diff --git a/src/frontend/sock.c b/src/frontend/sock.c
index c9d28b1bf16365fa4c86853fc4b74a54a9da0bc4..1f3ec5fd74b70ee903a68ce8678bd2fb69c4a87b 100644 (file)
--- a/src/frontend/sock.c
+++ b/src/frontend/sock.c
int type;
/* optional SSL settings */
int type;
/* optional SSL settings */
+ sdb_ssl_options_t ssl_opts;
sdb_ssl_server_t *ssl;
/* listener configuration */
sdb_ssl_server_t *ssl;
/* listener configuration */
assert(listener);
assert(listener);
- /* TODO: make options configurable */
- listener->ssl = sdb_ssl_server_create(NULL);
+ listener->ssl = sdb_ssl_server_create(&listener->ssl_opts);
if (! listener->ssl)
return -1;
if (! listener->ssl)
return -1;
listener->address, sdb_strerror(errno, buf, sizeof(buf)));
return -1;
}
listener->address, sdb_strerror(errno, buf, sizeof(buf)));
return -1;
}
+ sdb_log(SDB_LOG_INFO, "frontend: Listening on %s", listener->address);
return 0;
} /* listener_listen */
return 0;
} /* listener_listen */
return impl->type;
}
}
return impl->type;
}
}
- return -1;
+ /* don't report an error, this could be an IPv6 address */
+ return listener_impls[0].type;
} /* get_type */
static void
} /* get_type */
static void
return;
listener_close(listener);
return;
listener_close(listener);
+ sdb_ssl_free_options(&listener->ssl_opts);
if (listener->address)
free(listener->address);
if (listener->address)
free(listener->address);
if ((! strncmp(address, listener_impls[type].prefix, len))
&& (address[len] == ':'))
address += strlen(listener_impls[type].prefix) + 1;
if ((! strncmp(address, listener_impls[type].prefix, len))
&& (address[len] == ':'))
address += strlen(listener_impls[type].prefix) + 1;
+ memset(listener, 0, sizeof(*listener));
listener->sock_fd = -1;
listener->address = strdup(address);
listener->sock_fd = -1;
listener->address = strdup(address);
listener->setup = NULL;
listener->ssl = NULL;
listener->setup = NULL;
listener->ssl = NULL;
- if (listener_impls[type].open(listener)) {
- /* prints error */
- listener_destroy(listener);
- return NULL;
- }
-
++sock->listeners_num;
return listener;
} /* listener_create */
++sock->listeners_num;
return listener;
} /* listener_create */
"connection %s to list of open connections",
SDB_OBJ(conn)->name);
}
"connection %s to list of open connections",
SDB_OBJ(conn)->name);
}
- write(sock->trigger[TRIGGER_WRITE], "", 1);
+ if (write(sock->trigger[TRIGGER_WRITE], "", 1) <= 0) {
+ /* This shouldn't happen and it's not critical; in the worst cases
+ * it slows us down. */
+ sdb_log(SDB_LOG_WARNING, "frontend: Failed to trigger main loop");
+ }
/* pass ownership back to list; or destroy in case of an error */
sdb_object_deref(SDB_OBJ(conn));
/* pass ownership back to list; or destroy in case of an error */
sdb_object_deref(SDB_OBJ(conn));
} /* sdb_fe_sock_destroy */
int
} /* sdb_fe_sock_destroy */
int
-sdb_fe_sock_add_listener(sdb_fe_socket_t *sock, const char *address)
+sdb_fe_sock_add_listener(sdb_fe_socket_t *sock, const char *address,
+ const sdb_ssl_options_t *opts)
{
listener_t *listener;
{
listener_t *listener;
listener = listener_create(sock, address);
if (! listener)
return -1;
listener = listener_create(sock, address);
if (! listener)
return -1;
+
+ if (opts) {
+ int ret = 0;
+
+ if (opts->ca_file) {
+ listener->ssl_opts.ca_file = strdup(opts->ca_file);
+ if (! listener->ssl_opts.ca_file)
+ ret = -1;
+ }
+ if (opts->key_file) {
+ listener->ssl_opts.key_file = strdup(opts->key_file);
+ if (! listener->ssl_opts.key_file)
+ ret = -1;
+ }
+ if (opts->cert_file) {
+ listener->ssl_opts.cert_file = strdup(opts->cert_file);
+ if (! listener->ssl_opts.cert_file)
+ ret = -1;
+ }
+ if (opts->crl_file) {
+ listener->ssl_opts.crl_file = strdup(opts->crl_file);
+ if (! listener->ssl_opts.crl_file)
+ ret = -1;
+ }
+
+ if (ret) {
+ listener_destroy(listener);
+ --sock->listeners_num;
+ return ret;
+ }
+ }
+
+ if (listener_impls[listener->type].open(listener)) {
+ /* prints error */
+ listener_destroy(listener);
+ --sock->listeners_num;
+ return -1;
+ }
return 0;
} /* sdb_fe_sock_add_listener */
return 0;
} /* sdb_fe_sock_add_listener */