}
struct rspamd_http_connection *
-rspamd_http_connection_new_keepalive (struct rspamd_http_context *ctx,
- rspamd_http_body_handler_t body_handler,
- rspamd_http_error_handler_t error_handler,
- rspamd_http_finish_handler_t finish_handler,
- rspamd_inet_addr_t *addr,
- const gchar *host)
+rspamd_http_connection_new_client_keepalive (struct rspamd_http_context *ctx,
+ rspamd_http_body_handler_t body_handler,
+ rspamd_http_error_handler_t error_handler,
+ rspamd_http_finish_handler_t finish_handler,
+ unsigned opts,
+ rspamd_inet_addr_t *addr,
+ const gchar *host)
{
struct rspamd_http_connection *conn;
ctx = rspamd_http_context_default ();
}
- conn = rspamd_http_context_check_keepalive(ctx, addr, host, false);
+ conn = rspamd_http_context_check_keepalive(ctx, addr, host,
+ opts & RSPAMD_HTTP_CLIENT_SSL);
if (conn) {
return conn;
conn = rspamd_http_connection_new_client (ctx,
body_handler, error_handler, finish_handler,
- RSPAMD_HTTP_CLIENT_SIMPLE|RSPAMD_HTTP_CLIENT_KEEP_ALIVE,
+ opts|RSPAMD_HTTP_CLIENT_SIMPLE|RSPAMD_HTTP_CLIENT_KEEP_ALIVE,
addr);
if (conn) {
- rspamd_http_context_prepare_keepalive(ctx, conn, addr, host, );
+ rspamd_http_context_prepare_keepalive(ctx, conn, addr, host,
+ opts & RSPAMD_HTTP_CLIENT_SSL);
}
return conn;
"Connection: %s\r\n"
"Content-Length: %z\r\n",
http_method_str(msg->method),
- (msg->flags & RSPAMD_HTTP_FLAG_SSL) ? "https" : "http",
+ (conn->opts & RSPAMD_HTTP_CLIENT_SSL) ? "https" : "http",
host,
msg->port,
msg->url,
"Host: %s\r\n"
"Content-Length: %z\r\n",
http_method_str(msg->method),
- (msg->flags & RSPAMD_HTTP_FLAG_SSL) ? "https" : "http",
+ (conn->opts & RSPAMD_HTTP_CLIENT_SSL) ? "https" : "http",
host,
msg->port,
msg->url,
priv->buf->data = rspamd_fstring_sized_new (512);
buf = priv->buf->data;
+ if ((msg->flags & RSPAMD_HTTP_FLAG_WANT_SSL) && !(conn->opts & RSPAMD_HTTP_CLIENT_SSL)) {
+ err = g_error_new (HTTP_ERROR, 400,
+ "SSL connection requested but not created properly, internal error");
+ rspamd_http_connection_ref (conn);
+ conn->error_handler (conn, err);
+ rspamd_http_connection_unref (conn);
+ g_error_free (err);
+ return FALSE;
+ }
+
if (priv->peer_key && priv->local_key) {
priv->msg->peer_key = priv->peer_key;
priv->peer_key = NULL;
priv->flags &= ~RSPAMD_HTTP_CONN_FLAG_RESETED;
- if (priv->flags & RSPAMD_HTTP_CONN_FLAG_PROXY) {
+ if ((priv->flags & RSPAMD_HTTP_CONN_FLAG_PROXY) && (conn->opts & RSPAMD_HTTP_CLIENT_SSL)) {
/* We need to disable SSL flag! */
- msg->flags &=~ RSPAMD_HTTP_FLAG_SSL;
+ err = g_error_new (HTTP_ERROR, 400, "cannot use proxy for SSL connections");
+ rspamd_http_connection_ref (conn);
+ conn->error_handler (conn, err);
+ rspamd_http_connection_unref (conn);
+ g_error_free (err);
+ return FALSE;
}
rspamd_ev_watcher_stop (priv->ctx->event_loop, &priv->ev);
- if (msg->flags & RSPAMD_HTTP_FLAG_SSL) {
+ if (conn->opts & RSPAMD_HTTP_CLIENT_SSL) {
gpointer ssl_ctx = (msg->flags & RSPAMD_HTTP_FLAG_SSL_NOVERIFY) ?
priv->ctx->ssl_ctx_noverify : priv->ctx->ssl_ctx;
* Store body of the message in an immutable shared memory segment
*/
#define RSPAMD_HTTP_FLAG_SHMEM_IMMUTABLE (1 << 3)
-/**
- * Use tls for this message (how the fuck SSL flag could be used PER MESSAGE???)
- */
-#define RSPAMD_HTTP_FLAG_SSL (1 << 4)
/**
* Body has been set for a message
*/
* Body has been set for a message
*/
#define RSPAMD_HTTP_FLAG_HAS_HOST_HEADER (1 << 7)
+/**
+ * Message is intended for SSL connection
+ */
+#define RSPAMD_HTTP_FLAG_WANT_SSL (1 << 8)
/**
* Options for HTTP connection
*/
RSPAMD_HTTP_CLIENT_SHARED = 1u << 3, /**< Store reply in shared memory */
RSPAMD_HTTP_REQUIRE_ENCRYPTION = 1u << 4,
RSPAMD_HTTP_CLIENT_KEEP_ALIVE = 1u << 5,
+ RSPAMD_HTTP_CLIENT_SSL = 1u << 6u,
};
typedef int (*rspamd_http_body_handler_t) (struct rspamd_http_connection *conn,
* @param host
* @return
*/
-struct rspamd_http_connection *rspamd_http_connection_new_keepalive (
+struct rspamd_http_connection *rspamd_http_connection_new_client_keepalive (
struct rspamd_http_context *ctx,
rspamd_http_body_handler_t body_handler,
rspamd_http_error_handler_t error_handler,
rspamd_http_finish_handler_t finish_handler,
+ unsigned opts,
rspamd_inet_addr_t *addr,
const gchar *host);
struct rspamd_http_message *msg;
msg = rspamd_http_new_message (HTTP_REQUEST);
-
- if (cbd->bk->protocol == MAP_PROTO_HTTPS) {
- msg->flags |= RSPAMD_HTTP_FLAG_SSL;
- }
-
if (cbd->check) {
msg->method = HTTP_HEAD;
}
retry:
msg_debug_map ("try open http connection to %s",
rspamd_inet_address_to_string_pretty (cbd->addr));
+ if (cbd->bk->protocol == MAP_PROTO_HTTPS) {
+ flags |= RSPAMD_HTTP_CLIENT_SSL;
+ }
cbd->conn = rspamd_http_connection_new_client (NULL,
NULL,
http_map_error,
strlen (data->host), RSPAMD_INET_ADDRESS_PARSE_DEFAULT)) {
rspamd_inet_address_set_port (addr, cbd->data->port);
g_ptr_array_add (cbd->addrs, (void *)addr);
+
+ if (bk->protocol == MAP_PROTO_HTTPS) {
+ flags |= RSPAMD_HTTP_CLIENT_SSL;
+ }
+
cbd->conn = rspamd_http_connection_new_client (
NULL,
NULL,
projects / rspamd.git / commitdiff