diff options
Diffstat (limited to 'https.cpp')
-rw-r--r-- | https.cpp | 27 |
1 files changed, 20 insertions, 7 deletions
@@ -573,9 +573,16 @@ int servername_callback(SSL *s, int *al, void *arg) HTTPS::Server::ctx_type* ctx_map = (HTTPS::Server::ctx_type*)arg; - ssl::context& ctx = *(ctx_map->at(server_name)); + auto it {ctx_map->find(server_name)}; + std::shared_ptr<ssl::context> ctx{}; + if (it != ctx_map->end()) { + ctx = it->second; + } else { + std::cout << "Warning: server_name " << server_name << " not found in list of prepared contexts. Using dummy ctx." << std::endl; + ctx = ctx_map->at(""); + } - SSL_set_SSL_CTX(s, ctx.native_handle()); + SSL_set_SSL_CTX(s, ctx->native_handle()); return SSL_TLSEXT_ERR_OK; } @@ -588,6 +595,15 @@ namespace HTTPS { Server::Server(Config& config, boost::asio::io_context& ioc, const Socket& socket, plugins_container_type& plugins) : ::Server(config, ioc, socket, plugins) { + // initial dummy, before we can add specific ctx w/ certificate + std::shared_ptr<ssl::context> ctx_dummy{std::make_shared<ssl::context>(tls_method)}; + load_server_certificate(*ctx_dummy, "", ""); + //SSL_CTX_set_client_hello_cb(ctx_dummy->native_handle(), servername_callback, &m_ctx); + SSL_CTX_set_tlsext_servername_callback(ctx_dummy->native_handle(), servername_callback); + SSL_CTX_set_tlsext_servername_arg(ctx_dummy->native_handle(), &m_ctx); + m_ctx.emplace("", ctx_dummy); + + // import the real certificates for (const auto& serve_site: socket.serve_sites) { for (const auto& site: config.Sites()) { if (site.name == serve_site) { @@ -596,6 +612,7 @@ Server::Server(Config& config, boost::asio::io_context& ioc, const Socket& socke std::cout << "Creating SSL context/cert for site " << serve_site << " on port " << socket.port << std::endl; load_server_certificate(*ctx, site.cert_path, site.key_path); + //SSL_CTX_set_client_hello_cb(ctx->native_handle(), servername_callback, &m_ctx); SSL_CTX_set_tlsext_servername_callback(ctx->native_handle(), servername_callback); SSL_CTX_set_tlsext_servername_arg(ctx->native_handle(), &m_ctx); @@ -617,14 +634,10 @@ int Server::start() auto const address = net::ip::make_address(m_socket.address); auto const port = static_cast<unsigned short>(std::atoi(m_socket.port.data())); - load_server_certificate(m_ctx_dummy, "", ""); // initial dummy, before we can add specific ctx w/ certificate - SSL_CTX_set_tlsext_servername_callback(m_ctx_dummy.native_handle(), servername_callback); - SSL_CTX_set_tlsext_servername_arg(m_ctx_dummy.native_handle(), &m_ctx); - // Create and launch a listening port std::make_shared<listener>( m_ioc, - m_ctx_dummy, + *m_ctx[""], tcp::endpoint{address, port}, *this)->run(); |