1 /* 2 This file is part of libmicrohttpd 3 Copyright (C) 2007, 2008 Christian Grothoff (and other contributing authors) 4 5 This library is free software; you can redistribute it and/or 6 modify it under the terms of the GNU Lesser General Public 7 License as published by the Free Software Foundation; either 8 version 2.1 of the License, or (at your option) any later version. 9 10 This library is distributed in the hope that it will be useful, 11 but WITHOUT ANY WARRANTY; without even the implied warranty of 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13 Lesser General Public License for more details. 14 15 You should have received a copy of the GNU Lesser General Public 16 License along with this library; if not, write to the Free Software 17 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 18 */ 19 /** 20 * @file https_fileserver_example.c 21 * @brief a simple HTTPS file server using TLS. 22 * 23 * Usage : 24 * 25 * 'http_fileserver_example HTTP-PORT SECONDS-TO-RUN' 26 * 27 * The certificate & key are required by the server to operate, Omitting the 28 * path arguments will cause the server to use the hard coded example certificate & key. 29 * 30 * 'certtool' may be used to generate these if required. 31 * 32 * @author Sagie Amir 33 */ 34 35 #include "platform.h" 36 #include <microhttpd.h> 37 #include <sys/stat.h> 38 #include <gnutls/gnutls.h> 39 #include <gcrypt.h> 40 41 #define BUF_SIZE 1024 42 #define MAX_URL_LEN 255 43 44 // TODO remove if unused 45 #define CAFILE "ca.pem" 46 #define CRLFILE "crl.pem" 47 48 #define EMPTY_PAGE "<html><head><title>File not found</title></head><body>File not found</body></html>" 49 50 /* Test Certificate */ 51 const char cert_pem[] = 52 "-----BEGIN CERTIFICATE-----\n" 53 "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n" 54 "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n" 55 "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n" 56 "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n" 57 "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n" 58 "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n" 59 "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n" 60 "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n" 61 "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n" 62 "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n" 63 "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n" 64 "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n" 65 "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n" 66 "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n" 67 "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n"; 68 69 const char key_pem[] = 70 "-----BEGIN RSA PRIVATE KEY-----\n" 71 "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n" 72 "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n" 73 "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n" 74 "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n" 75 "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n" 76 "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n" 77 "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n" 78 "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n" 79 "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n" 80 "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n" 81 "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n" 82 "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n" 83 "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n" 84 "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n" 85 "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n" 86 "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n" 87 "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n" 88 "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n" 89 "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n" 90 "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n" 91 "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n" 92 "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n" 93 "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n" 94 "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n" 95 "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n" 96 "-----END RSA PRIVATE KEY-----\n"; 97 98 static ssize_t 99 file_reader (void *cls, uint64_t pos, char *buf, size_t max) 100 { 101 FILE *file = cls; 102 103 (void) fseek (file, pos, SEEK_SET); 104 return fread (buf, 1, max, file); 105 } 106 107 static void 108 file_free_callback (void *cls) 109 { 110 FILE *file = cls; 111 fclose (file); 112 } 113 114 /* HTTP access handler call back */ 115 static int 116 http_ahc (void *cls, 117 struct MHD_Connection *connection, 118 const char *url, 119 const char *method, 120 const char *version, 121 const char *upload_data, 122 size_t *upload_data_size, void **ptr) 123 { 124 static int aptr; 125 struct MHD_Response *response; 126 int ret; 127 FILE *file; 128 struct stat buf; 129 130 if (0 != strcmp (method, MHD_HTTP_METHOD_GET)) 131 return MHD_NO; /* unexpected method */ 132 if (&aptr != *ptr) 133 { 134 /* do never respond on first call */ 135 *ptr = &aptr; 136 return MHD_YES; 137 } 138 *ptr = NULL; /* reset when done */ 139 140 if ( (0 == stat (&url[1], &buf)) && 141 (S_ISREG (buf.st_mode)) ) 142 file = fopen (&url[1], "rb"); 143 else 144 file = NULL; 145 if (file == NULL) 146 { 147 response = MHD_create_response_from_buffer (strlen (EMPTY_PAGE), 148 (void *) EMPTY_PAGE, 149 MHD_RESPMEM_PERSISTENT); 150 ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response); 151 MHD_destroy_response (response); 152 } 153 else 154 { 155 response = MHD_create_response_from_callback (buf.st_size, 32 * 1024, /* 32k PAGE_NOT_FOUND size */ 156 &file_reader, file, 157 &file_free_callback); 158 if (response == NULL) 159 { 160 fclose (file); 161 return MHD_NO; 162 } 163 ret = MHD_queue_response (connection, MHD_HTTP_OK, response); 164 MHD_destroy_response (response); 165 } 166 return ret; 167 } 168 169 int 170 main (int argc, char *const *argv) 171 { 172 struct MHD_Daemon *TLS_daemon; 173 174 if (argc == 2) 175 { 176 /* TODO check if this is truly necessary - disallow usage of the blocking /dev/random */ 177 /* gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); */ 178 TLS_daemon = 179 MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_DEBUG | 180 MHD_USE_SSL, atoi (argv[1]), NULL, NULL, &http_ahc, 181 NULL, MHD_OPTION_CONNECTION_TIMEOUT, 256, 182 MHD_OPTION_HTTPS_MEM_KEY, key_pem, 183 MHD_OPTION_HTTPS_MEM_CERT, cert_pem, 184 MHD_OPTION_END); 185 } 186 else 187 { 188 printf ("Usage: %s HTTP-PORT\n", argv[0]); 189 return 1; 190 } 191 192 if (TLS_daemon == NULL) 193 { 194 fprintf (stderr, "Error: failed to start TLS_daemon\n"); 195 return 1; 196 } 197 else 198 { 199 printf ("MHD daemon listening on port %d\n", atoi (argv[1])); 200 } 201 202 (void) getc (stdin); 203 204 MHD_stop_daemon (TLS_daemon); 205 206 return 0; 207 } 208
