Commit 05f4aff5 authored by Alyssa Rosenzweig's avatar Alyssa Rosenzweig

Opt-in HTTPS

parent b38e4e86
openssl genrsa 1024 > key.pem
openssl req -x509 -new -key key.pem > cert.pem
......@@ -1289,7 +1289,9 @@ int main(int argc, char *argv[])
blist_id_to_conversation = g_hash_table_new(g_str_hash, g_str_equal);
sapphire_connect_signals();
sapphire_init_websocket();
gboolean secure = (argc >= 2) && (purple_strequal(argv[1], "--secure"));
sapphire_init_websocket(secure);
g_main_context_iteration(g_main_loop_get_context(loop), FALSE);
......
......@@ -258,12 +258,23 @@ soup_ws_callback(SoupServer *server,
}
void
sapphire_init_websocket(void)
sapphire_init_websocket(gboolean secure)
{
GError *error = NULL;
SoupServer *soup = soup_server_new(NULL, NULL);
if (secure) {
gchar *key_file = "key.pem";
gchar *cert_file = "cert.pem";
if (!soup_server_set_ssl_cert_file(soup, cert_file, key_file, &error)) {
printf("Error setting SSL certificate\n");
printf("Msg: %s\n", error->message);
exit(1);
}
}
/* Generic static callbacks */
soup_server_add_handler(soup, "/icon/", soup_icon_callback, NULL, NULL);
/* Initialize icon database */
......@@ -273,7 +284,7 @@ sapphire_init_websocket(void)
char *protocols[] = { "binary", NULL };
soup_server_add_websocket_handler(soup, "/ws", NULL, protocols, soup_ws_callback, NULL, NULL);
if (!soup_server_listen_all(soup, WS_PORT, 0, &error)) {
if (!soup_server_listen_all(soup, WS_PORT, secure ? SOUP_SERVER_LISTEN_HTTPS : 0, &error)) {
printf("Error listening in soup\n");
printf("Msg: %s\n", error->message);
}
......
......@@ -39,7 +39,7 @@ typedef struct Connection {
GHashTable *subscribed_ids;
} Connection;
void sapphire_init_websocket(void);
void sapphire_init_websocket(gboolean secure);
void sapphire_send_raw_packet(Connection *conn, const char *packet);
void sapphire_broadcast_raw_packet(const char *packet);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment