Basically we support openssl api compatibles only.
If we ever try something different we need a shim making it openssl api or a proper abstraction layer added first.
endif()
endif()
-if (LWS_WITH_SSL AND LWS_USE_MBEDTLS)
- if ("${LWS_MBEDTLS_LIBRARIES}" STREQUAL "" OR "${LWS_MBEDTLS_INCLUDE_DIRS}" STREQUAL "")
- if (NOT MBEDTLS_FOUND)
- message(FATAL_ERROR "You must set LWS_MBEDTLS_LIBRARIES and LWS_MBEDTLS_INCLUDE_DIRS when LWS_USE_MBEDTLS is turned on.")
- endif()
- else()
- set(MBEDTLS_LIBRARIES ${LWS_MBEDTLS_LIBRARIES})
- set(MBEDTLS_INCLUDE_DIRS ${LWS_MBEDTLS_INCLUDE_DIRS})
- set(MBEDTLS_FOUND 1)
- endif()
- set(USE_MBEDTLS 1)
-endif()
-
if (LWS_WITH_ZLIB AND NOT LWS_USE_BUNDLED_ZLIB)
if ("${LWS_ZLIB_LIBRARIES}" STREQUAL "" OR "${LWS_ZLIB_INCLUDE_DIRS}" STREQUAL "")
else()
typedef struct lws_polarssl_context SSL_CTX;
typedef ssl_context SSL;
#else
-#if defined(LWS_USE_MBEDTLS)
-#include <mbedtls/ssl.h>
-#else
#include <openssl/ssl.h>
#include <openssl/err.h>
-#endif /* not USE_MBEDTLS */
#endif /* not USE_POLARSSL */
#endif /* not USE_WOLFSSL */
#endif
#define OPENSSL_NO_TLSEXT
#endif /* not USE_OLD_CYASSL */
#else
-#if defined(LWS_USE_POLARSSL)
-#include <polarssl/ssl.h>
-#include <polarssl/error.h>
-#include <polarssl/md5.h>
-#include <polarssl/sha1.h>
-#include <polarssl/ecdh.h>
-#define SSL_ERROR_WANT_READ POLARSSL_ERR_NET_WANT_READ
-#define SSL_ERROR_WANT_WRITE POLARSSL_ERR_NET_WANT_WRITE
-#define OPENSSL_VERSION_NUMBER 0x10002000L
-#else
-#if defined(LWS_USE_MBEDTLS)
-#include <mbedtls/ssl.h>
-#include <mbedtls/error.h>
-#include <mbedtls/md5.h>
-#include <mbedtls/sha1.h>
-#include <mbedtls/ecdh.h>
-#else
#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/err.h>
*/
#define OPENSSL_NO_TLSEXT
#endif
-
-#endif /* not USE_MBEDTLS */
-#endif /* not USE_POLARSSL */
#endif /* not USE_WOLFSSL */
#endif
#endif
#ifdef LWS_OPENSSL_SUPPORT
SSL *ssl;
-#if !defined(LWS_USE_POLARSSL) && !defined(LWS_USE_MBEDTLS)
BIO *client_bio;
-#endif
struct lws *pending_read_list_prev, *pending_read_list_next;
#endif
#ifdef LWS_WITH_HTTP_PROXY
extern int lws_ssl_get_error(struct lws *wsi, int n);
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#ifdef USE_WOLFSSL
#else
return !n;
}
#endif
-#endif
-#endif
int
lws_ssl_client_bio_create(struct lws *wsi)
{
-#if defined(LWS_USE_POLARSSL)
- return 0;
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
char hostname[128], *p;
if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
wsi);
return 0;
-#endif
-#endif
}
int
int n = 0;
lws_latency_pre(context, wsi);
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
n = SSL_connect(wsi->ssl);
-#endif
-#endif
lws_latency(context, wsi,
"SSL_connect LWSCM_WSCL_ISSUE_HANDSHAKE", n, n > 0);
* retry if new data comes until we
* run into the connection timeout or win
*/
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
unsigned long error = ERR_get_error();
if (error != SSL_ERROR_NONE) {
error, ERR_error_string(error, sb));
return -1;
}
-#endif
-#endif
}
return 1;
lws_ssl_client_connect2(struct lws *wsi)
{
struct lws_context *context = wsi->context;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
char *p = (char *)&pt->serv_buf[0];
char *sb = p;
-#endif
-#endif
int n = 0;
if (wsi->mode == LWSCM_WSCL_WAITING_SSL) {
lws_latency_pre(context, wsi);
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
n = SSL_connect(wsi->ssl);
-#endif
-#endif
lwsl_notice("%s: SSL_connect says %d\n", __func__, n);
lws_latency(context, wsi,
* retry if new data comes until we
* run into the connection timeout or win
*/
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
unsigned long error = ERR_get_error();
if (error != SSL_ERROR_NONE) {
lwsl_err("SSL connect error %lu: %s\n",
error, ERR_error_string(error, sb));
return -1;
}
-#endif
-#endif
}
}
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#ifndef USE_WOLFSSL
/*
* See comment above about wolfSSL certificate
}
#endif /* USE_WOLFSSL */
-#endif
-#endif
return 1;
}
int lws_context_init_client_ssl(struct lws_context_creation_info *info,
struct lws_vhost *vhost)
{
-#if defined(LWS_USE_POLARSSL)
- return 0;
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
SSL_METHOD *method;
struct lws wsi;
unsigned long error;
vhost->ssl_client_ctx, NULL, 0);
return 0;
-#endif
-#endif
}
#include "private-libwebsockets.h"
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
-
extern int openssl_websocket_private_data_index,
openssl_SSL_CTX_private_data_index;
}
#endif
-#endif
-#endif
-
LWS_VISIBLE int
lws_context_init_server_ssl(struct lws_context_creation_info *info,
struct lws_vhost *vhost)
(void)n;
(void)error;
-#if defined(LWS_USE_POLARSSL)
- lwsl_notice(" Compiled with PolarSSL support\n");
-
- vhost->ssl_ctx = lws_zalloc(sizeof (*vhost->ssl_ctx));
-
- /* Load the trusted CA */
-
- if (info->ssl_ca_filepath) {
- n = x509_crt_parse_file(&vhost->ssl_ctx->ca,
- info->ssl_ca_filepath);
-
- if (n < 0) {
-// error_strerror(ret, errorbuf, sizeof(errorbuf));
- lwsl_err("%s: Failed to load ca cert\n", __func__);
- return -1;
- }
- }
-
- /* Load our cert */
-
- if (info->ssl_cert_filepath) {
- n = x509_crt_parse_file(&vhost->ssl_ctx->certificate,
- info->ssl_cert_filepath);
-
- if (n < 0) {
-// error_strerror(ret, errorbuf, sizeof(errorbuf));
- lwsl_err("%s: Failed to load cert\n", __func__);
- return -1;
- }
- }
-
- /* Load cert private key */
-
- if (info->ssl_private_key_filepath) {
- pk_context pk;
- pk_init(&pk);
- n = pk_parse_keyfile(&pk, info->ssl_private_key_filepath,
- info->ssl_private_key_password);
-
- if (!n && !pk_can_do(&pk, POLARSSL_PK_RSA))
- n = POLARSSL_ERR_PK_TYPE_MISMATCH;
-
- if (!n)
- rsa_copy(&vhost->ssl_ctx->key, pk_rsa(pk));
- else
- rsa_free(&vhost->ssl_ctx->key);
- pk_free(&pk);
-
- if (n) {
- //error_strerror(ret, errorbuf, sizeof(errorbuf));
- lwsl_err("%s: error reading private key\n", __func__);
-
- return -1;
- }
- }
-#else
-#if defined(LWS_USE_MBEDTLS)
- lwsl_notice(" Compiled with mbedTLS support\n");
-#else
-
/*
* Firefox insists on SSLv23 not SSLv3
* Konq disables SSLv2 by default now, SSLv23 works
lws_context_init_http2_ssl(vhost);
}
-#endif
-#endif
-
return 0;
}
#include "private-libwebsockets.h"
-#if defined(LWS_USE_POLARSSL)
-static const int ciphers[] =
-{
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
- TLS_RSA_WITH_AES_256_CBC_SHA,
- TLS_RSA_WITH_AES_128_CBC_SHA,
- 0
-};
-
-static int urandom_bytes(void *ctx, unsigned char *dest, size_t len)
-{
- int cur;
- int fd = open("/dev/urandom", O_RDONLY);
-
- if (fd < 0)
- return -1;
-
- while (len) {
- cur = read(fd, dest, len);
- if (cur < 0)
- continue;
- len -= cur;
- }
- close(fd);
-
- return 0;
-}
-
-static void pssl_debug(void *ctx, int level, const char *str)
-{
- lwsl_err("PolarSSL [level %d]: %s", level, str);
-}
-
-#endif
int openssl_websocket_private_data_index,
openssl_SSL_CTX_private_data_index;
int lws_ssl_get_error(struct lws *wsi, int n)
{
-#if defined(LWS_USE_POLARSSL)
-#define ERR_error_string(a, b) ""
- return n;
-#else
-#if defined(LWS_USE_MBEDTLS)
- return n;
-#else
return SSL_get_error(wsi->ssl, n);
-#endif
-#endif
}
/* Copies a string describing the code returned by lws_ssl_get_error(),
void
lws_ssl_elaborate_error(void)
{
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
-
char buf[256];
u_long err;
ERR_error_string_n(err, buf, sizeof(buf));
lwsl_err("*** %s\n", buf);
}
-#endif
-#endif
}
-
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
static int
lws_context_init_ssl_pem_passwd_cb(char * buf, int size, int rwflag, void *userdata)
{
return strlen(buf);
}
-#endif
-#endif
void
lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx, struct lws_context_creation_info *info)
{
if (!info->ssl_private_key_password)
return;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
/*
* password provided, set ssl callback and user data
* for checking password which will be trigered during
*/
SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, (void *)info);
SSL_CTX_set_default_passwd_cb(ssl_ctx, lws_context_init_ssl_pem_passwd_cb);
-#endif
-#endif
}
int
lwsl_notice(" Compiled with wolfSSL support\n");
#endif
#else
-#if defined(LWS_USE_POLARSSL)
- lwsl_notice(" Compiled with PolarSSL support\n");
-#else
-#if defined(LWS_USE_MBEDTLS)
- lwsl_notice(" Compiled with mbedTLS support\n");
-#else
#if defined(LWS_USE_BORINGSSL)
lwsl_notice(" Compiled with BoringSSL support\n");
#else
lwsl_notice(" Compiled with OpenSSL support\n");
#endif
#endif
-#endif
-#endif
-
if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) {
lwsl_notice(" SSL disabled: no LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT\n");
return 0;
/* basic openssl init */
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
-
lwsl_notice("Doing SSL library init\n");
SSL_library_init();
openssl_SSL_CTX_private_data_index = SSL_CTX_get_ex_new_index(0,
NULL, NULL, NULL, NULL);
-#endif
-#endif
return 0;
}
LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
return;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
-
if (vhost->ssl_ctx)
SSL_CTX_free(vhost->ssl_ctx);
if (!vhost->user_supplied_ssl_ctx && vhost->ssl_client_ctx)
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
#endif
-
-#endif
-#endif
}
LWS_VISIBLE void
lws_decode_ssl_error(void)
{
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
char buf[256];
u_long err;
while ((err = ERR_get_error()) != 0) {
ERR_error_string_n(err, buf, sizeof(buf));
lwsl_err("*** %lu %s\n", err, buf);
}
-#endif
-#endif
}
LWS_VISIBLE void
if (!wsi->ssl)
return lws_ssl_capable_read_no_ssl(wsi, buf, len);
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
n = SSL_read(wsi->ssl, buf, len);
-#endif
-#endif
/* manpage: returning 0 means connection shut down */
if (!n) {
- lwsl_err("%s failed: %s\n",__func__,
- ERR_error_string(lws_ssl_get_error(wsi, 0), NULL));
- lws_decode_ssl_error();
+ lwsl_err("%s failed: %s\n",__func__,
+ ERR_error_string(lws_ssl_get_error(wsi, 0), NULL));
+ lws_decode_ssl_error();
return LWS_SSL_CAPABLE_ERROR;
}
goto bail;
if (!wsi->ssl)
goto bail;
-#if defined(LWS_USE_POLARSSL)
- if (ssl_get_bytes_avail(wsi->ssl) <= 0)
- goto bail;
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
if (!SSL_pending(wsi->ssl))
goto bail;
-#endif
-#endif
+
if (wsi->pending_read_list_next)
return n;
if (wsi->pending_read_list_prev)
{
if (!wsi->ssl)
return 0;
-#if defined(LWS_USE_POLARSSL)
- return ssl_get_bytes_avail(wsi->ssl) > 0;
-#else
-#if defined(LWS_USE_MBEDTLS)
- return ssl_get_bytes_avail(wsi->ssl) > 0;;
-#else
+
return SSL_pending(wsi->ssl);
-#endif
-#endif
}
LWS_VISIBLE int
if (!wsi->ssl)
return lws_ssl_capable_write_no_ssl(wsi, buf, len);
-#if defined(LWS_USE_POLARSSL)
- n = ssl_write(wsi->ssl, buf, len);
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
n = SSL_write(wsi->ssl, buf, len);
-#endif
-#endif
if (n > 0)
return n;
if (!wsi->ssl)
return 0; /* not handled */
-#if defined(LWS_USE_POLARSSL)
- ssl_close_notify(wsi->ssl);
- (void)n; /* we need to close the fd? */
- ssl_free(wsi->ssl);
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
n = SSL_get_fd(wsi->ssl);
SSL_shutdown(wsi->ssl);
compatible_close(n);
SSL_free(wsi->ssl);
-#endif
-#endif
wsi->ssl = NULL;
return 1; /* handled */
struct lws_context *context = wsi->context;
struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
int n, m;
-#if !defined(USE_WOLFSSL) && !defined(LWS_USE_POLARSSL) && !defined(LWS_USE_MBEDTLS)
+#if !defined(USE_WOLFSSL)
BIO *bio;
#endif
char buf[256];
if (accept_fd == LWS_SOCK_INVALID)
assert(0);
-#if defined(LWS_USE_POLARSSL)
- {
- ssl_session *ssn;
- int rc;
-
- wsi->ssl = lws_zalloc(sizeof(ssl_context));
- ssn = lws_zalloc(sizeof(ssl_session));
-
- rc = ssl_init(wsi->ssl);
- if (rc) {
- lwsl_err("ssl_init failed\n");
- goto fail;
- }
-
- ssl_set_endpoint(wsi->ssl, SSL_IS_SERVER);
- ssl_set_authmode(wsi->ssl, SSL_VERIFY_OPTIONAL);
- ssl_set_rng(wsi->ssl, urandom_bytes, NULL);
- ssl_set_dbg(wsi->ssl, pssl_debug, NULL);
- ssl_set_bio(wsi->ssl, net_recv, &wsi->sock, net_send, &wsi->sock);
-
- ssl_set_ciphersuites(wsi->ssl, ciphers);
-
- ssl_set_session(wsi->ssl, ssn);
-
- ssl_set_ca_chain(wsi->ssl, &wsi->vhost->ssl_ctx->ca,
- NULL, NULL);
-
- ssl_set_own_cert_rsa(wsi->ssl,
- &wsi->vhost->ssl_ctx->certificate,
- &wsi->vhost->ssl_ctx->key);
-
-// ssl_set_dh_param(wsi->ssl, my_dhm_P, my_dhm_G);
-
- lwsl_err("%s: polarssl init done\n", __func__);
- }
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
wsi->ssl = SSL_new(wsi->vhost->ssl_ctx);
if (wsi->ssl == NULL) {
lwsl_err("SSL_new failed: %s\n",
openssl_websocket_private_data_index, wsi);
SSL_set_fd(wsi->ssl, accept_fd);
-#endif
-#endif
#ifdef USE_WOLFSSL
#ifdef USE_OLD_CYASSL
wolfSSL_set_using_nonblock(wsi->ssl, 1);
#endif
#else
-#if defined(LWS_USE_POLARSSL)
-
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
SSL_set_mode(wsi->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
bio = SSL_get_rbio(wsi->ssl);
if (bio)
else
lwsl_notice("NULL rbio\n");
#endif
-#endif
-#endif
/*
* we are not accepted yet, but we need to enter ourselves
* connection upgrade directly.
*/
wsi->use_ssl = 0;
-#if defined(LWS_USE_POLARSSL)
- ssl_close_notify(wsi->ssl);
- ssl_free(wsi->ssl);
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
SSL_shutdown(wsi->ssl);
SSL_free(wsi->ssl);
-#endif
-#endif
wsi->ssl = NULL;
if (lws_check_opt(context->options,
LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS))
}
/* normal SSL connection processing path */
-#if defined(LWS_USE_POLARSSL)
- n = ssl_handshake(wsi->ssl);
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
n = SSL_accept(wsi->ssl);
-#endif
-#endif
lws_latency(context, wsi,
"SSL_accept LWSCM_SSL_ACK_PENDING\n", n, n == 1);
void
lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost)
{
- if (vhost->ssl_ctx) {
-#if defined(LWS_USE_POLARSSL)
- lws_free(vhost->ssl_ctx);
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+ if (vhost->ssl_ctx)
SSL_CTX_free(vhost->ssl_ctx);
-#endif
-#endif
- }
- if (!vhost->user_supplied_ssl_ctx && vhost->ssl_client_ctx) {
-#if defined(LWS_USE_POLARSSL)
- lws_free(vhost->ssl_client_ctx);
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
+ if (!vhost->user_supplied_ssl_ctx && vhost->ssl_client_ctx)
SSL_CTX_free(vhost->ssl_client_ctx);
-#endif
-#endif
- }
}
void
lws_ssl_context_destroy(struct lws_context *context)
{
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
// after 1.1.0 no need
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
#endif
-
-#endif
-#endif
}
static volatile int force_exit;
static unsigned int opts, rl_multi[3];
static int flag_no_mirror_traffic;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
char crl_path[1024] = "";
#endif
-#endif
-#endif
/*
* This demo shows how to connect multiple websockets simultaneously to a
force_exit = 1;
break;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
case LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS:
if (crl_path[0]) {
}
break;
#endif
-#endif
-#endif
default:
break;
strncpy(ca_path, optarg, sizeof(ca_path) - 1);
ca_path[sizeof(ca_path) - 1] = '\0';
break;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
case 'R':
strncpy(crl_path, optarg, sizeof(crl_path) - 1);
crl_path[sizeof(crl_path) - 1] = '\0';
break;
#endif
-#endif
-#endif
case 'h':
goto usage;
}
*/
if (ca_path[0])
info.ssl_ca_filepath = ca_path;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
else if (crl_path[0])
lwsl_notice("WARNING, providing a CRL requires a CA cert!\n");
#endif
-#endif
-#endif
}
if (use_ssl & LCCSCF_USE_SSL)
* using this protocol, including the sender
*/
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
/* location of the certificate revocation list */
extern char crl_path[1024];
#endif
-#endif
-#endif
extern int debug_level;
break;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#if defined(LWS_OPENSSL_SUPPORT)
case LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION:
/* Verify the client certificate */
break;
#endif
#endif
-#endif
-#endif
default:
break;
#define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server"
char *resource_path = LOCAL_RESOURCE_PATH;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
char crl_path[1024] = "";
#endif
-#endif
-#endif
/*
* libev dumps their hygiene problems on their users blaming compiler
#define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server"
char *resource_path = LOCAL_RESOURCE_PATH;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
char crl_path[1024] = "";
#endif
-#endif
-#endif
/* singlethreaded version --> no locks */
volatile int force_exit = 0;
struct lws_context *context;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
char crl_path[1024] = "";
#endif
-#endif
-#endif
/*
* This mutex lock protects code that changes or relies on wsi list outside of
/* http server gets files from this path */
#define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server"
char *resource_path = LOCAL_RESOURCE_PATH;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
char crl_path[1024] = "";
#endif
-#endif
-#endif
/*
* This test server is ONLY this .c file, it's radically simpler than the
use_ssl = 1;
opts |= LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT;
break;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
#if defined(LWS_HAVE_SSL_CTX_set1_param)
case 'R':
strncpy(crl_path, optarg, sizeof(crl_path) - 1);
break;
#endif
#endif
-#endif
-#endif
case 'h':
fprintf(stderr, "Usage: test-server "
"[--port=<p>] [--ssl] "
/* http server gets files from this path */
#define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server"
char *resource_path = LOCAL_RESOURCE_PATH;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param)
char crl_path[1024] = "";
#endif
-#endif
-#endif
/* singlethreaded version --> no locks */
use_ssl = 1;
opts |= LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT;
break;
-#if defined(LWS_USE_POLARSSL)
-#else
-#if defined(LWS_USE_MBEDTLS)
-#else
+
#if defined(LWS_HAVE_SSL_CTX_set1_param)
case 'R':
strncpy(crl_path, optarg, sizeof(crl_path) - 1);
break;
#endif
#endif
-#endif
-#endif
case 'h':
fprintf(stderr, "Usage: test-server "
"[--port=<p>] [--ssl] "