mirror of
https://github.com/cesanta/mongoose.git
synced 2024-11-24 11:09:01 +08:00
Update http server example to showcase SSL
This commit is contained in:
parent
82a378e519
commit
04450ec659
@ -31,7 +31,7 @@ int main(int argc, char *argv[]) {
|
||||
struct mg_connection *c = mg_http_connect(&mgr, argv[1], fn, &done);
|
||||
if (c != NULL) {
|
||||
mg_printf(c, "GET %s HTTP/1.0\r\n\r\n", mg_url_uri(argv[1]));
|
||||
// If target URL is SSL/TLS, command client connection to use TLS
|
||||
// If target URL is https://, tell client connection to use TLS
|
||||
if (mg_url_is_ssl(argv[1])) {
|
||||
struct mg_tls_opts opts = {.ca = "ca.pem"};
|
||||
mg_tls_init(c, &opts);
|
||||
|
@ -1,5 +1,11 @@
|
||||
PROG ?= example
|
||||
|
||||
ifeq "$(MBEDTLS_DIR)" ""
|
||||
else
|
||||
CFLAGS += -DMG_ENABLE_MBEDTLS=1 -I$(MBEDTLS_DIR)/include -I/usr/include
|
||||
CFLAGS += -L$(MBEDTLS_DIR)/lib -lmbedtls -lmbedcrypto -lmbedx509
|
||||
endif
|
||||
|
||||
all: $(PROG)
|
||||
$(DEBUGGER) ./$(PROG) $(ARGS)
|
||||
|
||||
|
43
examples/http-restful-server/ca.pem
Normal file
43
examples/http-restful-server/ca.pem
Normal file
@ -0,0 +1,43 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number:
|
||||
11:2a:0e:3c:6a:8c:85:ff:6e:6a:bc:db:95:51:70:ce:b4:30:78:c7
|
||||
Signature Algorithm: ecdsa-with-SHA256
|
||||
Issuer: C = IE, L = Dublin, O = Cesanta, CN = Test Root
|
||||
Validity
|
||||
Not Before: May 9 21:51:44 2020 GMT
|
||||
Not After : May 9 21:51:44 2050 GMT
|
||||
Subject: C = IE, L = Dublin, O = Cesanta, CN = Test Root
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: id-ecPublicKey
|
||||
Public-Key: (256 bit)
|
||||
pub:
|
||||
04:2c:ab:d1:02:66:24:96:d7:12:3e:09:50:4f:f1:
|
||||
50:ee:51:e8:55:03:5e:ba:b1:1d:98:b2:72:79:27:
|
||||
a8:1b:31:0d:5d:50:21:ff:42:f2:da:74:17:5e:53:
|
||||
b2:65:41:c1:fc:84:de:4a:11:b9:8c:f4:19:d9:c4:
|
||||
ca:2b:ea:eb:2c
|
||||
ASN1 OID: prime256v1
|
||||
NIST CURVE: P-256
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
X509v3 Key Usage:
|
||||
Digital Signature, Key Encipherment, Key Agreement, Certificate Sign, CRL Sign
|
||||
Signature Algorithm: ecdsa-with-SHA256
|
||||
30:46:02:21:00:9c:71:6c:00:8c:06:41:0c:91:2f:cd:41:d3:
|
||||
87:47:e9:df:3a:22:ad:25:7c:bf:0e:2b:39:dd:7a:0c:4e:68:
|
||||
1d:02:21:00:8f:c1:22:30:10:61:5d:51:10:ea:08:2d:02:63:
|
||||
67:67:32:b5:06:63:96:57:bb:78:47:0a:88:d9:19:2e:f3:be
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIBqjCCAU+gAwIBAgIUESoOPGqMhf9uarzblVFwzrQweMcwCgYIKoZIzj0EAwIw
|
||||
RDELMAkGA1UEBhMCSUUxDzANBgNVBAcMBkR1YmxpbjEQMA4GA1UECgwHQ2VzYW50
|
||||
YTESMBAGA1UEAwwJVGVzdCBSb290MCAXDTIwMDUwOTIxNTE0NFoYDzIwNTAwNTA5
|
||||
MjE1MTQ0WjBEMQswCQYDVQQGEwJJRTEPMA0GA1UEBwwGRHVibGluMRAwDgYDVQQK
|
||||
DAdDZXNhbnRhMRIwEAYDVQQDDAlUZXN0IFJvb3QwWTATBgcqhkjOPQIBBggqhkjO
|
||||
PQMBBwNCAAQsq9ECZiSW1xI+CVBP8VDuUehVA166sR2YsnJ5J6gbMQ1dUCH/QvLa
|
||||
dBdeU7JlQcH8hN5KEbmM9BnZxMor6ussox0wGzAMBgNVHRMEBTADAQH/MAsGA1Ud
|
||||
DwQEAwIBrjAKBggqhkjOPQQDAgNJADBGAiEAnHFsAIwGQQyRL81B04dH6d86Iq0l
|
||||
fL8OKzndegxOaB0CIQCPwSIwEGFdURDqCC0CY2dnMrUGY5ZXu3hHCojZGS7zvg==
|
||||
-----END CERTIFICATE-----
|
@ -1,9 +1,14 @@
|
||||
// Copyright (c) 2020 Cesanta Software Limited
|
||||
// All rights reserved
|
||||
//
|
||||
// To enable SSL/TLS,
|
||||
// 1. Change s_listen_on from http:// to https://
|
||||
// 2. make MBEDTLS_DIR=/path/to/your/mbedtls/installation
|
||||
// 3. curl -k https://127.0.0.1:8000
|
||||
|
||||
#include "mongoose.h"
|
||||
|
||||
static const char *s_listen_on = "http://localhost:8000";
|
||||
static const char *s_listen_on = "https://localhost:8000";
|
||||
static const char *s_web_directory = ".";
|
||||
|
||||
// This RESTful server implements the following endpoints:
|
||||
@ -11,7 +16,15 @@ static const char *s_web_directory = ".";
|
||||
// /api/f2/:id - wildcard example, respond with JSON string {"result": "URI"}
|
||||
// any other URI serves static files from s_web_directory
|
||||
static void fn(struct mg_connection *c, int ev, void *ev_data, void *fn_data) {
|
||||
if (ev == MG_EV_HTTP_MSG) {
|
||||
if (ev == MG_EV_ACCEPT && mg_url_is_ssl(s_listen_on)) {
|
||||
// If s_listen_on URL is https://, tell listening connection to use TLS
|
||||
struct mg_tls_opts opts = {
|
||||
//.ca = "ca.pem", // Uncomment to enable two-way SSL
|
||||
.cert = "server.pem", // Certificate PEM file
|
||||
.certkey = "server.pem", // This pem conains both cert and key
|
||||
};
|
||||
mg_tls_init(c, &opts);
|
||||
} else if (ev == MG_EV_HTTP_MSG) {
|
||||
struct mg_http_message *hm = (struct mg_http_message *) ev_data;
|
||||
if (mg_http_match_uri(hm, "/api/f1")) {
|
||||
mg_http_reply(c, 200, "", "{\"result\": %d}\n", 123); // Serve REST
|
||||
@ -27,6 +40,7 @@ static void fn(struct mg_connection *c, int ev, void *ev_data, void *fn_data) {
|
||||
|
||||
int main(void) {
|
||||
struct mg_mgr mgr; // Event manager
|
||||
mg_log_set("2"); // Set to 3 to enable debug
|
||||
mg_mgr_init(&mgr); // Initialise event manager
|
||||
mg_http_listen(&mgr, s_listen_on, fn, NULL); // Create HTTP listener
|
||||
for (;;) mg_mgr_poll(&mgr, 1000); // Infinite event loop
|
||||
|
50
examples/http-restful-server/server.pem
Normal file
50
examples/http-restful-server/server.pem
Normal file
@ -0,0 +1,50 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number:
|
||||
6e:73:28:55:df:13:b5:61:f5:4f:4f:5d:00:d9:0a:d8:b5:3a:21:4b
|
||||
Signature Algorithm: ecdsa-with-SHA256
|
||||
Issuer: C = IE, L = Dublin, O = Cesanta, CN = Test Root
|
||||
Validity
|
||||
Not Before: May 9 21:51:49 2020 GMT
|
||||
Not After : May 9 21:51:49 2030 GMT
|
||||
Subject: CN = server
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: id-ecPublicKey
|
||||
Public-Key: (256 bit)
|
||||
pub:
|
||||
04:92:e0:46:9c:89:c3:37:a9:74:eb:35:55:43:55:
|
||||
5c:ac:eb:c7:e4:50:ee:f4:c0:ba:17:02:5c:d9:ed:
|
||||
b4:d4:ff:21:12:9a:b4:43:f4:89:4b:69:e4:6d:2b:
|
||||
96:1f:fc:01:4d:30:5a:79:73:76:ba:19:41:cc:c5:
|
||||
16:2b:bf:74:28
|
||||
ASN1 OID: prime256v1
|
||||
NIST CURVE: P-256
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Key Usage:
|
||||
Digital Signature, Key Encipherment, Key Agreement
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication
|
||||
Signature Algorithm: ecdsa-with-SHA256
|
||||
30:46:02:21:00:fa:3a:c7:1e:cb:8c:27:59:41:8d:77:dd:7b:
|
||||
cb:8c:08:15:16:b9:6e:70:e6:47:38:d1:55:42:e0:d7:66:c8:
|
||||
f0:02:21:00:cc:70:4d:96:28:00:d3:c7:39:53:74:b2:49:87:
|
||||
27:92:1b:ab:1a:0e:74:06:59:42:23:47:98:43:d8:20:a7:fa
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIBhzCCASygAwIBAgIUbnMoVd8TtWH1T09dANkK2LU6IUswCgYIKoZIzj0EAwIw
|
||||
RDELMAkGA1UEBhMCSUUxDzANBgNVBAcMBkR1YmxpbjEQMA4GA1UECgwHQ2VzYW50
|
||||
YTESMBAGA1UEAwwJVGVzdCBSb290MB4XDTIwMDUwOTIxNTE0OVoXDTMwMDUwOTIx
|
||||
NTE0OVowETEPMA0GA1UEAwwGc2VydmVyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
|
||||
QgAEkuBGnInDN6l06zVVQ1VcrOvH5FDu9MC6FwJc2e201P8hEpq0Q/SJS2nkbSuW
|
||||
H/wBTTBaeXN2uhlBzMUWK790KKMvMC0wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gw
|
||||
EwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAwRgIhAPo6xx7LjCdZ
|
||||
QY133XvLjAgVFrlucOZHONFVQuDXZsjwAiEAzHBNligA08c5U3SySYcnkhurGg50
|
||||
BllCI0eYQ9ggp/o=
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglNni0t9Dg9icgG8w
|
||||
kbfxWSS+TuNgbtNybIQXcm3NHpmhRANCAASS4EacicM3qXTrNVVDVVys68fkUO70
|
||||
wLoXAlzZ7bTU/yESmrRD9IlLaeRtK5Yf/AFNMFp5c3a6GUHMxRYrv3Qo
|
||||
-----END PRIVATE KEY-----
|
@ -2597,8 +2597,7 @@ static void accept_conn(struct mg_mgr *mgr, struct mg_connection *lsn) {
|
||||
socklen_t sa_len = sizeof(usa.sin);
|
||||
SOCKET fd = accept(FD(lsn), &usa.sa, &sa_len);
|
||||
if (fd == INVALID_SOCKET) {
|
||||
LOG(LL_ERROR,
|
||||
("%p accept(%d) failed, errno %d", lsn->fd, FD(lsn), MG_SOCK_ERRNO));
|
||||
LOG(LL_ERROR, ("%p accept failed, errno %d", lsn->fd, MG_SOCK_ERRNO));
|
||||
#if !defined(_WIN32)
|
||||
} else if (fd >= FD_SETSIZE) {
|
||||
LOG(LL_ERROR, ("%ld > %ld", (long) fd, (long) FD_SETSIZE));
|
||||
|
@ -329,8 +329,7 @@ static void accept_conn(struct mg_mgr *mgr, struct mg_connection *lsn) {
|
||||
socklen_t sa_len = sizeof(usa.sin);
|
||||
SOCKET fd = accept(FD(lsn), &usa.sa, &sa_len);
|
||||
if (fd == INVALID_SOCKET) {
|
||||
LOG(LL_ERROR,
|
||||
("%p accept(%d) failed, errno %d", lsn->fd, FD(lsn), MG_SOCK_ERRNO));
|
||||
LOG(LL_ERROR, ("%p accept failed, errno %d", lsn->fd, MG_SOCK_ERRNO));
|
||||
#if !defined(_WIN32)
|
||||
} else if (fd >= FD_SETSIZE) {
|
||||
LOG(LL_ERROR, ("%ld > %ld", (long) fd, (long) FD_SETSIZE));
|
||||
|
Loading…
Reference in New Issue
Block a user