From 4a486de7c9db11591840c451ebb84c3ac1b2e8b9 Mon Sep 17 00:00:00 2001 From: Matthias Kortstiege Date: Wed, 10 Dec 2008 14:51:56 +0100 Subject: updated ssl patch --- setup.cpp | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'setup.cpp') diff --git a/setup.cpp b/setup.cpp index 2be03cd..2bdf7bd 100644 --- a/setup.cpp +++ b/setup.cpp @@ -26,6 +26,7 @@ Setup::Setup(): #if TNTSSLSUPPORT m_serverSslPort( 8443 ), m_serverSslCert(), + m_serverSslKey(), #endif m_lastChannel( 0 ), m_screenshotInterval( 1000 ), @@ -57,6 +58,7 @@ bool Setup::ParseCommandLine( int argc, char* argv[] ) #if TNTSSLSUPPORT { "sslport", required_argument, NULL, 's' }, { "cert", required_argument, NULL, 'c' }, + { "key", required_argument, NULL, 'k' }, #endif { 0 } }; @@ -71,6 +73,7 @@ bool Setup::ParseCommandLine( int argc, char* argv[] ) #if TNTSSLSUPPORT case 's': m_serverSslPort = atoi( optarg ); break; case 'c': m_serverSslCert = optarg; break; + case 'k': m_serverSslKey = optarg; break; #endif default: return false; } @@ -96,6 +99,7 @@ char const* Setup::CommandLineHelp() const << " -s PORT, --sslport=PORT use PORT to listen for incoming ssl connections\n" " (default: " << m_serverSslPort << ")\n" << " -c CERT, --cert=CERT full path to a custom ssl certificate file\n" + << " -k KEY, --key=KEY full path to a custom ssl certificate key file\n" #endif << " -l level, --log=level log level for tntnet (values: INFO, DEBUG,...)\n" << " -e , --epgimages= directory for epgimages\n"; @@ -153,16 +157,20 @@ bool Setup::CheckServerSslPort() bool Setup::CheckServerIps() { + struct in6_addr buf; + if ( m_serverIps.empty() ) { - m_serverIps.push_back( "0.0.0.0" ); + m_serverIps.push_back( "::" ); return true; } for ( IpList::const_iterator ip = m_serverIps.begin(); ip != m_serverIps.end(); ++ip ) { if ( inet_addr( ip->c_str() ) == static_cast< in_addr_t >( -1 ) ) { - esyslog( "ERROR: live server ip %s is not a valid ip address", ip->c_str() ); - cerr << "ERROR: live server ip " << *ip << " is not a valid ip address" << endl; - return false; + if ( ! inet_pton( AF_INET6, ip->c_str(), &buf ) ) { + esyslog( "ERROR: live server ip %s is not a valid ip address", ip->c_str() ); + cerr << "ERROR: live server ip " << *ip << " is not a valid ip address" << endl; + return false; + } } } return true; -- cgit v1.2.3 From e3343f602dfe288afa1f027563d307d049d95c1e Mon Sep 17 00:00:00 2001 From: Dieter Hametner Date: Wed, 18 Feb 2009 00:19:32 +0100 Subject: Fixed the need to add an --ip parameter on the live command line if the host had no IPv6 support in the kernel (or module). Don't abort operation if one of the given ips fails at bind call. Abort only if every bind call fails. --- setup.cpp | 39 +++++++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 12 deletions(-) (limited to 'setup.cpp') diff --git a/setup.cpp b/setup.cpp index 2bdf7bd..5b6a9f3 100644 --- a/setup.cpp +++ b/setup.cpp @@ -155,25 +155,40 @@ bool Setup::CheckServerSslPort() } #endif +namespace { + struct IpValidator + { + bool operator() (string const & ip) + { + struct in6_addr buf; + struct in_addr buf4; + + bool valid = inet_aton(ip.c_str(), &buf4) || inet_pton(AF_INET6, ip.c_str(), &buf); + + if (!valid) { + esyslog( "ERROR: live server ip %s is not a valid ip address", ip.c_str()); + cerr << "ERROR: live server ip '" << ip << "' is not a valid ip address" << endl; + } + return valid; + } + }; +} + bool Setup::CheckServerIps() { - struct in6_addr buf; - if ( m_serverIps.empty() ) { + // add a default IPv4 listener address + m_serverIps.push_back( "0.0.0.0" ); + // and be prepared for IPv6 only hosts. m_serverIps.push_back( "::" ); + // we assume these are ok :) return true; } - for ( IpList::const_iterator ip = m_serverIps.begin(); ip != m_serverIps.end(); ++ip ) { - if ( inet_addr( ip->c_str() ) == static_cast< in_addr_t >( -1 ) ) { - if ( ! inet_pton( AF_INET6, ip->c_str(), &buf ) ) { - esyslog( "ERROR: live server ip %s is not a valid ip address", ip->c_str() ); - cerr << "ERROR: live server ip " << *ip << " is not a valid ip address" << endl; - return false; - } - } - } - return true; + IpList::iterator i = partition(m_serverIps.begin(), m_serverIps.end(), IpValidator()); + m_serverIps.erase(i, m_serverIps.end()); + + return !m_serverIps.empty(); } std::string const Setup::GetMD5HashAdminPassword() const -- cgit v1.2.3