pike.git / lib / modules / Protocols.pmod / HTTP.pmod / Server.pmod / SSLPort.pike

version» Context lines:

pike.git/lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/SSLPort.pike:1:   #pike __REAL_VERSION__ - #require constant(SSL.Cipher) + #require constant(SSL.Port)    -  + inherit SSL.Port; +    import ".";    - MySSLPort port; +    int portno; - string|int(0..0) interface; + string interface;   function(Request:void) callback;      //!   object|function|program request_program=Request;    - //! The simplest SSL server possible. Binds a port and calls - //! a callback with @[request_program] objects. + //! A very simple SSL server. Binds a port and calls a callback with + //! @[request_program] objects.      //! Create a HTTPS (HTTP over SSL) server.   //! - //! @param _callback + //! @param callback   //! The function run when a request is received.   //! takes one argument of type @[Request]. - //! @param _portno + //! @param port   //! The port number to bind to, defaults to 443. - //! @param _interface + //! @param interface   //! The interface address to bind to.   //! @param key   //! An optional SSL secret key, provided in binary format, such   //! as that created by @[Standards.PKCS.RSA.private_key()].   //! @param certificate   //! An optional SSL certificate or chain of certificates with the host   //! certificate first, provided in binary format.   //! @param share   //! If true, the connection will be shared if possible. See   //! @[Stdio.Port.bind] for more information - void create(function(Request:void) _callback, -  void|int _portno, -  void|string _interface, + protected void create(function(Request:void) callback, +  void|int port, +  void|string interface,    void|string|Crypto.Sign.State key,    void|string|array(string) certificate,    void|int share)   { -  portno=_portno; -  if (!portno) portno=443; // default HTTPS port +  ::create();    -  callback=_callback; -  interface=_interface; +  portno = port || 443; +  this_program::callback=callback; +  this_program::interface=interface;    -  port=MySSLPort(); +     if( key && certificate )    {    if( stringp(certificate) )    certificate = ({ certificate }); -  port->ctx->add_cert( key, certificate, ({"*"}) ); +  ctx->add_cert( key, certificate, ({"*"}) );    }    else -  port->set_default_keycert(); +  set_default_keycert();    -  if (!port->bind(portno,new_connection,[string]interface,share)) -  error("HTTP.Server.SSLPort: failed to bind port %s%d: %s\n", -  interface?interface+":":"", -  portno,strerror(port->errno())); +  if (!bind(portno, new_connection, this_program::interface, share)) +  error("Failed to bind port %s%d: %s\n", +  interface?interface+":":"", portno, strerror(errno()));   }    - //! Closes the HTTP port. - void close() - { -  destruct(port); -  port=0; - } -  +    void destroy() { close(); }      //! The port accept callback   protected void new_connection()   { -  SSL.File fd=port->accept(); +  SSL.File fd=accept();    Request r=request_program();    r->attach_fd(fd,this,callback);   }    - //! - class MySSLPort + protected void set_default_keycert()   { -  -  inherit SSL.Port; -  -  //! -  void set_default_keycert() -  { +     foreach(({ Crypto.RSA(), Crypto.DSA(),   #if constant(Crypto.ECC.Curve)    Crypto.ECC.SECP_521R1.ECDSA(),   #endif -  }), Crypto.Sign private_key) { -  private_key->set_random(Crypto.Random.random_string); +  }), Crypto.Sign private_key) +  {    switch(private_key->name()) {    case "RSA":    private_key->generate_key(4096);    break;    case "DSA":    private_key->generate_key(4096, 160);    break;    default:    // ECDSA.    private_key->generate_key();
pike.git/lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/SSLPort.pike:117:    ctx->add_cert( private_key, ({ c }) );    }    }          // ---- Remove this?       private string tmp_key;    private array(string) tmp_cert;    + __deprecated__ this_program `port() + { +  return this; + } +    //! @deprecated add_cert   __deprecated__ void set_key(string skey)   {    tmp_key = skey;    if( tmp_key && tmp_cert )    ctx->add_cert( tmp_key, tmp_cert );   }      //! @deprecated add_cert   __deprecated__ void set_certificate(string|array(string) certificate)   {    if(arrayp(certificate))    tmp_cert = [array(string)]certificate;    else    tmp_cert = ({ [string]certificate });    if( tmp_key && tmp_cert )    ctx->add_cert( tmp_key, tmp_cert );   } - } +       protected string _sprintf(int t) {    return t=='O' && sprintf("%O(%O:%d)", this_program, interface, portno);   }