uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)
SVN-Revision: 27686
This commit is contained in:
Jo-Philipp Wich
parent
75d2ba7a5c
commit
6576d110d2
6 changed files with 98 additions and 27 deletions
|
|
@ -8,10 +8,12 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=uhttpd
|
||||
PKG_RELEASE:=23
|
||||
PKG_RELEASE:=24
|
||||
|
||||
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
|
||||
PKG_BUILD_DEPENDS := libcyassl liblua
|
||||
PKG_CONFIG_DEPENDS := \
|
||||
CONFIG_PACKAGE_uhttpd-mod-tls_cyassl \
|
||||
CONFIG_PACKAGE_uhttpd-mod-tls_openssl
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
|
|
@ -38,13 +40,39 @@ endef
|
|||
define Package/uhttpd-mod-tls
|
||||
$(Package/uhttpd/default)
|
||||
TITLE+= (TLS plugin)
|
||||
DEPENDS:=uhttpd +libcyassl
|
||||
DEPENDS:=uhttpd +PACKAGE_uhttpd-mod-tls_cyassl:libcyassl +PACKAGE_uhttpd-mod-tls_openssl:libopenssl
|
||||
endef
|
||||
|
||||
define Package/uhttpd-mod-tls/description
|
||||
The TLS plugin adds HTTPS support to uHTTPd.
|
||||
endef
|
||||
|
||||
define Package/uhttpd-mod-tls/config
|
||||
choice
|
||||
depends on PACKAGE_uhttpd-mod-tls
|
||||
prompt "TLS Provider"
|
||||
default PACKAGE_uhttpd-mod-tls_cyassl
|
||||
|
||||
config PACKAGE_uhttpd-mod-tls_cyassl
|
||||
bool "CyaSSL"
|
||||
|
||||
config PACKAGE_uhttpd-mod-tls_openssl
|
||||
bool "OpenSSL"
|
||||
endchoice
|
||||
endef
|
||||
|
||||
UHTTPD_TLS:=
|
||||
TLS_CFLAGS:=
|
||||
|
||||
ifneq ($(CONFIG_PACKAGE_uhttpd-mod-tls_cyassl),)
|
||||
UHTTPD_TLS:=cyassl
|
||||
TLS_CFLAGS:=-I$(STAGING_DIR)/usr/include/cyassl
|
||||
endif
|
||||
|
||||
ifneq ($(CONFIG_PACKAGE_uhttpd-mod-tls_openssl),)
|
||||
UHTTPD_TLS:=openssl
|
||||
endif
|
||||
|
||||
|
||||
define Package/uhttpd-mod-lua
|
||||
$(Package/uhttpd/default)
|
||||
|
|
@ -57,10 +85,8 @@ define Package/uhttpd-mod-lua/description
|
|||
endef
|
||||
|
||||
|
||||
# hack to use CyASSL headers
|
||||
TARGET_CFLAGS += -I$(firstword $(wildcard $(BUILD_DIR)/cyassl-*/include))
|
||||
TARGET_LDFLAGS += -lm
|
||||
MAKE_VARS += FPIC="$(FPIC)"
|
||||
TARGET_CFLAGS += $(TLS_CFLAGS)
|
||||
MAKE_VARS += FPIC="$(FPIC)" UHTTPD_TLS="$(UHTTPD_TLS)"
|
||||
|
||||
define Build/Prepare
|
||||
mkdir -p $(PKG_BUILD_DIR)
|
||||
|
|
|
|||
|
|
@ -1,17 +1,28 @@
|
|||
CGI_SUPPORT ?= 1
|
||||
LUA_SUPPORT ?= 1
|
||||
TLS_SUPPORT ?= 1
|
||||
UHTTPD_TLS ?= cyassl
|
||||
|
||||
CFLAGS ?= -I./lua-5.1.4/src -I./cyassl-1.4.0/include -O0 -ggdb3
|
||||
LDFLAGS ?= -L./lua-5.1.4/src -L./cyassl-1.4.0/src/.libs
|
||||
CFLAGS ?= -I./lua-5.1.4/src -I$(TLS_INCLUDE_DIR) -O0 -ggdb3
|
||||
LDFLAGS ?= -L./lua-5.1.4/src -L$(TLS_LIB_DIR)
|
||||
|
||||
CFLAGS += -Wall --std=gnu99
|
||||
|
||||
OBJ = uhttpd.o uhttpd-file.o uhttpd-utils.o
|
||||
LIB = -Wl,--export-dynamic -lcrypt -ldl
|
||||
ifeq ($(UHTTPD_TLS),openssl)
|
||||
TLS_LDFLAGS := -lssl
|
||||
TLS_INCLUDE_DIR := ./openssl-0.9.8m/include
|
||||
TLS_LIB_DIR := ./openssl-0.9.8m
|
||||
else
|
||||
TLS_LDFLAGS := -lcyassl
|
||||
TLS_INCLUDE_DIR := ./cyassl-1.4.0/include
|
||||
TLS_LIB_DIR := ./cyassl-1.4.0/src/.libs
|
||||
endif
|
||||
|
||||
TLSLIB =
|
||||
LUALIB =
|
||||
OBJ := uhttpd.o uhttpd-file.o uhttpd-utils.o
|
||||
LIB := -Wl,--export-dynamic -lcrypt -ldl
|
||||
|
||||
TLSLIB :=
|
||||
LUALIB :=
|
||||
|
||||
HAVE_SHADOW=$(shell echo 'int main(void){ return !getspnam("root"); }' | \
|
||||
$(CC) -include shadow.h -xc -o/dev/null - 2>/dev/null && echo yes)
|
||||
|
|
@ -29,7 +40,7 @@ endif
|
|||
|
||||
ifeq ($(LUA_SUPPORT),1)
|
||||
CFLAGS += -DHAVE_LUA
|
||||
LUALIB = uhttpd_lua.so
|
||||
LUALIB := uhttpd_lua.so
|
||||
|
||||
$(LUALIB): uhttpd-lua.c
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
|
||||
|
|
@ -39,11 +50,11 @@ endif
|
|||
|
||||
ifeq ($(TLS_SUPPORT),1)
|
||||
CFLAGS += -DHAVE_TLS
|
||||
TLSLIB = uhttpd_tls.so
|
||||
TLSLIB := uhttpd_tls.so
|
||||
|
||||
$(TLSLIB): uhttpd-tls.c
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
|
||||
-shared -lcyassl \
|
||||
-shared $(TLS_LDFLAGS) \
|
||||
-o $(TLSLIB) uhttpd-tls.c
|
||||
endif
|
||||
|
||||
|
|
@ -55,4 +66,3 @@ compile: $(OBJ) $(TLSLIB) $(LUALIB)
|
|||
|
||||
clean:
|
||||
rm -f *.o *.so uhttpd
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,8 @@
|
|||
|
||||
SSL_CTX * uh_tls_ctx_init()
|
||||
{
|
||||
SSL_CTX *c = NULL;
|
||||
SSL_CTX *c;
|
||||
|
||||
SSL_load_error_strings();
|
||||
SSL_library_init();
|
||||
|
||||
|
|
@ -59,13 +60,36 @@ void uh_tls_ctx_free(struct listener *l)
|
|||
}
|
||||
|
||||
|
||||
void uh_tls_client_accept(struct client *c)
|
||||
int uh_tls_client_accept(struct client *c)
|
||||
{
|
||||
int rv;
|
||||
|
||||
if( c->server && c->server->tls )
|
||||
{
|
||||
c->tls = SSL_new(c->server->tls);
|
||||
SSL_set_fd(c->tls, c->socket);
|
||||
if( c->tls )
|
||||
{
|
||||
if( (rv = SSL_set_fd(c->tls, c->socket)) < 1 )
|
||||
goto cleanup;
|
||||
if( (rv = SSL_accept(c->tls)) < 1 )
|
||||
goto cleanup;
|
||||
}
|
||||
else
|
||||
rv = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
c->tls = NULL;
|
||||
rv = 1;
|
||||
}
|
||||
|
||||
done:
|
||||
return rv;
|
||||
|
||||
cleanup:
|
||||
SSL_free(c->tls);
|
||||
c->tls = NULL;
|
||||
goto done;
|
||||
}
|
||||
|
||||
int uh_tls_client_recv(struct client *c, void *buf, int len)
|
||||
|
|
@ -90,5 +114,3 @@ void uh_tls_client_close(struct client *c)
|
|||
c->tls = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -26,10 +26,9 @@ int uh_tls_ctx_cert(SSL_CTX *c, const char *file);
|
|||
int uh_tls_ctx_key(SSL_CTX *c, const char *file);
|
||||
void uh_tls_ctx_free(struct listener *l);
|
||||
|
||||
void uh_tls_client_accept(struct client *c);
|
||||
int uh_tls_client_accept(struct client *c);
|
||||
int uh_tls_client_recv(struct client *c, void *buf, int len);
|
||||
int uh_tls_client_send(struct client *c, void *buf, int len);
|
||||
void uh_tls_client_close(struct client *c);
|
||||
|
||||
#endif
|
||||
|
||||
|
|
|
|||
|
|
@ -512,7 +512,22 @@ static void uh_mainloop(struct config *conf, fd_set serv_fds, int max_fd)
|
|||
#ifdef HAVE_TLS
|
||||
/* setup client tls context */
|
||||
if( conf->tls )
|
||||
conf->tls_accept(cl);
|
||||
{
|
||||
if( conf->tls_accept(cl) < 1 )
|
||||
{
|
||||
fprintf(stderr,
|
||||
"tls_accept failed, "
|
||||
"connection dropped\n");
|
||||
|
||||
/* close client socket */
|
||||
close(new_fd);
|
||||
|
||||
/* remove from global client list */
|
||||
uh_client_remove(new_fd);
|
||||
|
||||
continue;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* add client socket to global fdset */
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ struct config {
|
|||
int (*tls_cert) (SSL_CTX *c, const char *file);
|
||||
int (*tls_key) (SSL_CTX *c, const char *file);
|
||||
void (*tls_free) (struct listener *l);
|
||||
void (*tls_accept) (struct client *c);
|
||||
int (*tls_accept) (struct client *c);
|
||||
void (*tls_close) (struct client *c);
|
||||
int (*tls_recv) (struct client *c, void *buf, int len);
|
||||
int (*tls_send) (struct client *c, void *buf, int len);
|
||||
|
|
@ -159,4 +159,3 @@ struct interpreter {
|
|||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue