summaryrefslogtreecommitdiffhomepage
path: root/https.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'https.cpp')
-rw-r--r--https.cpp27
1 files changed, 20 insertions, 7 deletions
diff --git a/https.cpp b/https.cpp
index facc533..a263a54 100644
--- a/https.cpp
+++ b/https.cpp
@@ -573,9 +573,16 @@ int servername_callback(SSL *s, int *al, void *arg)
HTTPS::Server::ctx_type* ctx_map = (HTTPS::Server::ctx_type*)arg;
- ssl::context& ctx = *(ctx_map->at(server_name));
+ auto it {ctx_map->find(server_name)};
+ std::shared_ptr<ssl::context> ctx{};
+ if (it != ctx_map->end()) {
+ ctx = it->second;
+ } else {
+ std::cout << "Warning: server_name " << server_name << " not found in list of prepared contexts. Using dummy ctx." << std::endl;
+ ctx = ctx_map->at("");
+ }
- SSL_set_SSL_CTX(s, ctx.native_handle());
+ SSL_set_SSL_CTX(s, ctx->native_handle());
return SSL_TLSEXT_ERR_OK;
}
@@ -588,6 +595,15 @@ namespace HTTPS {
Server::Server(Config& config, boost::asio::io_context& ioc, const Socket& socket, plugins_container_type& plugins)
: ::Server(config, ioc, socket, plugins)
{
+ // initial dummy, before we can add specific ctx w/ certificate
+ std::shared_ptr<ssl::context> ctx_dummy{std::make_shared<ssl::context>(tls_method)};
+ load_server_certificate(*ctx_dummy, "", "");
+ //SSL_CTX_set_client_hello_cb(ctx_dummy->native_handle(), servername_callback, &m_ctx);
+ SSL_CTX_set_tlsext_servername_callback(ctx_dummy->native_handle(), servername_callback);
+ SSL_CTX_set_tlsext_servername_arg(ctx_dummy->native_handle(), &m_ctx);
+ m_ctx.emplace("", ctx_dummy);
+
+ // import the real certificates
for (const auto& serve_site: socket.serve_sites) {
for (const auto& site: config.Sites()) {
if (site.name == serve_site) {
@@ -596,6 +612,7 @@ Server::Server(Config& config, boost::asio::io_context& ioc, const Socket& socke
std::cout << "Creating SSL context/cert for site " << serve_site << " on port " << socket.port << std::endl;
load_server_certificate(*ctx, site.cert_path, site.key_path);
+ //SSL_CTX_set_client_hello_cb(ctx->native_handle(), servername_callback, &m_ctx);
SSL_CTX_set_tlsext_servername_callback(ctx->native_handle(), servername_callback);
SSL_CTX_set_tlsext_servername_arg(ctx->native_handle(), &m_ctx);
@@ -617,14 +634,10 @@ int Server::start()
auto const address = net::ip::make_address(m_socket.address);
auto const port = static_cast<unsigned short>(std::atoi(m_socket.port.data()));
- load_server_certificate(m_ctx_dummy, "", ""); // initial dummy, before we can add specific ctx w/ certificate
- SSL_CTX_set_tlsext_servername_callback(m_ctx_dummy.native_handle(), servername_callback);
- SSL_CTX_set_tlsext_servername_arg(m_ctx_dummy.native_handle(), &m_ctx);
-
// Create and launch a listening port
std::make_shared<listener>(
m_ioc,
- m_ctx_dummy,
+ *m_ctx[""],
tcp::endpoint{address, port},
*this)->run();