Roxen.git / server / protocols / prot_https.pike

version» Context lines:

Roxen.git/server/protocols/prot_https.pike:1:   // This is a roxen protocol module.   // Copyright © 2001 - 2009, Roxen IS.    - // $Id: prot_https.pike,v 2.17 2010/11/18 15:17:01 stewa Exp $ + // $Id$      // --- Debug defines ---      #ifdef SSL3_DEBUG   # define SSL3_WERR(X) werror("SSL3: "+X+"\n")   #else   # define SSL3_WERR(X)   #endif      inherit SSLProtocol;    - constant supports_ipless = 0; + // SSL in Pike 8.0 and later supports SNI, and even in older versions + // it is possible to use glob-certs that match several sites. + constant supports_ipless = 1;   constant name = "https";   constant prot_name = "https";   constant requesthandlerfile = "protocols/http.pike";   constant default_port = 443;         class fallback_redirect_request   {    string in = "";    string out;
Roxen.git/server/protocols/prot_https.pike:160:    }       string _sprintf (int flag)    {    return flag == 'O' && sprintf ("fallback_redirect_request(%O)", f);    }   }      class http_fallback   { -  SSL.sslfile my_fd; +  SSL.File my_fd;       void ssl_alert_callback(object alert, object|int n, string data)    {    SSL3_WERR(sprintf("http_fallback(X, %O, %O)", n, data));    // trace(1);    if (((my_fd->current_write_state||    my_fd->query_connection()->current_write_state)->seq_num == 0) &&    search(lower_case(data), "http"))    {    if (function close_cb = my_fd->query_close_callback())
Roxen.git/server/protocols/prot_https.pike:184:    close_cb (my_fd->query_id());       Stdio.File raw_fd;    if (my_fd->shutdown) {    raw_fd = my_fd->shutdown();    } else {    raw_fd = my_fd->socket;    my_fd->socket = 0;    }    -  /* Redirect to a https-url */ -  Configuration conf = sizeof(urls) && values(urls)[0]->conf; // Should be just one possible config for https +  /* Redirect to an https-url */ +  Configuration conf; +  foreach(values(urls)->conf, conf) { +  if (conf->query("default_server")) { +  // This configuration has been tagged as a default server. +  break; +  } +  } +  // FIXME: Consider the case where the port has been remapped.    fallback_redirect_request(raw_fd, data,    conf && conf->query("MyWorldLocation"),    port);       if (!my_fd->shutdown) {    // Old sslfile contains cyclic references.    destruct(my_fd);    }       // Break cyclic refs.
Roxen.git/server/protocols/prot_https.pike:208:    }       void ssl_accept_callback (mixed ignored)    {    SSL3_WERR(sprintf("ssl_accept_callback()"));    my_fd->set_alert_callback(0); /* Forget about http_fallback */    my_fd->set_accept_callback(0);    my_fd = 0; /* Not needed any more */    }    -  void create(SSL.sslfile|Stdio.File fd) +  void create(SSL.File|Stdio.File fd)    {    my_fd = fd;    fd->set_alert_callback(ssl_alert_callback);    fd->set_accept_callback(ssl_accept_callback);    }       string _sprintf (int flag)    {    return flag == 'O' && sprintf ("http_fallback(%O)", my_fd);    }   }      Stdio.File accept()   { -  object(Stdio.File)|SSL.sslfile q = ::accept(); +  object(Stdio.File)|SSL.File q = ::accept();       if (q) {    http_fallback(q);    }    return q;   }      int set_cookie, set_cookie_only_once;   void fix_cvars( Variable.Variable a )   {