added ssl

2022-02-17 23:22:30 -05:00
parent 5c60a475e7
commit 1c083b90f8
8 changed files with 300 additions and 25 deletions
--- a/src/returnRequest.c
+++ b/src/returnRequest.c
@@ -1,18 +1,29 @@
+#include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include <sys/socket.h>
+#include <openssl/ssl.h>

-int returnRequest(int socket, char *message, int status) {
-	send(socket, message, strlen(message), 0);
+#include "server.h"
+
+int returnRequest(int socket, char *message, int status, SSL *ssl) {
+	if ( enableHTTPS ) {
+		SSL_write(ssl, message, strlen(message));
+		SSL_get_fd(ssl);
+		SSL_free(ssl);
+	} else {
+		send(socket, message, strlen(message), 0);
+	}
 	return 0;
 }

-int return200Request(int socket) {
+int return200Request(int socket, SSL *ssl) {
 	char *message = "HTTP/1.1 200 OK\nContent-Length: 6\nConnection: close\n\nhello\n";
-	return returnRequest(socket, message, 200);
+	return returnRequest(socket, message, 200, ssl);
 }

-int return404Request(int socket) {
+int return404Request(int socket, SSL *ssl) {
 	char *message = "HTTP/1.1 404 Not Found\nContent-Length: 12\nConnection: close\n\n404 Request\n";
-	return returnRequest(socket, message, 400);
+	return returnRequest(socket, message, 400, ssl);
 }

--- a/src/socketHelp.c
+++ b/src/socketHelp.c
@@ -3,6 +3,59 @@
 #include <sys/socket.h>
 #include <netinet/in.h>

+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#include "socketHelp.h"
+
+SSL_CTX* InitServerCTX() {
+	SSL_METHOD *method;
+	SSL_CTX *ctx;
+
+	OpenSSL_add_all_algorithms();
+	SSL_load_error_strings();
+	method = TLS_server_method();
+	ctx = SSL_CTX_new(method);
+	if ( ctx == NULL ) {
+		ERR_print_errors_fp(stderr);
+		exit(EXIT_FAILURE);
+	}
+	return ctx;
+}
+
+void LoadCertificates(SSL_CTX* ctx, char* certFile, char* keyFile) {
+	// Set local certificate from certFile
+	if ( SSL_CTX_use_certificate_file(ctx, certFile, SSL_FILETYPE_PEM) <= 0 ) {
+		ERR_print_errors_fp(stderr);
+		exit(EXIT_FAILURE);
+	}
+	// Set local priv key from keyFile
+	if ( SSL_CTX_use_PrivateKey_file(ctx, keyFile, SSL_FILETYPE_PEM) <=0 ) {
+		ERR_print_errors_fp(stderr);
+		exit(EXIT_FAILURE);
+	}
+	// Verify priv key
+	if ( !SSL_CTX_check_private_key(ctx) ) {
+		fprintf(stderr, "Private key does not match passed certificate file\n");
+		exit(EXIT_FAILURE);
+	}
+	return;
+}
+
+int createSecureSocket(int port, int *server_fd, struct sockaddr_in *address, int *addrlen, SSL_CTX **ctx, char certFile[], char keyFile[]) {
+
+	SSL_library_init();
+	*ctx = InitServerCTX();
+	LoadCertificates(*ctx, certFile, keyFile);
+
+	if ( createSocket(port, server_fd, address, addrlen) ) {
+		fprintf(stderr, "Error create socket\n");
+		exit(EXIT_FAILURE);
+	}
+
+	return 0;
+}
+
 int createSocket(int port, int *server_fd, struct sockaddr_in *address, int *addrlen) {
 	int opt = 1;