| /* Feel free to use this example code in any way |
| you see fit (Public Domain) */ |
| |
| #include <sys/types.h> |
| #ifndef _WIN32 |
| #include <sys/select.h> |
| #include <sys/socket.h> |
| #else |
| #include <winsock2.h> |
| #endif |
| #include <microhttpd.h> |
| #include <string.h> |
| #include <stdio.h> |
| #include <stdlib.h> |
| |
| #define PORT 8888 |
| |
| #define REALM "\"Maintenance\"" |
| #define USER "a legitimate user" |
| #define PASSWORD "and his password" |
| |
| #define SERVERKEYFILE "server.key" |
| #define SERVERCERTFILE "server.pem" |
| |
| |
| static char * |
| string_to_base64 (const char *message) |
| { |
| const char *lookup = |
| "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; |
| unsigned long l; |
| int i; |
| char *tmp; |
| size_t length = strlen (message); |
| |
| tmp = malloc (length * 2); |
| if (NULL == tmp) |
| return tmp; |
| |
| tmp[0] = 0; |
| |
| for (i = 0; i < length; i += 3) |
| { |
| l = (((unsigned long) message[i]) << 16) |
| | (((i + 1) < length) ? (((unsigned long) message[i + 1]) << 8) : 0) |
| | (((i + 2) < length) ? ((unsigned long) message[i + 2]) : 0); |
| |
| |
| strncat (tmp, &lookup[(l >> 18) & 0x3F], 1); |
| strncat (tmp, &lookup[(l >> 12) & 0x3F], 1); |
| |
| if (i + 1 < length) |
| strncat (tmp, &lookup[(l >> 6) & 0x3F], 1); |
| if (i + 2 < length) |
| strncat (tmp, &lookup[l & 0x3F], 1); |
| } |
| |
| if (length % 3) |
| strncat (tmp, "===", 3 - length % 3); |
| |
| return tmp; |
| } |
| |
| |
| static long |
| get_file_size (const char *filename) |
| { |
| FILE *fp; |
| |
| fp = fopen (filename, "rb"); |
| if (fp) |
| { |
| long size; |
| |
| if ((0 != fseek (fp, 0, SEEK_END)) || (-1 == (size = ftell (fp)))) |
| size = 0; |
| |
| fclose (fp); |
| |
| return size; |
| } |
| else |
| return 0; |
| } |
| |
| static char * |
| load_file (const char *filename) |
| { |
| FILE *fp; |
| char *buffer; |
| long size; |
| |
| size = get_file_size (filename); |
| if (size == 0) |
| return NULL; |
| |
| fp = fopen (filename, "rb"); |
| if (!fp) |
| return NULL; |
| |
| buffer = malloc (size); |
| if (!buffer) |
| { |
| fclose (fp); |
| return NULL; |
| } |
| |
| if (size != fread (buffer, 1, size, fp)) |
| { |
| free (buffer); |
| buffer = NULL; |
| } |
| |
| fclose (fp); |
| return buffer; |
| } |
| |
| static int |
| ask_for_authentication (struct MHD_Connection *connection, const char *realm) |
| { |
| int ret; |
| struct MHD_Response *response; |
| char *headervalue; |
| const char *strbase = "Basic realm="; |
| |
| response = MHD_create_response_from_buffer (0, NULL, |
| MHD_RESPMEM_PERSISTENT); |
| if (!response) |
| return MHD_NO; |
| |
| headervalue = malloc (strlen (strbase) + strlen (realm) + 1); |
| if (!headervalue) |
| return MHD_NO; |
| |
| strcpy (headervalue, strbase); |
| strcat (headervalue, realm); |
| |
| ret = MHD_add_response_header (response, "WWW-Authenticate", headervalue); |
| free (headervalue); |
| if (!ret) |
| { |
| MHD_destroy_response (response); |
| return MHD_NO; |
| } |
| |
| ret = MHD_queue_response (connection, MHD_HTTP_UNAUTHORIZED, response); |
| |
| MHD_destroy_response (response); |
| |
| return ret; |
| } |
| |
| static int |
| is_authenticated (struct MHD_Connection *connection, |
| const char *username, const char *password) |
| { |
| const char *headervalue; |
| char *expected_b64, *expected; |
| const char *strbase = "Basic "; |
| int authenticated; |
| |
| headervalue = |
| MHD_lookup_connection_value (connection, MHD_HEADER_KIND, |
| "Authorization"); |
| if (NULL == headervalue) |
| return 0; |
| if (0 != strncmp (headervalue, strbase, strlen (strbase))) |
| return 0; |
| |
| expected = malloc (strlen (username) + 1 + strlen (password) + 1); |
| if (NULL == expected) |
| return 0; |
| |
| strcpy (expected, username); |
| strcat (expected, ":"); |
| strcat (expected, password); |
| |
| expected_b64 = string_to_base64 (expected); |
| free (expected); |
| if (NULL == expected_b64) |
| return 0; |
| |
| authenticated = |
| (strcmp (headervalue + strlen (strbase), expected_b64) == 0); |
| |
| free (expected_b64); |
| |
| return authenticated; |
| } |
| |
| |
| static int |
| secret_page (struct MHD_Connection *connection) |
| { |
| int ret; |
| struct MHD_Response *response; |
| const char *page = "<html><body>A secret.</body></html>"; |
| |
| response = |
| MHD_create_response_from_buffer (strlen (page), (void *) page, |
| MHD_RESPMEM_PERSISTENT); |
| if (!response) |
| return MHD_NO; |
| |
| ret = MHD_queue_response (connection, MHD_HTTP_OK, response); |
| MHD_destroy_response (response); |
| |
| return ret; |
| } |
| |
| |
| static int |
| answer_to_connection (void *cls, struct MHD_Connection *connection, |
| const char *url, const char *method, |
| const char *version, const char *upload_data, |
| size_t *upload_data_size, void **con_cls) |
| { |
| if (0 != strcmp (method, "GET")) |
| return MHD_NO; |
| if (NULL == *con_cls) |
| { |
| *con_cls = connection; |
| return MHD_YES; |
| } |
| |
| if (!is_authenticated (connection, USER, PASSWORD)) |
| return ask_for_authentication (connection, REALM); |
| |
| return secret_page (connection); |
| } |
| |
| |
| int |
| main () |
| { |
| struct MHD_Daemon *daemon; |
| char *key_pem; |
| char *cert_pem; |
| |
| key_pem = load_file (SERVERKEYFILE); |
| cert_pem = load_file (SERVERCERTFILE); |
| |
| if ((key_pem == NULL) || (cert_pem == NULL)) |
| { |
| printf ("The key/certificate files could not be read.\n"); |
| return 1; |
| } |
| |
| daemon = |
| MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_SSL, PORT, NULL, |
| NULL, &answer_to_connection, NULL, |
| MHD_OPTION_HTTPS_MEM_KEY, key_pem, |
| MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END); |
| if (NULL == daemon) |
| { |
| printf ("%s\n", cert_pem); |
| |
| free (key_pem); |
| free (cert_pem); |
| |
| return 1; |
| } |
| |
| (void) getchar (); |
| |
| MHD_stop_daemon (daemon); |
| free (key_pem); |
| free (cert_pem); |
| |
| return 0; |
| } |
