Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

uhttpd: move Lua and TLS support into loadable plugins

Browse source
This commit is contained in:
Jo-Philipp Wich 2010-03-25 02:04:50 +00:00
parent a6722be769
commit af4611d4e0
9 changed files with 234 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
contrib/package/uhttpd/Makefile
View file

@ -14,11 +14,15 @@ PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
define Package/uhttpd define Package/uhttpd/default
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
TITLE:=uHTTPd - tiny, single threaded HTTP server TITLE:=uHTTPd - tiny, single threaded HTTP server
DEPENDS:=+liblua +libcyassl +zlib endef
define Package/uhttpd
$(Package/uhttpd/default)
MENU:=1
endef endef
define Package/uhttpd/description define Package/uhttpd/description
@ -27,6 +31,29 @@ define Package/uhttpd/description
HTTP daemon. HTTP daemon.
endef endef
define Package/uhttpd-mod-tls
$(Package/uhttpd/default)
TITLE+= (TLS plugin)
DEPENDS:=uhttpd +libcyassl
endef
define Package/uhttpd-mod-tls/description
The TLS plugin adds HTTPS support to uHTTPd.
endef
define Package/uhttpd-mod-lua
$(Package/uhttpd/default)
TITLE+= (Lua plugin)
DEPENDS:=uhttpd +liblua
endef
define Package/uhttpd-mod-lua/description
The Lua plugin adds a CGI-like Lua runtime interface to uHTTPd.
endef
# hack to use CyASSL headers # hack to use CyASSL headers
TARGET_CFLAGS += -I$(firstword $(wildcard $(BUILD_DIR)/cyassl-*/include)) TARGET_CFLAGS += -I$(firstword $(wildcard $(BUILD_DIR)/cyassl-*/include))
@ -48,4 +75,17 @@ define Package/uhttpd/install
$(INSTALL_BIN) $(PKG_BUILD_DIR)/uhttpd $(1)/usr/sbin/uhttpd $(INSTALL_BIN) $(PKG_BUILD_DIR)/uhttpd $(1)/usr/sbin/uhttpd
endef endef
define Package/uhttpd-mod-tls/install
$(INSTALL_DIR) $(1)/usr/lib
$(INSTALL_BIN) $(PKG_BUILD_DIR)/uhttpd_tls.so $(1)/usr/lib/
endef
define Package/uhttpd-mod-lua/install
$(INSTALL_DIR) $(1)/usr/lib
$(INSTALL_BIN) $(PKG_BUILD_DIR)/uhttpd_lua.so $(1)/usr/lib/
endef
$(eval $(call BuildPackage,uhttpd)) $(eval $(call BuildPackage,uhttpd))
$(eval $(call BuildPackage,uhttpd-mod-tls))
$(eval $(call BuildPackage,uhttpd-mod-lua))

42
contrib/package/uhttpd/src/Makefile
View file

@ -3,36 +3,50 @@ LUA_SUPPORT ?= 1
TLS_SUPPORT ?= 1 TLS_SUPPORT ?= 1
CFLAGS ?= -I./lua-5.1.4/src -I./cyassl-1.4.0/include -O0 -ggdb3 CFLAGS ?= -I./lua-5.1.4/src -I./cyassl-1.4.0/include -O0 -ggdb3
LDFLAGS ?= -L./lua-5.1.4/src -L./cyassl-1.4.0/src/.libs -lm LDFLAGS ?= -L./lua-5.1.4/src -L./cyassl-1.4.0/src/.libs
CFLAGS += -Wall --std=gnu99 CFLAGS += -Wall --std=gnu99
LDFLAGS += -lm -lcrypt
OBJ = uhttpd.o uhttpd-file.o uhttpd-utils.o OBJ = uhttpd.o uhttpd-file.o uhttpd-utils.o
LIB = -Wl,--export-dynamic -lcrypt -ldl
TLSLIB =
LUALIB =
world: compile
ifeq ($(CGI_SUPPORT),1) ifeq ($(CGI_SUPPORT),1)
OBJ += uhttpd-cgi.o OBJ += uhttpd-cgi.o
CFLAGS += -DHAVE_CGI CFLAGS += -DHAVE_CGI
endif endif
ifeq ($(LUA_SUPPORT),1) ifeq ($(LUA_SUPPORT),1)
OBJ += uhttpd-lua.o CFLAGS += -DHAVE_LUA
CFLAGS += -DHAVE_LUA LUALIB = uhttpd_lua.so
LDFLAGS += -ldl -llua
$(LUALIB): uhttpd-lua.c
$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
-shared -lm -llua -ldl \
-o $(LUALIB) uhttpd-lua.c
endif endif
ifeq ($(TLS_SUPPORT),1) ifeq ($(TLS_SUPPORT),1)
OBJ += uhttpd-tls.o CFLAGS += -DHAVE_TLS
CFLAGS += -DHAVE_TLS TLSLIB = uhttpd_tls.so
LDFLAGS += -lpthread -lz -lcyassl
$(TLSLIB): uhttpd-tls.c
$(CC) $(CFLAGS) $(LDFLAGS) $(FPIC) \
-shared -lcyassl \
-o $(TLSLIB) uhttpd-tls.c
endif endif
%.o: %.c %.o: %.c
$(CC) $(CFLAGS) -c -o $@ $< $(CC) $(CFLAGS) -c -o $@ $<
compile: $(OBJ) compile: $(OBJ) $(TLSLIB) $(LUALIB)
$(CC) -o uhttpd $(LDFLAGS) $(OBJ) $(CC) -o uhttpd $(LDFLAGS) $(LIB) $(OBJ)
clean: clean:
rm -f *.o uhttpd rm -f *.o *.so uhttpd

6
contrib/package/uhttpd/src/uhttpd-lua.c
View file

@ -533,3 +533,9 @@ void uh_lua_request(struct client *cl, struct http_request *req, lua_State *L)
} }
} }
void uh_lua_close(lua_State *L)
{
lua_close(L);
}

2
contrib/package/uhttpd/src/uhttpd-lua.h
View file

@ -38,4 +38,6 @@ void uh_lua_request(
struct client *cl, struct http_request *req, lua_State *L struct client *cl, struct http_request *req, lua_State *L
); );
void uh_lua_close(lua_State *L);
#endif #endif

22
contrib/package/uhttpd/src/uhttpd-tls.c
View file

@ -33,6 +33,16 @@ SSL_CTX * uh_tls_ctx_init()
return c; return c;
} }
int uh_tls_ctx_cert(SSL_CTX *c, const char *file)
{
return SSL_CTX_use_certificate_file(c, file, SSL_FILETYPE_ASN1);
}
int uh_tls_ctx_key(SSL_CTX *c, const char *file)
{
return SSL_CTX_use_PrivateKey_file(c, file, SSL_FILETYPE_ASN1);
}
void uh_tls_ctx_free(struct listener *l) void uh_tls_ctx_free(struct listener *l)
{ {
SSL_CTX_free(l->tls); SSL_CTX_free(l->tls);
@ -48,6 +58,16 @@ void uh_tls_client_accept(struct client *c)
} }
} }
int uh_tls_client_recv(struct client *c, void *buf, int len)
{
return SSL_read(c->tls, buf, len);
}
int uh_tls_client_send(struct client *c, void *buf, int len)
{
return SSL_write(c->tls, buf, len);
}
void uh_tls_client_close(struct client *c) void uh_tls_client_close(struct client *c)
{ {
if( c->tls ) if( c->tls )
@ -58,3 +78,5 @@ void uh_tls_client_close(struct client *c)
c->tls = NULL; c->tls = NULL;
} }
} }

6
contrib/package/uhttpd/src/uhttpd-tls.h
View file

@ -22,9 +22,13 @@
SSL_CTX * uh_tls_ctx_init(); SSL_CTX * uh_tls_ctx_init();
int uh_tls_ctx_cert(SSL_CTX *c, const char *file);
int uh_tls_ctx_key(SSL_CTX *c, const char *file);
void uh_tls_ctx_free(struct listener *l); void uh_tls_ctx_free(struct listener *l);
void uh_tls_client_accept(struct client *c); void uh_tls_client_accept(struct client *c);
int uh_tls_client_recv(struct client *c, void *buf, int len);
int uh_tls_client_send(struct client *c, void *buf, int len);
void uh_tls_client_close(struct client *c); void uh_tls_client_close(struct client *c);
#endif #endif

4
contrib/package/uhttpd/src/uhttpd-utils.c
View file

@ -104,7 +104,7 @@ int uh_tcp_send(struct client *cl, const char *buf, int len)
{ {
#ifdef HAVE_TLS #ifdef HAVE_TLS
if( cl->tls ) if( cl->tls )
return SSL_write(cl->tls, buf, len); return cl->server->conf->tls_send(cl, (void *)buf, len);
else else
#endif #endif
return send(cl->socket, buf, len, 0); return send(cl->socket, buf, len, 0);
@ -147,7 +147,7 @@ int uh_tcp_recv(struct client *cl, char *buf, int len)
{ {
#ifdef HAVE_TLS #ifdef HAVE_TLS
if( cl->tls ) if( cl->tls )
rsz = SSL_read(cl->tls, (void *)&buf[sz], len); rsz = cl->server->conf->tls_recv(cl, (void *)&buf[sz], len);
else else
#endif #endif
rsz = recv(cl->socket, (void *)&buf[sz], len, 0); rsz = recv(cl->socket, (void *)&buf[sz], len, 0);

133
contrib/package/uhttpd/src/uhttpd.c
View file

@ -417,6 +417,10 @@ int main (int argc, char **argv)
char bind[128]; char bind[128];
char *port = NULL; char *port = NULL;
/* library handles */
void *tls_lib;
void *lua_lib;
/* clear the master and temp sets */ /* clear the master and temp sets */
FD_ZERO(&used_fds); FD_ZERO(&used_fds);
FD_ZERO(&serv_fds); FD_ZERO(&serv_fds);
@ -445,11 +449,39 @@ int main (int argc, char **argv)
memset(bind, 0, sizeof(bind)); memset(bind, 0, sizeof(bind));
#ifdef HAVE_TLS #ifdef HAVE_TLS
/* init SSL context */ /* load TLS plugin */
if( ! (conf.tls = uh_tls_ctx_init()) ) if( ! (tls_lib = dlopen("uhttpd_tls.so", RTLD_LAZY | RTLD_GLOBAL)) )
{ {
fprintf(stderr, "Failed to initalize SSL context\n"); fprintf(stderr,
exit(1); "Notice: Unable to load TLS plugin - disabling SSL support! "
"(Reason: %s)\n", dlerror()
);
}
else
{
/* resolve functions */
if( !(conf.tls_init = dlsym(tls_lib, "uh_tls_ctx_init")) ||
!(conf.tls_cert = dlsym(tls_lib, "uh_tls_ctx_cert")) ||
!(conf.tls_key = dlsym(tls_lib, "uh_tls_ctx_key")) ||
!(conf.tls_free = dlsym(tls_lib, "uh_tls_ctx_free")) ||
!(conf.tls_accept = dlsym(tls_lib, "uh_tls_client_accept")) ||
!(conf.tls_close = dlsym(tls_lib, "uh_tls_client_close")) ||
!(conf.tls_recv = dlsym(tls_lib, "uh_tls_client_recv")) ||
!(conf.tls_send = dlsym(tls_lib, "uh_tls_client_send"))
) {
fprintf(stderr,
"Error: Failed to lookup required symbols "
"in TLS plugin: %s\n", dlerror()
);
exit(1);
}
/* init SSL context */
if( ! (conf.tls = conf.tls_init()) )
{
fprintf(stderr, "Error: Failed to initalize SSL context\n");
exit(1);
}
} }
#endif #endif
@ -477,12 +509,23 @@ int main (int argc, char **argv)
} }
if( opt == 's' ) if( opt == 's' )
{
if( !conf.tls )
{
fprintf(stderr,
"Notice: TLS support is disabled, "
"ignoring '-s %s'\n", optarg
);
continue;
}
tls = 1; tls = 1;
}
/* bind sockets */ /* bind sockets */
bound += uh_socket_bind( bound += uh_socket_bind(
&serv_fds, &max_fd, bind[0] ? bind : NULL, port, &serv_fds, &max_fd, bind[0] ? bind : NULL, port,
&hints, tls, &conf &hints, (opt == 's'), &conf
); );
break; break;
@ -490,24 +533,34 @@ int main (int argc, char **argv)
#ifdef HAVE_TLS #ifdef HAVE_TLS
/* certificate */ /* certificate */
case 'C': case 'C':
if( SSL_CTX_use_certificate_file(conf.tls, optarg, SSL_FILETYPE_ASN1) < 1 ) if( conf.tls )
{ {
fprintf(stderr, "Invalid certificate file given\n"); if( conf.tls_cert(conf.tls, optarg) < 1 )
exit(1); {
fprintf(stderr,
"Error: Invalid certificate file given\n");
exit(1);
}
keys++;
} }
keys++;
break; break;
/* key */ /* key */
case 'K': case 'K':
if( SSL_CTX_use_PrivateKey_file(conf.tls, optarg, SSL_FILETYPE_ASN1) < 1 ) if( conf.tls )
{ {
fprintf(stderr, "Invalid private key file given\n"); if( conf.tls_key(conf.tls, optarg) < 1 )
exit(1); {
fprintf(stderr,
"Error: Invalid private key file given\n");
exit(1);
}
keys++;
} }
keys++;
break; break;
#endif #endif
@ -515,7 +568,8 @@ int main (int argc, char **argv)
case 'h': case 'h':
if( ! realpath(optarg, conf.docroot) ) if( ! realpath(optarg, conf.docroot) )
{ {
fprintf(stderr, "Invalid directory %s: %s\n", optarg, strerror(errno)); fprintf(stderr, "Error: Invalid directory %s: %s\n",
optarg, strerror(errno));
exit(1); exit(1);
} }
break; break;
@ -604,21 +658,21 @@ int main (int argc, char **argv)
#ifdef HAVE_TLS #ifdef HAVE_TLS
if( (tls == 1) && (keys < 2) ) if( (tls == 1) && (keys < 2) )
{ {
fprintf(stderr, "Missing private key or certificate file\n"); fprintf(stderr, "Error: Missing private key or certificate file\n");
exit(1); exit(1);
} }
#endif #endif
if( bound < 1 ) if( bound < 1 )
{ {
fprintf(stderr, "No sockets bound, unable to continue\n"); fprintf(stderr, "Error: No sockets bound, unable to continue\n");
exit(1); exit(1);
} }
/* default docroot */ /* default docroot */
if( !conf.docroot[0] && !realpath(".", conf.docroot) ) if( !conf.docroot[0] && !realpath(".", conf.docroot) )
{ {
fprintf(stderr, "Can not determine default document root: %s\n", fprintf(stderr, "Error: Can not determine default document root: %s\n",
strerror(errno)); strerror(errno));
exit(1); exit(1);
} }
@ -637,14 +691,37 @@ int main (int argc, char **argv)
#endif #endif
#ifdef HAVE_LUA #ifdef HAVE_LUA
/* init Lua runtime if handler is specified */ /* load Lua plugin */
if( conf.lua_handler ) if( ! (lua_lib = dlopen("uhttpd_lua.so", RTLD_LAZY | RTLD_GLOBAL)) )
{ {
/* default lua prefix */ fprintf(stderr,
if( ! conf.lua_prefix ) "Notice: Unable to load Lua plugin - disabling Lua support! "
conf.lua_prefix = "/lua"; "(Reason: %s)\n", dlerror()
);
}
else
{
/* resolve functions */
if( !(conf.lua_init = dlsym(lua_lib, "uh_lua_init")) ||
!(conf.lua_close = dlsym(lua_lib, "uh_lua_close")) ||
!(conf.lua_request = dlsym(lua_lib, "uh_lua_request"))
) {
fprintf(stderr,
"Error: Failed to lookup required symbols "
"in Lua plugin: %s\n", dlerror()
);
exit(1);
}
L = uh_lua_init(conf.lua_handler); /* init Lua runtime if handler is specified */
if( conf.lua_handler )
{
/* default lua prefix */
if( ! conf.lua_prefix )
conf.lua_prefix = "/lua";
L = conf.lua_init(conf.lua_handler);
}
} }
#endif #endif
@ -711,7 +788,8 @@ int main (int argc, char **argv)
{ {
#ifdef HAVE_TLS #ifdef HAVE_TLS
/* setup client tls context */ /* setup client tls context */
uh_tls_client_accept(cl); if( conf.tls )
conf.tls_accept(cl);
#endif #endif
/* add client socket to global fdset */ /* add client socket to global fdset */
@ -753,7 +831,7 @@ int main (int argc, char **argv)
/* Lua request? */ /* Lua request? */
if( L && uh_path_match(conf.lua_prefix, req->url) ) if( L && uh_path_match(conf.lua_prefix, req->url) )
{ {
uh_lua_request(cl, req, L); conf.lua_request(cl, req, L);
} }
else else
#endif #endif
@ -793,7 +871,8 @@ int main (int argc, char **argv)
#ifdef HAVE_TLS #ifdef HAVE_TLS
/* free client tls context */ /* free client tls context */
uh_tls_client_close(cl); if( conf.tls )
conf.tls_close(cl);
#endif #endif
cleanup: cleanup:
@ -812,7 +891,7 @@ int main (int argc, char **argv)
#ifdef HAVE_LUA #ifdef HAVE_LUA
/* destroy the Lua state */ /* destroy the Lua state */
if( L != NULL ) if( L != NULL )
lua_close(L); conf.lua_close(L);
#endif #endif
return 0; return 0;

21
contrib/package/uhttpd/src/uhttpd.h
View file

@ -32,6 +32,13 @@
#include <netdb.h> #include <netdb.h>
#include <ctype.h> #include <ctype.h>
#include <dlfcn.h>
#ifdef HAVE_LUA
#include <lua.h>
#endif
#ifdef HAVE_TLS #ifdef HAVE_TLS
#include <openssl/ssl.h> #include <openssl/ssl.h>
#endif #endif
@ -48,6 +55,9 @@
#define UH_HTTP_MSG_HEAD 1 #define UH_HTTP_MSG_HEAD 1
#define UH_HTTP_MSG_POST 2 #define UH_HTTP_MSG_POST 2
struct listener;
struct client;
struct http_request;
struct config { struct config {
char docroot[PATH_MAX]; char docroot[PATH_MAX];
@ -59,11 +69,22 @@ struct config {
#ifdef HAVE_LUA #ifdef HAVE_LUA
char *lua_prefix; char *lua_prefix;
char *lua_handler; char *lua_handler;
lua_State * (*lua_init) (const char *handler);
void (*lua_close) (lua_State *L);
void (*lua_request) (struct client *cl, struct http_request *req, lua_State *L);
#endif #endif
#ifdef HAVE_TLS #ifdef HAVE_TLS
char *cert; char *cert;
char *key; char *key;
SSL_CTX *tls; SSL_CTX *tls;
SSL_CTX * (*tls_init) (void);
int (*tls_cert) (SSL_CTX *c, const char *file);
int (*tls_key) (SSL_CTX *c, const char *file);
void (*tls_free) (struct listener *l);
void (*tls_accept) (struct client *c);
void (*tls_close) (struct client *c);
int (*tls_recv) (struct client *c, void *buf, int len);
int (*tls_send) (struct client *c, void *buf, int len);
#endif #endif
}; };