From fc8d732a6d65cd2abf9d4926e3c685c320491069 Mon Sep 17 00:00:00 2001 From: David Martin Ferradas Date: Fri, 15 Nov 2024 11:06:32 +0100 Subject: [PATCH 1/4] Integrated SSL support. Modified echo example. --- Makefile | 2 +- certs/localhost.crt | 19 +++++++ certs/localhost.key | 28 ++++++++++ examples/echo/echo.c | 2 + examples/echo/echo.html | 6 +-- include/ws.h | 10 ++++ src/ws.c | 115 +++++++++++++++++++++++++++++++++++++--- 7 files changed, 172 insertions(+), 10 deletions(-) create mode 100644 certs/localhost.crt create mode 100644 certs/localhost.key diff --git a/Makefile b/Makefile index dc91f36..fef8238 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ LIB_WS = libws.a INCLUDE = include CFLAGS += -Wall -Wextra -O2 CFLAGS += -I $(INCLUDE) -std=c99 -pedantic -LDLIBS = $(LIB_WS) -pthread +LDLIBS = $(LIB_WS) -pthread -lssl -lcrypto ARFLAGS = cru MCSS_DIR ?= /usr/bin/ MANPAGES = doc/man/man3 diff --git a/certs/localhost.crt b/certs/localhost.crt new file mode 100644 index 0000000..020a18c --- /dev/null +++ b/certs/localhost.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDzCCAfegAwIBAgIUOBsdLqSiHICAenBcLw1Gd4GildkwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI0MTExNTA1MDg1OFoXDTI0MTIx +NTA1MDg1OFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAinMabl7EyoJLQkebJJaLfDv+23T1jQvHrHppHM6tGqhh +Fdx+RH568KJepc/cxiuhQEAUp3uYJqPCZm7LXTvnk4zk8zIASoIaMsyDJ4SdEsMe +h4jdALmaXJA89i6diiyhb46FDKE4pfj9xP1Zm6I3/o7b/gU30Do5g7ZVI2z6K+50 +tCCv4eovZ7ES18SDj6WpcutviQKaInJfUVy0+SH68hcf0P0x599LeplTFLNJBXIJ +WEd4JvpLQ02ENrjJQa3oQrD00FthiacEjOgEqHMMoruUdT8x8C2PmBn+JpzcDwC/ +99od5lOHPykokCcFo8eTrZarkSJrBuJ12qzJuDA5OQIDAQABo1kwVzAUBgNVHREE +DTALgglsb2NhbGhvc3QwCwYDVR0PBAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMB +MB0GA1UdDgQWBBRDZOrwgxsoDn8gmf1AZm7bEv0RDjANBgkqhkiG9w0BAQsFAAOC +AQEANMBeZjgqgFoZnAXoKJYSQgvjhATMUIOw/NnvqTlKKKBp5R7R2kOmb/XDgF7Z +0uQc7LRRy9diTVo3uUjlgFb2AfZMozqAqk0oIg2R6KdpMOWmce6j6BQEgtGEsHUx +WmvaSgrOimEMO8MG2Hf+sHWLifhFVsd5eZHEBVRkk6a8ydVTBtntNke2Mt1/99WC +qenTmGHe+WZ0YJouxeqyIpiTauKF1/YV2urQfSI3Dcu/fdUeoitiykp+7XEl8FZY +MUOQxgEMnHYOGhpSbyD6YeonUGse/OZswZNPTWRPhpRRjOE6S5oJDjyZtgI8vzIY +pm0FL5EJ4kRadxcCUx5WPN+KAA== +-----END CERTIFICATE----- diff --git a/certs/localhost.key b/certs/localhost.key new file mode 100644 index 0000000..75b6720 --- /dev/null +++ b/certs/localhost.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCKcxpuXsTKgktC +R5sklot8O/7bdPWNC8esemkczq0aqGEV3H5Efnrwol6lz9zGK6FAQBSne5gmo8Jm +bstdO+eTjOTzMgBKghoyzIMnhJ0Swx6HiN0AuZpckDz2Lp2KLKFvjoUMoTil+P3E +/Vmbojf+jtv+BTfQOjmDtlUjbPor7nS0IK/h6i9nsRLXxIOPpaly62+JApoicl9R +XLT5IfryFx/Q/THn30t6mVMUs0kFcglYR3gm+ktDTYQ2uMlBrehCsPTQW2GJpwSM +6ASocwyiu5R1PzHwLY+YGf4mnNwPAL/32h3mU4c/KSiQJwWjx5OtlquRImsG4nXa +rMm4MDk5AgMBAAECggEAAT3LN8BgiBbPPTDGbLdvWH2yuS3FKl63y318/gnB3lZy +aWdk1/Eg4dG44sh4eKvpOhng/YfziywmePPnHabE+qsVnfMdss1UFg7Eocjz/hgz +CMDSx3gCkPAnpcbw+W1RRL5sxbpX11AiWV7yq90yXpVSFmbeU18ER0CuJn9KhnSN +ZaK3CuyS1vwdUbk/vtE1cV/RkbNlHTLAwvSUrxUz/pKCjxSTluJf6OrvzJYmaYeV +g2Fcw5YBZwmXWic0TtZRc0jwuv1PgjqoLWkt/KcvGOJi9XlLl1BmSWWxTc9WRNN3 +8SbOZfbJTODb8RgZvwbbEZJfpjy2Ls+SGe18KiK98QKBgQC/78V9eliDJgKOkZvP +dgB+DdHBQFZmWw5L5SgoD6lYuHAKalJtdxoMHJvzsVerTkBTDH4MOaZALacGbSEi +TxVn7FHwBz3I5c8IUHeLn6Z+Sdvs0oFGCtVflR104sBIX5xR7uKl5Mp7p0lJ5C3T +ojEBg1ZvTRArgZBLiRe5jKjcsQKBgQC4qRRFdUu+oy3CCzUUIfFLmNQ4DOUisYC8 +zO8qp9iNaWi6a1iEvlUMRLv8GpJYbFFxCvu7IRuho1lR89N2WrdOrr9KhT604rkm +MUiZx/nPLNNOmw/LuApvKStj2jWGRbKfGjrrLDQITv8m2NO+jrHrxw5rmERiCVJr +4o/1YRmnCQKBgF7B3itDkp00z8BZDKZQqI+S/QI+ZClmPNmlSbz1dnKxo8bQlN8s +FLT0Dt4xqImPOVyG51fbwkMfBr26dMg+aOAEoLMysAMVya9eIpbQ+96PUj9J8b6F +rK/iq0dAhxNz+HXOzSB/oqOHhDwxpZo9EZqgn7SVRC1marmP9iGJ2vgRAoGAbAU0 +P4FjAqyv+r/Vl+ZXIZLQKc2ZSFcvaMI08e3npqlPwyVCTbyNQbT/hnUAwMr0RT1Y +jlnKsR4+BMuuGqDsdBGTAwO479Vk22ue/Z5WipO9NFFOxyvspqQdprah8t7Yo2uT +pbhg469aYJ4cF2+fsr3puJUFA5hSZ5vL/I2FlQkCgYANv8fNaei0EYfuP92lb+re +rpFjfpjP6ZNJjeWRoUHV7hP2IuSSscE7VFjGtzcebyhqAsJnEltAqaKU/iG+Z6tw +si+GI73cief/jVU7jPNmwSkSL2djptRG87W6mSRc0u+Bbni08mx2ocdtJYwkcDcr +Oe3L9UbIguutuWZ4d0rnqg== +-----END PRIVATE KEY----- diff --git a/examples/echo/echo.c b/examples/echo/echo.c index 058c3cc..96c160d 100644 --- a/examples/echo/echo.c +++ b/examples/echo/echo.c @@ -125,6 +125,8 @@ int main(void) */ .host = "0.0.0.0", .port = 8080, + .cert = "certs/localhost.crt", + .cert_key = "certs/localhost.key", .thread_loop = 0, .timeout_ms = 1000, .evs.onopen = &onopen, diff --git a/examples/echo/echo.html b/examples/echo/echo.html index dcac1cc..7db9196 100644 --- a/examples/echo/echo.html +++ b/examples/echo/echo.html @@ -121,9 +121,9 @@

wsServer

onclick="document.getElementById('txtServer').value='ws://localhost:8080'"> - - + +

diff --git a/include/ws.h b/include/ws.h index 900d03b..78e5b3b 100644 --- a/include/ws.h +++ b/include/ws.h @@ -280,6 +280,14 @@ extern "C" { * @brief Listening port */ uint16_t port; + /** + * @brief SSL certificate path (if any) (MUST to enable "wss") + */ + const char *cert; + /** + * @brief SSL private key path (if any) (MUST to enable "wss") + */ + const char *cert_key; /** * @brief Whether if the ws_socket() should create a new thread * and be non-blocking (1) or not (0). @@ -305,6 +313,8 @@ extern "C" { /* Internal usage. */ extern int get_handshake_accept(char *wsKey, unsigned char **dest); extern int get_handshake_response(char *hsrequest, char **hsresponse); + extern int ssl_init(const char *cert, const char *cert_key); + extern void ssl_end(void); /* External usage. */ extern char *ws_getaddress(ws_cli_conn_t client); diff --git a/src/ws.c b/src/ws.c index 7ee76a5..debf0b4 100644 --- a/src/ws.c +++ b/src/ws.c @@ -26,6 +26,8 @@ #include #include #include +#include +#include /* clang-format off */ #ifndef _WIN32 @@ -59,6 +61,11 @@ typedef int socklen_t; * @brief wsServer main routines. */ +/** + * @brief SSL context + */ + SSL_CTX *ssl_ctx; + /** * @brief Client socks. */ @@ -88,6 +95,9 @@ struct ws_connection int32_t current_ping_id; pthread_mutex_t mtx_ping; + /* SSL */ + SSL *ssl; + /* Connection context */ void *connection_context; @@ -341,7 +351,7 @@ static ssize_t send_all( pthread_mutex_lock(&client->mtx_snd); while (len) { - r = send(client->client_sock, p, len, flags); + r = client->ssl ? SSL_write(client->ssl, p, len) : send(client->client_sock, p, len, flags); if (r == -1) { pthread_mutex_unlock(&client->mtx_snd); @@ -373,6 +383,14 @@ static void close_client(struct ws_connection *client, int lock) set_client_state(client, WS_STATE_CLOSED); + /* Close the client SSL instance */ + if (client->ssl) + { + printf("cerrando cliente\n"); + SSL_shutdown(client->ssl); + SSL_free(client->ssl); + } + close_socket(client->client_sock); /* Destroy client mutexes and clear fd 'slot'. */ @@ -656,7 +674,7 @@ static int ws_sendframe_internal(struct ws_connection *client, const char *msg, output = 0; if (client && port == 0) { - output = SEND(client, response, idx_response); + output = client->ssl ? SSL_write(client->ssl, response, idx_response) : SEND(client, response, idx_response); goto skip_broadcast; } @@ -671,7 +689,7 @@ static int ws_sendframe_internal(struct ws_connection *client, const char *msg, get_client_state(cli) == WS_STATE_OPEN && (cli->ws_srv.port == port)) { - if ((send_ret = SEND(cli, response, idx_response)) != -1) + if ((send_ret = cli->ssl ? SSL_write(cli->ssl, response, idx_response) : SEND(cli, response, idx_response)) != -1) output += send_ret; else { @@ -1027,7 +1045,7 @@ static int do_handshake(struct ws_frame_data *wfd) ssize_t n; /* Read/Write bytes. */ /* Read the very first client message. */ - if ((n = RECV(wfd->client, wfd->frm, sizeof(wfd->frm) - 1)) < 0) + if ((n = (wfd->client)->ssl ? SSL_read((wfd->client)->ssl, wfd->frm, sizeof(wfd->frm) - 1) : RECV(wfd->client, wfd->frm, sizeof(wfd->frm) - 1)) < 0) return (-1); /* Advance our pointers before the first next_byte(). */ @@ -1055,7 +1073,7 @@ static int do_handshake(struct ws_frame_data *wfd) response); /* Send handshake. */ - if (SEND(wfd->client, response, strlen(response)) < 0) + if (((wfd->client)->ssl ? SSL_write((wfd->client)->ssl, response, strlen(response)) : SEND(wfd->client, response, strlen(response))) < 0) { free(response); DEBUG("As error has occurred while handshaking!\n"); @@ -1182,7 +1200,7 @@ static inline int next_byte(struct ws_frame_data *wfd) /* If empty or full. */ if (wfd->cur_pos == 0 || wfd->cur_pos == wfd->amt_read) { - if ((n = RECV(wfd->client, wfd->frm, sizeof(wfd->frm))) <= 0) + if ((n = (wfd->client)->ssl ? SSL_read((wfd->client)->ssl, wfd->frm, sizeof(wfd->frm)) : RECV(wfd->client, wfd->frm, sizeof(wfd->frm))) <= 0) { wfd->error = 1; DEBUG("An error has occurred while trying to read next byte\n"); @@ -1884,6 +1902,20 @@ static void *ws_accept(void *data) client_socks[i].client_id = get_next_cid(); set_client_address(&client_socks[i]); + /* Accept the SSL instance */ + client_socks[i].ssl = 0; + if (ssl_ctx) + { + SSL *cli_ssl = SSL_new(ssl_ctx); + if (SSL_set_fd(cli_ssl, new_sock)) + { + if (SSL_accept(cli_ssl)) + { + client_socks[i].ssl = cli_ssl; + } + } + } + if (pthread_mutex_init(&client_socks[i].mtx_state, NULL)) panic("Error on allocating close mutex"); if (pthread_cond_init(&client_socks[i].cnd_state_close, NULL)) @@ -1910,6 +1942,11 @@ static void *ws_accept(void *data) close_socket(new_sock); } + if (ssl_ctx) + { + SSL_CTX_free(ssl_ctx); + } + free(data); return (data); } @@ -2022,6 +2059,12 @@ int ws_socket(struct ws_server *ws_srv) setvbuf(stdout, NULL, _IONBF, 0); #endif + /* Initialize SSL context */ + if (ssl_init(ws_srv->cert, ws_srv->cert_key)) + { + panic("Unable to initialize SSL context!"); + } + /* Create socket and bind. */ sock = do_bind_socket(ws_srv); @@ -2099,3 +2142,63 @@ int ws_file(struct ws_events *evs, const char *file) return (0); } #endif + +/** + * @brief Initialization of the SSL functions + * + * @param cert path to the certificate (.pem). + * + * @param cert_key path to the certificate key (.pem). + * + * @return nothing + * + */ +int ssl_init(const char *cert, const char *cert_key) +{ + ssl_ctx = 0; + + if (!cert || !cert_key) + { + printf("SSL DISABLED\n"); + return 0; + } + + if (!*cert || !*cert_key) + { + return -1; + } + + const SSL_METHOD *method; + + method = TLS_server_method(); + + ssl_ctx = SSL_CTX_new(method); + if (!ssl_ctx) + { + return -1; + } + + /* Configure the context of SSL session */ + if (SSL_CTX_use_certificate_file(ssl_ctx, cert, SSL_FILETYPE_PEM) <= 0 || + SSL_CTX_use_PrivateKey_file(ssl_ctx, cert_key, SSL_FILETYPE_PEM) <= 0) + { + return -1; + } + + atexit(ssl_end); + + printf("SSL ENABLED\n"); + + return 0; +} + +/** + * @brief Finalize the SSL session + * + * @return nothing + * + */ +void ssl_end(void) +{ + SSL_CTX_free(ssl_ctx); +} \ No newline at end of file From 56be0ebe257078eb328a3d7aa826cfea8a75028a Mon Sep 17 00:00:00 2001 From: David Martin Ferradas Date: Fri, 15 Nov 2024 11:24:10 +0100 Subject: [PATCH 2/4] Deleted a not needed log comment and disabled verbosity (DEBUGging settings). --- include/ws.h | 1 - src/ws.c | 1 - 2 files changed, 2 deletions(-) diff --git a/include/ws.h b/include/ws.h index 78e5b3b..933978b 100644 --- a/include/ws.h +++ b/include/ws.h @@ -209,7 +209,6 @@ extern "C" { /** * @brief Debug */ - #ifdef VERBOSE_MODE #define DEBUG(...) fprintf(stderr, __VA_ARGS__) #else #define DEBUG(...) diff --git a/src/ws.c b/src/ws.c index debf0b4..f1150ee 100644 --- a/src/ws.c +++ b/src/ws.c @@ -386,7 +386,6 @@ static void close_client(struct ws_connection *client, int lock) /* Close the client SSL instance */ if (client->ssl) { - printf("cerrando cliente\n"); SSL_shutdown(client->ssl); SSL_free(client->ssl); } From 4008d73b1683cbd2430dc238c118baaea4f6b52c Mon Sep 17 00:00:00 2001 From: David Martin Ferradas Date: Fri, 15 Nov 2024 11:57:52 +0100 Subject: [PATCH 3/4] Restore a deleted #ifdef --- include/ws.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/ws.h b/include/ws.h index 933978b..78e5b3b 100644 --- a/include/ws.h +++ b/include/ws.h @@ -209,6 +209,7 @@ extern "C" { /** * @brief Debug */ + #ifdef VERBOSE_MODE #define DEBUG(...) fprintf(stderr, __VA_ARGS__) #else #define DEBUG(...) From 8c77b0d141176a0d01dd8e4a545e5ad03ca39a24 Mon Sep 17 00:00:00 2001 From: David Martin Ferradas Date: Fri, 15 Nov 2024 12:52:32 +0100 Subject: [PATCH 4/4] Hardcore version. Intented for those that doesn't have support of SSL and must compile the "always" (`ws`) version. It is only a bit more difficult to read the code by the conditions, but same use and implpementation. --- Makefile | 1 + examples/echo/echo.c | 4 ++-- include/ws.h | 4 ++++ src/ws.c | 44 +++++++++++++++++++++++++++++++++++++++++++- 4 files changed, 50 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index fef8238..301780f 100644 --- a/Makefile +++ b/Makefile @@ -19,6 +19,7 @@ LIB_WS = libws.a INCLUDE = include CFLAGS += -Wall -Wextra -O2 CFLAGS += -I $(INCLUDE) -std=c99 -pedantic +#LDLIBS = $(LIB_WS) -pthread -lssl -lcrypto LDLIBS = $(LIB_WS) -pthread -lssl -lcrypto ARFLAGS = cru MCSS_DIR ?= /usr/bin/ diff --git a/examples/echo/echo.c b/examples/echo/echo.c index 96c160d..f176803 100644 --- a/examples/echo/echo.c +++ b/examples/echo/echo.c @@ -125,8 +125,8 @@ int main(void) */ .host = "0.0.0.0", .port = 8080, - .cert = "certs/localhost.crt", - .cert_key = "certs/localhost.key", + //.cert = "certs/localhost.crt", + //.cert_key = "certs/localhost.key", .thread_loop = 0, .timeout_ms = 1000, .evs.onopen = &onopen, diff --git a/include/ws.h b/include/ws.h index 78e5b3b..6d50312 100644 --- a/include/ws.h +++ b/include/ws.h @@ -280,6 +280,7 @@ extern "C" { * @brief Listening port */ uint16_t port; +#ifdef ENABLE_SSL /** * @brief SSL certificate path (if any) (MUST to enable "wss") */ @@ -288,6 +289,7 @@ extern "C" { * @brief SSL private key path (if any) (MUST to enable "wss") */ const char *cert_key; +#endif /** * @brief Whether if the ws_socket() should create a new thread * and be non-blocking (1) or not (0). @@ -313,8 +315,10 @@ extern "C" { /* Internal usage. */ extern int get_handshake_accept(char *wsKey, unsigned char **dest); extern int get_handshake_response(char *hsrequest, char **hsresponse); +#ifdef ENABLE_SSL extern int ssl_init(const char *cert, const char *cert_key); extern void ssl_end(void); +#endif /* External usage. */ extern char *ws_getaddress(ws_cli_conn_t client); diff --git a/src/ws.c b/src/ws.c index f1150ee..355051e 100644 --- a/src/ws.c +++ b/src/ws.c @@ -14,6 +14,7 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see */ +//#define ENABLE_SSL #define _POSIX_C_SOURCE 200809L #include #include @@ -26,8 +27,11 @@ #include #include #include + +#ifdef ENABLE_SSL #include #include +#endif /* clang-format off */ #ifndef _WIN32 @@ -61,10 +65,12 @@ typedef int socklen_t; * @brief wsServer main routines. */ +#ifdef ENABLE_SSL /** * @brief SSL context */ SSL_CTX *ssl_ctx; +#endif /** * @brief Client socks. @@ -95,8 +101,10 @@ struct ws_connection int32_t current_ping_id; pthread_mutex_t mtx_ping; +#ifdef ENABLE_SSL /* SSL */ SSL *ssl; +#endif /* Connection context */ void *connection_context; @@ -351,7 +359,11 @@ static ssize_t send_all( pthread_mutex_lock(&client->mtx_snd); while (len) { +#ifdef ENABLE_SSL r = client->ssl ? SSL_write(client->ssl, p, len) : send(client->client_sock, p, len, flags); +#else + r = send(client->client_sock, p, len, flags); +#endif if (r == -1) { pthread_mutex_unlock(&client->mtx_snd); @@ -383,12 +395,14 @@ static void close_client(struct ws_connection *client, int lock) set_client_state(client, WS_STATE_CLOSED); +#ifdef ENABLE_SSL /* Close the client SSL instance */ if (client->ssl) { SSL_shutdown(client->ssl); SSL_free(client->ssl); } +#endif close_socket(client->client_sock); @@ -673,7 +687,11 @@ static int ws_sendframe_internal(struct ws_connection *client, const char *msg, output = 0; if (client && port == 0) { +#ifdef ENABLE_SSL output = client->ssl ? SSL_write(client->ssl, response, idx_response) : SEND(client, response, idx_response); +#else + output = SEND(client, response, idx_response); +#endif goto skip_broadcast; } @@ -688,7 +706,11 @@ static int ws_sendframe_internal(struct ws_connection *client, const char *msg, get_client_state(cli) == WS_STATE_OPEN && (cli->ws_srv.port == port)) { +#ifdef ENABLE_SSL if ((send_ret = cli->ssl ? SSL_write(cli->ssl, response, idx_response) : SEND(cli, response, idx_response)) != -1) +#else + if ((send_ret = SEND(cli, response, idx_response)) != -1) +#endif output += send_ret; else { @@ -1044,7 +1066,11 @@ static int do_handshake(struct ws_frame_data *wfd) ssize_t n; /* Read/Write bytes. */ /* Read the very first client message. */ +#ifdef ENABLE_SSL if ((n = (wfd->client)->ssl ? SSL_read((wfd->client)->ssl, wfd->frm, sizeof(wfd->frm) - 1) : RECV(wfd->client, wfd->frm, sizeof(wfd->frm) - 1)) < 0) +#else + if ((n = RECV(wfd->client, wfd->frm, sizeof(wfd->frm) - 1)) < 0) +#endif return (-1); /* Advance our pointers before the first next_byte(). */ @@ -1072,7 +1098,11 @@ static int do_handshake(struct ws_frame_data *wfd) response); /* Send handshake. */ +#ifdef ENABLE_SSL if (((wfd->client)->ssl ? SSL_write((wfd->client)->ssl, response, strlen(response)) : SEND(wfd->client, response, strlen(response))) < 0) +#else + if ((SEND(wfd->client, response, strlen(response))) < 0) +#endif { free(response); DEBUG("As error has occurred while handshaking!\n"); @@ -1199,7 +1229,11 @@ static inline int next_byte(struct ws_frame_data *wfd) /* If empty or full. */ if (wfd->cur_pos == 0 || wfd->cur_pos == wfd->amt_read) { +#ifdef ENABLE_SSL if ((n = (wfd->client)->ssl ? SSL_read((wfd->client)->ssl, wfd->frm, sizeof(wfd->frm)) : RECV(wfd->client, wfd->frm, sizeof(wfd->frm))) <= 0) +#else + if ((n = RECV(wfd->client, wfd->frm, sizeof(wfd->frm))) <= 0) +#endif { wfd->error = 1; DEBUG("An error has occurred while trying to read next byte\n"); @@ -1901,6 +1935,7 @@ static void *ws_accept(void *data) client_socks[i].client_id = get_next_cid(); set_client_address(&client_socks[i]); +#ifdef ENABLE_SSL /* Accept the SSL instance */ client_socks[i].ssl = 0; if (ssl_ctx) @@ -1914,6 +1949,7 @@ static void *ws_accept(void *data) } } } +#endif if (pthread_mutex_init(&client_socks[i].mtx_state, NULL)) panic("Error on allocating close mutex"); @@ -1941,10 +1977,12 @@ static void *ws_accept(void *data) close_socket(new_sock); } +#ifdef ENABLE_SSL if (ssl_ctx) { SSL_CTX_free(ssl_ctx); } +#endif free(data); return (data); @@ -2058,11 +2096,13 @@ int ws_socket(struct ws_server *ws_srv) setvbuf(stdout, NULL, _IONBF, 0); #endif +#ifdef ENABLE_SSL /* Initialize SSL context */ if (ssl_init(ws_srv->cert, ws_srv->cert_key)) { panic("Unable to initialize SSL context!"); } +#endif /* Create socket and bind. */ sock = do_bind_socket(ws_srv); @@ -2142,6 +2182,7 @@ int ws_file(struct ws_events *evs, const char *file) } #endif +#ifdef ENABLE_SSL /** * @brief Initialization of the SSL functions * @@ -2200,4 +2241,5 @@ int ssl_init(const char *cert, const char *cert_key) void ssl_end(void) { SSL_CTX_free(ssl_ctx); -} \ No newline at end of file +} +#endif \ No newline at end of file