* axhttpd can load a certificate and private key from the command line

cameronrich · cameronrich · commit b9d43265b5a8 · 2014-11-22T02:05:21.000Z
* axssl now prints all output regardless of null bytes. It no longer writes a null byte.

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@242 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
diff --git a/crypto/crypto.h b/crypto/crypto.h
@@ -153,9 +153,9 @@ typedef struct
   uint8_t buffer[64];       /* input buffer */
 } MD5_CTX;
 
-void MD5_Init(MD5_CTX *);
-void MD5_Update(MD5_CTX *, const uint8_t *msg, int len);
-void MD5_Final(uint8_t *digest, MD5_CTX *);
+EXP_FUNC void STDCALL MD5_Init(MD5_CTX *);
+EXP_FUNC void STDCALL MD5_Update(MD5_CTX *, const uint8_t *msg, int len);
+EXP_FUNC void STDCALL MD5_Final(uint8_t *digest, MD5_CTX *);
 
 /**************************************************************************
  * HMAC declarations 
diff --git a/httpd/axhttpd.c b/httpd/axhttpd.c
@@ -128,7 +128,10 @@ int main(int argc, char *argv[])
     int httpPort = CONFIG_HTTP_PORT;
     char *httpsAddress = NULL;
     int httpsPort = CONFIG_HTTP_HTTPS_PORT;
+    uint32_t options = CONFIG_HTTP_DEFAULT_SSL_OPTIONS;
     char *portStr;
+    char *private_key = NULL;
+    char *cert = NULL;
 
 #ifdef WIN32
     WORD wVersionRequested = MAKEWORD(2, 2);
@@ -190,9 +193,24 @@ int main(int argc, char *argv[])
             continue;
         }
 
+        if (strcmp(argv[i], "-cert") == 0 && argv[i+1] != NULL)
+        {
+            cert = argv[i+1];
+            i += 2;
+            continue;
+        }
+
+        if (strcmp(argv[i], "-key") == 0 && argv[i+1] != NULL)
+        {
+            private_key = argv[i+1];
+            i += 2;
+            continue;
+        }
         printf("%s:\n"
                "    [-p [address:]httpport]\n"
                "    [-s [address:]httpsport]\n"
+               "    [-key private_key]\n"
+               "    [-cert cert]\n"
                "    [-w webroot]\n", argv[0]);
         exit(1);
     }
@@ -223,10 +241,35 @@ int main(int argc, char *argv[])
     }
 
     addtoservers(active);
-    servers->ssl_ctx = ssl_ctx_new(CONFIG_HTTP_DEFAULT_SSL_OPTIONS, 
-                                CONFIG_HTTP_SESSION_CACHE_SIZE);
+
+    if (cert != NULL && private_key != NULL)
+        options |=  SSL_NO_DEFAULT_KEY;
+
+    servers->ssl_ctx = ssl_ctx_new(options, CONFIG_HTTP_SESSION_CACHE_SIZE);
     servers->is_ssl = 1;
 
+    if (cert != NULL && private_key != NULL)
+    {
+        printf("YEAH\n");
+        if (ssl_obj_load(servers->ssl_ctx, SSL_OBJ_RSA_KEY, private_key,
+                    NULL))
+        {
+#ifdef CONFIG_HTTP_VERBOSE
+            fprintf(stderr, "ERR: Couldn't load private key %s\n", private_key);
+#endif
+            exit(1);
+        }
+
+        if (ssl_obj_load(servers->ssl_ctx, SSL_OBJ_X509_CERT, cert,
+                    NULL))
+        {
+#ifdef CONFIG_HTTP_VERBOSE
+            fprintf(stderr, "ERR: Couldn't load cert %s\n", cert);
+#endif
+            exit(1);
+        }
+    }
+
 #if defined(CONFIG_HTTP_HAS_CGI)
     addcgiext(CONFIG_HTTP_CGI_EXTENSIONS);
 #endif
@@ -263,7 +306,6 @@ int main(int argc, char *argv[])
     }
 #endif
 
-
 #ifndef WIN32 
 #ifdef CONFIG_HTTP_IS_DAEMON
     if (fork() > 0)  /* parent will die */
diff --git a/samples/c/axssl.c b/samples/c/axssl.c
@@ -382,7 +382,12 @@ static void do_server(int argc, char *argv[])
 
                     if (res > SSL_OK)    /* display our interesting output */
                     {
-                        printf("%s", read_buf);
+                        int written = 0;
+                        while (written < res)
+                        {
+                            written += write(STDOUT_FILENO, read_buf+written,
+                                                res-written);
+                        }
                         TTY_FLUSH();
                     }
                     else if (res == SSL_CLOSE_NOTIFY)
@@ -711,7 +716,7 @@ static void do_client(int argc, char *argv[])
                     }
                     else
                     {
-                        res = ssl_write(ssl, buf, strlen((char *)buf)+1);
+                        res = ssl_write(ssl, buf, strlen((char *)buf));
                     }
                 }
             }
@@ -724,7 +729,12 @@ static void do_client(int argc, char *argv[])
 
                 if (res > 0)    /* display our interesting output */
                 {
-                    printf("%s", read_buf);
+                    int written = 0;
+                    while (written < res)
+                    {
+                        written += write(STDOUT_FILENO, read_buf+written,
+                                            res-written);
+                    }
                     TTY_FLUSH();
                 }
             }
diff --git a/www/index.html b/www/index.html

Original file line number	Diff line number	Diff line change
`@@ -382,7 +382,12 @@ static void do_server(int argc, char *argv[])`
`382`	`382`
`383`	`383`	`if (res > SSL_OK) /* display our interesting output */`
`384`	`384`	`{`
`385`		`- printf("%s", read_buf);`
	`385`	`+ int written = 0;`
	`386`	`+ while (written < res)`
	`387`	`+ {`
	`388`	`+ written += write(STDOUT_FILENO, read_buf+written,`
	`389`	`+ res-written);`
	`390`	`+ }`
`386`	`391`	`TTY_FLUSH();`
`387`	`392`	`}`
`388`	`393`	`else if (res == SSL_CLOSE_NOTIFY)`
`@@ -711,7 +716,7 @@ static void do_client(int argc, char *argv[])`
`711`	`716`	`}`
`712`	`717`	`else`
`713`	`718`	`{`
`714`		`- res = ssl_write(ssl, buf, strlen((char *)buf)+1);`
	`719`	`+ res = ssl_write(ssl, buf, strlen((char *)buf));`
`715`	`720`	`}`
`716`	`721`	`}`
`717`	`722`	`}`
`@@ -724,7 +729,12 @@ static void do_client(int argc, char *argv[])`
`724`	`729`
`725`	`730`	`if (res > 0) /* display our interesting output */`
`726`	`731`	`{`
`727`		`- printf("%s", read_buf);`
	`732`	`+ int written = 0;`
	`733`	`+ while (written < res)`
	`734`	`+ {`
	`735`	`+ written += write(STDOUT_FILENO, read_buf+written,`
	`736`	`+ res-written);`
	`737`	`+ }`
`728`	`738`	`TTY_FLUSH();`
`729`	`739`	`}`
`730`	`740`	`}`