Optionally allow non-SSL connections on same port as SSL If enabled one listening socket will accept both SSL and plain HTTP connections. Do not enable if you regard SSL handshake as some kind of security, eg, use client-side certs to restrict access. AG: changed flag names, added extra comments, changelog, add -a in test server Signed-off-by: James Devine <fxmulder@gmail.com> Signed-off-by: Andy Green <andy@warmcat.com>

commit: 5b34c975aee5a15e382bdfbd3d5110e4101a0879 [log] [tgz]
author: James Devine <fxmulder@gmail.com> Sat Dec 14 11:41:29 2013 +0800
committer: Andy Green <andy.green@linaro.org> Sat Dec 14 11:41:29 2013 +0800
tree: 965ee45accb86ef5b239b0ed06adde4be343e819
parent: 4ebedc2c30b9fd9f045902b3c85d51bde3a3f0fc [diff] [blame]
diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c
index 7342e9b..8b2fec5 100644
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c

@@ -1892,6 +1892,7 @@
 
 #ifdef LWS_OPENSSL_SUPPORT
 	context->use_ssl = 0;
+	context->allow_non_ssl_on_ssl_port = 0;
 	context->ssl_ctx = NULL;
 	context->ssl_client_ctx = NULL;
 	openssl_websocket_private_data_index = 0;
@@ -2135,6 +2136,11 @@
 						     context->ssl_ctx, NULL, 0);
 	}
 
+	if(info->options & LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT) {
+		/* Normally SSL listener rejects non-ssl, optionally allow */
+		context->allow_non_ssl_on_ssl_port = 1;
+	}
+
 	if (context->use_ssl) {
 
 		/* openssl init for server sockets */
commit	5b34c975aee5a15e382bdfbd3d5110e4101a0879	[log] [tgz]
author	James Devine <fxmulder@gmail.com>	Sat Dec 14 11:41:29 2013 +0800
committer	Andy Green <andy.green@linaro.org>	Sat Dec 14 11:41:29 2013 +0800
tree	965ee45accb86ef5b239b0ed06adde4be343e819
parent	4ebedc2c30b9fd9f045902b3c85d51bde3a3f0fc [diff] [blame]