*/
/* create a new host */
-VLC_EXPORT( httpd_host_t *, httpd_HostNew, ( vlc_object_t *, char *psz_host, int i_port ) );
-VLC_EXPORT( httpd_host_t *, httpd_TLSHostNew, ( vlc_object_t *, char *, int, tls_server_t * ) );
+VLC_EXPORT( httpd_host_t *, httpd_HostNew, ( vlc_object_t *, const char *psz_host, int i_port ) );
+VLC_EXPORT( httpd_host_t *, httpd_TLSHostNew, ( vlc_object_t *, const char *, int, const char *, const char *, const char *, const char * ) );
/* delete a host */
VLC_EXPORT( void, httpd_HostDelete, ( httpd_host_t * ) );
#include <vlc/sout.h>
#include "vlc_httpd.h"
-#include "vlc_tls.h"
#define FREE( p ) if( p ) { free( p); (p) = NULL; }
{
sout_access_out_t *p_access = (sout_access_out_t*)p_this;
sout_access_out_sys_t *p_sys;
- tls_server_t *p_tls;
char *psz_parser, *psz_name;
char *psz_user = NULL;
char *psz_pwd = NULL;
char *psz_mime = NULL;
+ const char *psz_cert = NULL, *psz_key = NULL, *psz_ca = NULL,
+ *psz_crl = NULL;
vlc_value_t val;
if( !( p_sys = p_access->p_sys =
/* SSL support */
if( p_access->psz_access && !strcmp( p_access->psz_access, "https" ) )
{
- const char *psz_cert, *psz_key;
psz_cert = config_GetPsz( p_this, SOUT_CFG_PREFIX"cert" );
psz_key = config_GetPsz( p_this, SOUT_CFG_PREFIX"key" );
-
- p_tls = tls_ServerCreate( p_this, psz_cert, psz_key );
- if ( p_tls == NULL )
- {
- msg_Err( p_this, "TLS initialization error" );
- free( psz_file_name );
- free( psz_name );
- free( p_sys );
- return VLC_EGENERIC;
- }
-
- psz_cert = config_GetPsz( p_this, SOUT_CFG_PREFIX"ca" );
- if ( ( psz_cert != NULL) && tls_ServerAddCA( p_tls, psz_cert ) )
- {
- msg_Err( p_this, "TLS CA error" );
- tls_ServerDelete( p_tls );
- free( psz_file_name );
- free( psz_name );
- free( p_sys );
- return VLC_EGENERIC;
- }
-
- psz_cert = config_GetPsz( p_this, SOUT_CFG_PREFIX"crl" );
- if ( ( psz_cert != NULL) && tls_ServerAddCRL( p_tls, psz_cert ) )
- {
- msg_Err( p_this, "TLS CRL error" );
- tls_ServerDelete( p_tls );
- free( psz_file_name );
- free( psz_name );
- free( p_sys );
- return VLC_EGENERIC;
- }
+ psz_ca = config_GetPsz( p_this, SOUT_CFG_PREFIX"ca" );
+ psz_crl = config_GetPsz( p_this, SOUT_CFG_PREFIX"crl" );
if( i_bind_port <= 0 )
i_bind_port = DEFAULT_SSL_PORT;
}
else
{
- p_tls = NULL;
if( i_bind_port <= 0 )
i_bind_port = DEFAULT_PORT;
}
p_sys->p_httpd_host = httpd_TLSHostNew( VLC_OBJECT(p_access),
psz_bind_addr, i_bind_port,
- p_tls );
+ psz_cert, psz_key, psz_ca,
+ psz_crl );
if( p_sys->p_httpd_host == NULL )
{
msg_Err( p_access, "cannot listen on %s:%d",
psz_bind_addr, i_bind_port );
-
- if( p_tls != NULL )
- tls_ServerDelete( p_tls );
free( psz_name );
free( psz_file_name );
free( p_sys );
intf_sys_t *p_sys;
char *psz_host;
char *psz_address = "";
- const char *psz_cert;
+ const char *psz_cert = NULL, *psz_key = NULL, *psz_ca = NULL,
+ *psz_crl = NULL;
int i_port = 0;
char *psz_src;
- tls_server_t *p_tls;
psz_host = config_GetPsz( p_intf, "http-host" );
if( psz_host )
psz_cert = config_GetPsz( p_intf, "http-intf-cert" );
if ( psz_cert != NULL )
{
- const char *psz_pem;
-
msg_Dbg( p_intf, "enablind TLS for HTTP interface (cert file: %s)",
psz_cert );
- psz_pem = config_GetPsz( p_intf, "http-intf-key" );
-
- p_tls = tls_ServerCreate( p_this, psz_cert, psz_pem );
- if ( p_tls == NULL )
- {
- msg_Err( p_intf, "TLS initialization error" );
- free( p_sys->psz_html_type );
- free( p_sys );
- return VLC_EGENERIC;
- }
-
- psz_pem = config_GetPsz( p_intf, "http-intf-ca" );
- if ( ( psz_pem != NULL) && tls_ServerAddCA( p_tls, psz_pem ) )
- {
- msg_Err( p_intf, "TLS CA error" );
- tls_ServerDelete( p_tls );
- free( p_sys->psz_html_type );
- free( p_sys );
- return VLC_EGENERIC;
- }
-
- psz_pem = config_GetPsz( p_intf, "http-intf-crl" );
- if ( ( psz_pem != NULL) && tls_ServerAddCRL( p_tls, psz_pem ) )
- {
- msg_Err( p_intf, "TLS CRL error" );
- tls_ServerDelete( p_tls );
- free( p_sys->psz_html_type );
- free( p_sys );
- return VLC_EGENERIC;
- }
+ psz_key = config_GetPsz( p_intf, "http-intf-key" );
+ psz_ca = config_GetPsz( p_intf, "http-intf-ca" );
+ psz_crl = config_GetPsz( p_intf, "http-intf-crl" );
if( i_port <= 0 )
i_port = 8443;
}
else
{
- p_tls = NULL;
if( i_port <= 0 )
i_port= 8080;
}
msg_Dbg( p_intf, "base %s:%d", psz_address, i_port );
p_sys->p_httpd_host = httpd_TLSHostNew( VLC_OBJECT(p_intf), psz_address,
- i_port, p_tls );
+ i_port, psz_cert, psz_key, psz_ca,
+ psz_crl );
if( p_sys->p_httpd_host == NULL )
{
msg_Err( p_intf, "cannot listen on %s:%d", psz_address, i_port );
- if ( p_tls != NULL )
- tls_ServerDelete( p_tls );
-
free( p_sys->psz_html_type );
free( p_sys );
return VLC_EGENERIC;
static void httpd_HostThread( httpd_host_t * );
/* create a new host */
-httpd_host_t *httpd_HostNew( vlc_object_t *p_this, char *psz_host,
+httpd_host_t *httpd_HostNew( vlc_object_t *p_this, const char *psz_host,
int i_port )
{
- return httpd_TLSHostNew( p_this, psz_host, i_port, NULL );
+ return httpd_TLSHostNew( p_this, psz_host, i_port, NULL, NULL, NULL, NULL
+ );
}
-httpd_host_t *httpd_TLSHostNew( vlc_object_t *p_this, char *psz_host,
- int i_port, tls_server_t *p_tls )
+httpd_host_t *httpd_TLSHostNew( vlc_object_t *p_this, const char *psz_hostname,
+ int i_port,
+ const char *psz_cert, const char *psz_key,
+ const char *psz_ca, const char *psz_crl )
{
httpd_t *httpd;
httpd_host_t *host;
+ tls_server_t *p_tls;
+ char *psz_host;
vlc_value_t lockval;
int i;
- psz_host = strdup( psz_host );
+ psz_host = strdup( psz_hostname );
if( psz_host == NULL )
{
msg_Err( p_this, "memory error" );
if( ( httpd = vlc_object_create( p_this, VLC_OBJECT_HTTPD ) ) == NULL )
{
vlc_mutex_unlock( lockval.p_address );
+ free( psz_host );
return NULL;
}
{
host = httpd->host[i];
- /* FIXME : Cannot re-use host if it uses TLS/SSL */
- if( httpd->host[i]->p_tls != NULL )
- continue;
-
- if( ( host->i_port != i_port )
- || strcmp( host->psz_hostname, psz_host ) )
+ /* cannot mix TLS and non-TLS hosts */
+ if( ( ( httpd->host[i]->p_tls != NULL ) != ( psz_cert != NULL ) )
+ || ( host->i_port != i_port )
+ || strcmp( host->psz_hostname, psz_hostname ) )
continue;
/* yep found */
return host;
}
+ host = NULL;
+
+ /* determine TLS configuration */
+ if ( psz_cert != NULL )
+ {
+ p_tls = tls_ServerCreate( p_this, psz_cert, psz_key );
+ if ( p_tls == NULL )
+ {
+ msg_Err( p_this, "TLS initialization error" );
+ goto error;
+ }
+
+ if ( ( psz_ca != NULL) && tls_ServerAddCA( p_tls, psz_ca ) )
+ {
+ msg_Err( p_this, "TLS CA error" );
+ goto error;
+ }
+
+ if ( ( psz_crl != NULL) && tls_ServerAddCRL( p_tls, psz_crl ) )
+ {
+ msg_Err( p_this, "TLS CRL error" );
+ goto error;
+ }
+ }
+ else
+ p_tls = NULL;
+
/* create the new host */
host = vlc_object_create( p_this, sizeof( httpd_host_t ) );
host->httpd = httpd;
return host;
error:
+ free( psz_host );
if( httpd->i_host <= 0 )
{
vlc_object_release( httpd );
vlc_object_destroy( host );
}
+ if( p_tls != NULL )
+ tls_ServerDelete( p_tls );
+
return NULL;
}