add protocol selection to ssl, used for http2 support in the future

This commit is contained in:
lxsang 2020-01-11 22:30:01 +01:00
parent 7b274de0db
commit 7fc12a72e6
3 changed files with 42 additions and 2 deletions

View File

@ -713,7 +713,9 @@ void *serve_file(void *data)
rhd.status = 200; rhd.status = 200;
rhd.header = dict(); rhd.header = dict();
dput(rhd.header, "Content-Type", strdup(mime_type)); dput(rhd.header, "Content-Type", strdup(mime_type));
#ifdef USE_ZLIB
if(!compressable(mime_type) || rq->client->z_level == ANTD_CNONE) if(!compressable(mime_type) || rq->client->z_level == ANTD_CNONE)
#endif
dput(rhd.header, "Content-Length", strdup(ibuf)); dput(rhd.header, "Content-Length", strdup(ibuf));
gmtime_r(&st.st_ctime, &tm); gmtime_r(&st.st_ctime, &tm);
strftime(ibuf, 255, "%a, %d %b %Y %H:%M:%S GMT", &tm); strftime(ibuf, 255, "%a, %d %b %Y %H:%M:%S GMT", &tm);

40
httpd.c
View File

@ -40,7 +40,34 @@ SSL_CTX *create_context()
return ctx; return ctx;
} }
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
static unsigned char antd_protocols[] = {
//TODO: add support to HTTP/2 protocol: 2,'h', '2',
8, 'h', 't', 't', 'p', '/', '1', '.', '1'
};
static int alpn_advertise_protos_cb(SSL *ssl, const unsigned char **out, unsigned int *outlen,void *arg)
{
UNUSED(ssl);
UNUSED(arg);
*out = antd_protocols;
*outlen = sizeof(antd_protocols);
return SSL_TLSEXT_ERR_OK;
}
static int alpn_select_cb(SSL *ssl, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
{
UNUSED(ssl);
UNUSED(arg);
if(SSL_select_next_proto((unsigned char **)out, outlen,antd_protocols,sizeof(antd_protocols),in, inlen) == OPENSSL_NPN_NEGOTIATED)
{
return SSL_TLSEXT_ERR_OK;
}
else
{
ERROR("No protocol support overlap found between client and server\n");
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
}
#endif
void configure_context(SSL_CTX *ctx) void configure_context(SSL_CTX *ctx)
{ {
#if defined(SSL_CTX_set_ecdh_auto) #if defined(SSL_CTX_set_ecdh_auto)
@ -85,6 +112,10 @@ void configure_context(SSL_CTX *ctx)
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
SSL_CTX_set_alpn_select_cb(ctx,alpn_select_cb, NULL);
SSL_CTX_set_next_protos_advertised_cb(ctx,alpn_advertise_protos_cb,NULL);
#endif
} }
#endif #endif
@ -276,7 +307,12 @@ int main(int argc, char* argv[])
client->ssl = (void*)SSL_new(ctx); client->ssl = (void*)SSL_new(ctx);
if(!client->ssl) continue; if(!client->ssl) continue;
SSL_set_fd((SSL*)client->ssl, client->sock); SSL_set_fd((SSL*)client->ssl, client->sock);
// this can be used in the protocol select callback to
// set the protocol selected by the server
if(!SSL_set_ex_data((SSL*)client->ssl, client->sock, client))
{
ERROR("Cannot set ex data to ssl client:%d", client->sock);
}
/*if (SSL_accept((SSL*)client->ssl) <= 0) { /*if (SSL_accept((SSL*)client->ssl) <= 0) {
LOG("EROOR accept\n"); LOG("EROOR accept\n");
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);

View File

@ -796,7 +796,9 @@ void antd_error(void* client, int status, const char* msg)
} }
char ibuf[20]; char ibuf[20];
snprintf (ibuf, sizeof(ibuf), "%d",clen); snprintf (ibuf, sizeof(ibuf), "%d",clen);
#ifdef USE_ZLIB
if(((antd_client_t*)client)->z_level == ANTD_CNONE || !compressable(ctype)) if(((antd_client_t*)client)->z_level == ANTD_CNONE || !compressable(ctype))
#endif
dput(rsh.header, "Content-Length", strdup(ibuf)); dput(rsh.header, "Content-Length", strdup(ibuf));
antd_send_header(client, &rsh); antd_send_header(client, &rsh);
if(res_str) if(res_str)