From 119244d9b13e84eb898f9fb97e83cac260c1a0b5 Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Fri, 4 Jan 2013 18:28:10 +0100
Subject: add basic tls support, todo: error handling

---
 main.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'main.c')

diff --git a/main.c b/main.c
index ce5123b..ab6fbb0 100644
--- a/main.c
+++ b/main.c
@@ -32,6 +32,7 @@
 #include <libubox/usock.h>
 
 #include "uhttpd.h"
+#include "tls.h"
 
 char uh_buf[4096];
 
@@ -190,11 +191,13 @@ static void fixup_prefix(char *str)
 
 int main(int argc, char **argv)
 {
+	const char *tls_key, *tls_crt;
 	bool nofork = false;
 	char *port;
 	int opt, ch;
 	int cur_fd;
 	int bound = 0;
+	int n_tls = 0;
 
 	BUILD_BUG_ON(sizeof(uh_buf) < PATH_MAX);
 
@@ -207,6 +210,7 @@ int main(int argc, char **argv)
 
 		switch(ch) {
 		case 's':
+			n_tls++;
 			tls = true;
 			/* fall through */
 		case 'p':
@@ -324,6 +328,13 @@ int main(int argc, char **argv)
 			conf.file = optarg;
 			break;
 
+		case 'C':
+			tls_crt = optarg;
+			break;
+
+		case 'K':
+			tls_key = optarg;
+			break;
 		default:
 			return usage(argv[0]);
 		}
@@ -336,6 +347,22 @@ int main(int argc, char **argv)
 		return 1;
 	}
 
+	if (n_tls) {
+		if (!tls_crt || !tls_key) {
+			fprintf(stderr, "Please specify a certificate and "
+					"a key file to enable SSL support\n");
+			return 1;
+		}
+
+#ifdef HAVE_TLS
+		if (uh_tls_init(tls_key, tls_crt))
+		    return 1;
+#else
+		fprintf(stderr, "Error: TLS support not compiled in.\n");
+		return 1;
+#endif
+	}
+
 	/* fork (if not disabled) */
 	if (!nofork) {
 		switch (fork()) {
-- 
cgit v1.2.3