-5.1.4/src -I$(TLS_INCLUDE_DIR) -O0 -ggdb3
LDFLAGS ?= -L./lua-5.1.4/src -L$(TLS_LIB_DIR)
CFLAGS += -Wall --std=gnu99
OBJ = uhttpd.o uhttpd-file.o uhttpd-utils.o
LIB = -Wl,--export-dynamic -lcrypt -ldl
ifeq ($(UHTTPD_TLS),openssl)
TLS_LDFLAGS := -lssl
TLS_INCLUDE_DIR := ./openssl-0.9.8m/include
TLS_LIB_DIR := ./openssl-0.9.8m
else
TLS_LDFLAGS := -lcyassl
TLS_INCLUDE_DIR := ./cyassl-1.4.0/include
TLS_LIB_DIR := ./cyassl-1.4.0/src/.libs
endif
TLSLIB =
LUALIB =
OBJ := uhttpd.o uhttpd-file.o uhttpd-utils.o
LIB := -Wl,--export-dynamic -lcrypt -ldl
TLSLIB :=
LUALIB :=
HAVE_SHADOW=$(shell echo 'int main(void){ return !getspnam("root"); }' | \
$(CC) -include shadow.h -xc -o/dev/null - 2>/dev/null && echo yes)
@ -29,7 +40,7 @@ endif
ifeq ($(LUA_SUPPORT),1)
CFLAGS += -DHAVE_LUA
LUALIB = uhttpd_lua.so
LUALIB := uhttpd_lua.so
$(LUALIB): uhttpd-lua.c
$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
@ -39,11 +50,11 @@ endif
ifeq ($(TLS_SUPPORT),1)
CFLAGS += -DHAVE_TLS
TLSLIB = uhttpd_tls.so
TLSLIB := uhttpd_tls.so
$(TLSLIB): uhttpd-tls.c
$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
-shared -lcyassl \
-shared $(TLS_LDFLAGS) \
-o $(TLSLIB) uhttpd-tls.c
endif
@ -55,4 +66,3 @@ compile: $(OBJ) $(TLSLIB) $(LUALIB)
clean:
rm -f *.o *.so uhttpd

View File

@ -23,7 +23,8 @@
SSL_CTX * uh_tls_ctx_init()
{
SSL_CTX *c = NULL;
SSL_CTX *c;
SSL_load_error_strings();
SSL_library_init();
@ -59,13 +60,36 @@ void uh_tls_ctx_free(struct listener *l)
}
void uh_tls_client_accept(struct client *c)
int uh_tls_client_accept(struct client *c)
{
int rv;
if( c->server && c->server->tls )
{
c->tls = SSL_new(c->server->tls);
SSL_set_fd(c->tls, c->socket);
if( c->tls )
{
if( (rv = SSL_set_fd(c->tls, c->socket)) < 1 )
goto cleanup;
if( (rv = SSL_accept(c->tls)) < 1 )
goto cleanup;
}
else
rv = 0;
}
else
{
c->tls = NULL;
rv = 1;
}
done:
return rv;
cleanup:
SSL_free(c->tls);
c->tls = NULL;
goto done;
}
int uh_tls_client_recv(struct client *c, void *buf, int len)
@ -90,5 +114,3 @@ void uh_tls_client_close(struct client *c)
c->tls = NULL;
}
}

View File

@ -26,10 +26,9 @@ int uh_tls_ctx_cert(SSL_CTX *c, const char *file);
int uh_tls_ctx_key(SSL_CTX *c, const char *file);
void uh_tls_ctx_free(struct listener *l);
void uh_tls_client_accept(struct client *c);
int uh_tls_client_accept(struct client *c);
int uh_tls_client_recv(struct client *c, void *buf, int len);
int uh_tls_client_send(struct client *c, void *buf, int len);
void uh_tls_client_close(struct client *c);
#endif

View File

@ -512,7 +512,22 @@ static void uh_mainloop(struct config *conf, fd_set serv_fds, int max_fd)
#ifdef HAVE_TLS
/* setup client tls context */
if( conf->tls )
conf->tls_accept(cl);
{
if( conf->tls_accept(cl) < 1 )
{
fprintf(stderr,
"tls_accept failed, "
"connection dropped\n");
/* close client socket */
close(new_fd);
/* remove from global client list */
uh_client_remove(new_fd);
continue;
}
}
#endif
/* add client socket to global fdset */

View File

@ -98,7 +98,7 @@ struct config {
int (*tls_cert) (SSL_CTX *c, const char *file);
int (*tls_key) (SSL_CTX *c, const char *file);
void (*tls_free) (struct listener *l);
void (*tls_accept) (struct client *c);
int (*tls_accept) (struct client *c);
void (*tls_close) (struct client *c);
int (*tls_recv) (struct client *c, void *buf, int len);
int (*tls_send) (struct client *c, void *buf, int len);
@ -159,4 +159,3 @@ struct interpreter {
#endif
#endif