diff options
| author | thiagoftsm <49162938+thiagoftsm@users.noreply.github.com> | 2019-06-03 19:25:09 +0000 |
|---|---|---|
| committer | Paul Emm. Katsoulakis <34388743+paulkatsoulakis@users.noreply.github.com> | 2019-06-03 22:25:09 +0300 |
| commit | 5182677831814289d27afb0b48043ab63f2b6d1b (patch) | |
| tree | f661f5f809870fe07692ca3569d3e2d5e8b7264a /libnetdata | |
| parent | 2a48134cda5975f790d31cea29dae732bef3d7df (diff) | |
netdata/daemon: SSL fix - broken compilation case when ssl library not present! (#6201)
* SSL_fix fix the compilation case the library is not present!
Diffstat (limited to 'libnetdata')
| -rw-r--r-- | libnetdata/libnetdata.h | 4 | ||||
| -rw-r--r-- | libnetdata/socket/security.c | 6 | ||||
| -rw-r--r-- | libnetdata/socket/security.h | 32 | ||||
| -rw-r--r-- | libnetdata/socket/socket.c | 2 | ||||
| -rw-r--r-- | libnetdata/socket/socket.h | 1 |
5 files changed, 28 insertions, 17 deletions
diff --git a/libnetdata/libnetdata.h b/libnetdata/libnetdata.h index eaedfe7036..41642efd25 100644 --- a/libnetdata/libnetdata.h +++ b/libnetdata/libnetdata.h @@ -298,7 +298,9 @@ extern char *netdata_configured_host_prefix; #include "clocks/clocks.h" #include "popen/popen.h" #include "simple_pattern/simple_pattern.h" -#include "socket/security.h" +#ifdef ENABLE_HTTPS +# include "socket/security.h" +#endif #include "socket/socket.h" #include "config/appconfig.h" #include "log/log.h" diff --git a/libnetdata/socket/security.c b/libnetdata/socket/security.c index 74a07a573b..936fefd338 100644 --- a/libnetdata/socket/security.c +++ b/libnetdata/socket/security.c @@ -1,5 +1,7 @@ #include "../libnetdata.h" +#ifdef ENABLE_HTTPS + SSL_CTX *netdata_cli_ctx=NULL; SSL_CTX *netdata_srv_ctx=NULL; const char *security_key=NULL; @@ -212,4 +214,6 @@ int security_test_certificate(SSL *ssl){ ret = 0; } return ret; -}
\ No newline at end of file +} + +#endif diff --git a/libnetdata/socket/security.h b/libnetdata/socket/security.h index f4771414f7..83e6eb3882 100644 --- a/libnetdata/socket/security.h +++ b/libnetdata/socket/security.h @@ -1,21 +1,24 @@ #ifndef NETDATA_SECURITY_H # define NETDATA_SECURITY_H -# include <openssl/ssl.h> -# include <openssl/err.h> -# if (SSLEAY_VERSION_NUMBER >= 0x0907000L) && (OPENSSL_VERSION_NUMBER < 0x10100000L) -# include <openssl/conf.h> -# endif +# define NETDATA_SSL_HANDSHAKE_COMPLETE 0 //All the steps were successful +# define NETDATA_SSL_START 1 //Starting handshake, conn variable is NULL +# define NETDATA_SSL_WANT_READ 2 //The connection wanna read from socket +# define NETDATA_SSL_WANT_WRITE 4 //The connection wanna write on socket +# define NETDATA_SSL_NO_HANDSHAKE 8 //Continue without encrypt connection. +# define NETDATA_SSL_OPTIONAL 16 //Flag to define the HTTP request +# define NETDATA_SSL_FORCE 32 //We only accepts HTTPS request +# define NETDATA_SSL_INVALID_CERTIFICATE 64 //Accepts invalid certificate +# define NETDATA_SSL_VALID_CERTIFICATE 128 //Accepts invalid certificate + +# ifdef ENABLE_HTTPS + +# include <openssl/ssl.h> +# include <openssl/err.h> +# if (SSLEAY_VERSION_NUMBER >= 0x0907000L) && (OPENSSL_VERSION_NUMBER < 0x10100000L) +# include <openssl/conf.h> +# endif -#define NETDATA_SSL_HANDSHAKE_COMPLETE 0 //All the steps were successful -#define NETDATA_SSL_START 1 //Starting handshake, conn variable is NULL -#define NETDATA_SSL_WANT_READ 2 //The connection wanna read from socket -#define NETDATA_SSL_WANT_WRITE 4 //The connection wanna write on socket -#define NETDATA_SSL_NO_HANDSHAKE 8 //Continue without encrypt connection. -#define NETDATA_SSL_OPTIONAL 16 //Flag to define the HTTP request -#define NETDATA_SSL_FORCE 32 //We only accepts HTTPS request -#define NETDATA_SSL_INVALID_CERTIFICATE 64 //Accepts invalid certificate -#define NETDATA_SSL_VALID_CERTIFICATE 128 //Accepts invalid certificate struct netdata_ssl{ SSL *conn; //SSL connection int flags; @@ -35,4 +38,5 @@ void security_start_ssl(int type); int security_process_accept(SSL *ssl,int msg); int security_test_certificate(SSL *ssl); +# endif //ENABLE_HTTPS #endif //NETDATA_SECURITY_H diff --git a/libnetdata/socket/socket.c b/libnetdata/socket/socket.c index 3ac5a26e5a..37a4f23d44 100644 --- a/libnetdata/socket/socket.c +++ b/libnetdata/socket/socket.c @@ -302,6 +302,7 @@ void listen_sockets_close(LISTEN_SOCKETS *sockets) { } WEB_CLIENT_ACL socket_ssl_acl(char *ssl){ +#ifdef ENABLE_HTTPS if (!strcmp(ssl,"optional")){ netdata_use_ssl_on_http = NETDATA_SSL_OPTIONAL; return WEB_CLIENT_ACL_DASHBOARD | WEB_CLIENT_ACL_REGISTRY | WEB_CLIENT_ACL_BADGE | WEB_CLIENT_ACL_MGMT | WEB_CLIENT_ACL_NETDATACONF | WEB_CLIENT_ACL_STREAMING; @@ -310,6 +311,7 @@ WEB_CLIENT_ACL socket_ssl_acl(char *ssl){ netdata_use_ssl_on_stream = NETDATA_SSL_FORCE; return WEB_CLIENT_ACL_DASHBOARD | WEB_CLIENT_ACL_REGISTRY | WEB_CLIENT_ACL_BADGE | WEB_CLIENT_ACL_MGMT | WEB_CLIENT_ACL_NETDATACONF | WEB_CLIENT_ACL_STREAMING; } +#endif return WEB_CLIENT_ACL_NONE; } diff --git a/libnetdata/socket/socket.h b/libnetdata/socket/socket.h index 1356765168..9ea83bcc0f 100644 --- a/libnetdata/socket/socket.h +++ b/libnetdata/socket/socket.h @@ -3,7 +3,6 @@ #ifndef NETDATA_SOCKET_H #define NETDATA_SOCKET_H -#include <openssl/ossl_typ.h> #include "../libnetdata.h" #ifndef MAX_LISTEN_FDS |