Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Marvin Scholz
Icecast-Server
Commits
b47ae369
Commit
b47ae369
authored
May 18, 2017
by
Philipp Schafft
🦁
Browse files
Update: Prepare code for a new <tls-context> element
parent
68b3b1c7
Changes
3
Hide whitespace changes
Inline
Side-by-side
src/cfgfile.c
View file @
b47ae369
...
...
@@ -567,8 +567,6 @@ void config_clear(ice_config_t *c)
if
(
c
->
webroot_dir
)
xmlFree
(
c
->
webroot_dir
);
if
(
c
->
adminroot_dir
)
xmlFree
(
c
->
adminroot_dir
);
if
(
c
->
null_device
)
xmlFree
(
c
->
null_device
);
if
(
c
->
cert_file
)
xmlFree
(
c
->
cert_file
);
if
(
c
->
cipher_list
)
xmlFree
(
c
->
cipher_list
);
if
(
c
->
pidfile
)
xmlFree
(
c
->
pidfile
);
if
(
c
->
banfile
)
xmlFree
(
c
->
banfile
);
if
(
c
->
allowfile
)
xmlFree
(
c
->
allowfile
);
...
...
@@ -584,6 +582,10 @@ void config_clear(ice_config_t *c)
if
(
c
->
group
)
xmlFree
(
c
->
group
);
if
(
c
->
mimetypes_fn
)
xmlFree
(
c
->
mimetypes_fn
);
if
(
c
->
tls_context
.
cert_file
)
xmlFree
(
c
->
tls_context
.
cert_file
);
if
(
c
->
tls_context
.
key_file
)
xmlFree
(
c
->
tls_context
.
key_file
);
if
(
c
->
tls_context
.
cipher_list
)
xmlFree
(
c
->
tls_context
.
cipher_list
);
event_registration_release
(
c
->
event
);
while
((
c
->
listen_sock
=
config_clear_listener
(
c
->
listen_sock
)));
...
...
@@ -802,8 +804,6 @@ static void _set_defaults(ice_config_t *configuration)
->
base_dir
=
(
char
*
)
xmlCharStrdup
(
CONFIG_DEFAULT_BASE_DIR
);
configuration
->
log_dir
=
(
char
*
)
xmlCharStrdup
(
CONFIG_DEFAULT_LOG_DIR
);
configuration
->
cipher_list
=
(
char
*
)
xmlCharStrdup
(
CONFIG_DEFAULT_CIPHER_LIST
);
configuration
->
null_device
=
(
char
*
)
xmlCharStrdup
(
CONFIG_DEFAULT_NULL_FILE
);
configuration
...
...
@@ -831,6 +831,8 @@ static void _set_defaults(ice_config_t *configuration)
/* default to a typical prebuffer size used by clients */
configuration
->
burst_size
=
CONFIG_DEFAULT_BURST_SIZE
;
configuration
->
tls_context
.
cipher_list
=
(
char
*
)
xmlCharStrdup
(
CONFIG_DEFAULT_CIPHER_LIST
);
}
static
inline
void
__check_hostname
(
ice_config_t
*
configuration
)
...
...
@@ -1918,14 +1920,14 @@ static void _parse_paths(xmlDocPtr doc,
configuration
->
allowfile
=
(
char
*
)
xmlNodeListGetString
(
doc
,
node
->
xmlChildrenNode
,
1
);
}
else
if
(
xmlStrcmp
(
node
->
name
,
XMLSTR
(
"tls-certificate"
))
==
0
||
xmlStrcmp
(
node
->
name
,
XMLSTR
(
"ssl-certificate"
))
==
0
)
{
if
(
configuration
->
cert_file
)
xmlFree
(
configuration
->
cert_file
);
configuration
->
cert_file
=
(
char
*
)
xmlNodeListGetString
(
doc
,
node
->
xmlChildrenNode
,
1
);
if
(
configuration
->
tls_context
.
cert_file
)
xmlFree
(
configuration
->
tls_context
.
cert_file
);
configuration
->
tls_context
.
cert_file
=
(
char
*
)
xmlNodeListGetString
(
doc
,
node
->
xmlChildrenNode
,
1
);
}
else
if
(
xmlStrcmp
(
node
->
name
,
XMLSTR
(
"tls-allowed-ciphers"
))
==
0
||
xmlStrcmp
(
node
->
name
,
XMLSTR
(
"ssl-allowed-ciphers"
))
==
0
)
{
if
(
configuration
->
cipher_list
)
xmlFree
(
configuration
->
cipher_list
);
configuration
->
cipher_list
=
(
char
*
)
xmlNodeListGetString
(
doc
,
node
->
xmlChildrenNode
,
1
);
if
(
configuration
->
tls_context
.
cipher_list
)
xmlFree
(
configuration
->
tls_context
.
cipher_list
);
configuration
->
tls_context
.
cipher_list
=
(
char
*
)
xmlNodeListGetString
(
doc
,
node
->
xmlChildrenNode
,
1
);
}
else
if
(
xmlStrcmp
(
node
->
name
,
XMLSTR
(
"webroot"
))
==
0
)
{
if
(
!
(
temp
=
(
char
*
)
xmlNodeListGetString
(
doc
,
node
->
xmlChildrenNode
,
1
)))
{
ICECAST_LOG_WARN
(
"<webroot> setting must not be empty."
);
...
...
src/cfgfile.h
View file @
b47ae369
...
...
@@ -175,6 +175,12 @@ typedef struct _listener_t {
tlsmode_t
tls
;
}
listener_t
;
typedef
struct
_config_tls_context
{
char
*
cert_file
;
char
*
key_file
;
char
*
cipher_list
;
}
config_tls_config_t
;
typedef
struct
ice_config_tag
{
char
*
config_filename
;
...
...
@@ -229,8 +235,6 @@ typedef struct ice_config_tag {
char
*
null_device
;
char
*
banfile
;
char
*
allowfile
;
char
*
cert_file
;
char
*
cipher_list
;
char
*
webroot_dir
;
char
*
adminroot_dir
;
aliases
*
aliases
;
...
...
@@ -242,6 +246,8 @@ typedef struct ice_config_tag {
int
logsize
;
int
logarchive
;
config_tls_config_t
tls_context
;
int
chroot
;
int
chuid
;
char
*
user
;
...
...
src/connection.c
View file @
b47ae369
...
...
@@ -163,10 +163,16 @@ static unsigned long _next_connection_id(void)
#ifdef ICECAST_CAP_TLS
static
void
get_tls_certificate
(
ice_config_t
*
config
)
{
const
char
*
keyfile
;
config
->
tls_ok
=
tls_ok
=
0
;
keyfile
=
config
->
tls_context
.
key_file
;
if
(
!
keyfile
)
keyfile
=
config
->
tls_context
.
cert_file
;
tls_ctx_unref
(
tls_ctx
);
tls_ctx
=
tls_ctx_new
(
config
->
cert_file
,
config
->
cert_
file
,
config
->
cipher_list
);
tls_ctx
=
tls_ctx_new
(
config
->
tls_context
.
cert_file
,
key
file
,
config
->
tls_context
.
cipher_list
);
if
(
!
tls_ctx
)
{
ICECAST_LOG_INFO
(
"No TLS capability on any configured ports"
);
return
;
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
