Commit a1aa0196 authored by Philipp Schafft's avatar Philipp Schafft 🦁

Feature: Allow to use of non-TLS sockets for TLS clients

parent 1d39b657
......@@ -251,6 +251,7 @@ connection_t *connection_create (sock_t sock, sock_t serversock, char *ip)
con->con_time = time(NULL);
con->id = _next_connection_id();
con->ip = ip;
con->tlsmode = ICECAST_TLSMODE_AUTO;
con->read = connection_read;
con->send = connection_send;
}
......@@ -266,6 +267,7 @@ void connection_uses_ssl(connection_t *con)
if (con->tls)
return;
con->tlsmode = ICECAST_TLSMODE_RFC2818;
con->read = connection_read_ssl;
con->send = connection_send_ssl;
con->tls = tls_new(tls_ctx);
......@@ -429,8 +431,12 @@ static client_queue_t *_get_connection(void)
static void process_request_queue (void)
{
client_queue_t **node_ref = (client_queue_t **)&_req_queue;
ice_config_t *config = config_get_config();
int timeout = config->header_timeout;
ice_config_t *config;
int timeout;
char peak;
config = config_get_config();
timeout = config->header_timeout;
config_release_config();
while (*node_ref) {
......@@ -439,6 +445,14 @@ static void process_request_queue (void)
int len = PER_CLIENT_REFBUF_SIZE - 1 - node->offset;
char *buf = client->refbuf->data + node->offset;
if (client->con->tlsmode == ICECAST_TLSMODE_AUTO) {
if (recv(client->con->sock, &peak, 1, MSG_PEEK) == 1) {
if (peak == 0x16) { /* TLS Record Protocol Content type 0x16 == Handshake */
connection_uses_ssl(client->con);
}
}
}
if (len > 0) {
if (client->con->con_time + timeout <= time(NULL)) {
len = 0;
......
......@@ -28,6 +28,17 @@ struct _client_tag;
struct source_tag;
struct ice_config_tag;
typedef enum _tlsmode_tag {
/* no TLS is used at all */
ICECAST_TLSMODE_DISABLED = 0,
/* TLS mode is to be detected */
ICECAST_TLSMODE_AUTO,
/* TLS via HTTP Upgrade:-header [RFC2817] */
ICECAST_TLSMODE_RFC2817,
/* TLS for transport layer like HTTPS [RFC2818] does */
ICECAST_TLSMODE_RFC2818
} tlsmode_t;
typedef struct connection_tag
{
unsigned long id;
......@@ -40,6 +51,7 @@ typedef struct connection_tag
sock_t serversock;
int error;
tlsmode_t tlsmode;
tls_t *tls;
int (*send)(struct connection_tag *handle, const void *buf, size_t len);
int (*read)(struct connection_tag *handle, void *buf, size_t len);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment