SSL support is now optional with the compilation flag "WITH_SSL"

src/Makefile

@@ -32,7 +32,7 @@ appclient.o: appclient.c appinterface.h
 appinterface.o: appinterface.c
 	$(CC) $(libSystem_CFLAGS) -c appinterface.c
 
-appserver.o: appserver.c appinterface.h
+appserver.o: appserver.c appinterface.h ../config.h
 	$(CC) $(libSystem_CFLAGS) -c appserver.c
 
 array.o: array.c

src/appclient.c

@@ -26,7 +26,9 @@
 #include <errno.h>
 #include <netinet/in.h>
 #include <netdb.h>
-#include <openssl/ssl.h>
+#ifdef WITH_SSL
+# include <openssl/ssl.h>
+#endif
 
 #include "System.h"
 #include "appinterface.h"
@@ -48,8 +50,10 @@ struct _AppClient
 	char const * lastfunc;
 	void ** lastargs;
 	int32_t * lastret;
+#ifdef WITH_SSL
 	SSL_CTX * ssl_ctx;
 	SSL * ssl;
+#endif
 };
 
 
@@ -66,20 +70,22 @@ static int _appclient_timeout(AppClient * appclient)
 }
 
 
+/* appclient_read */
+#ifdef WITH_SSL
+# define READ(fd, ac, len) SSL_read(ac->ssl, &ac->buf_read[ac->buf_read_cnt], \
+		len)
+#else
+# define READ(fd, ac, len) read(fd, &ac->buf_read[ac->buf_read_cnt], len)
+#endif
+static int _read_error();
+
 static int _appclient_read(int fd, AppClient * ac)
 {
 	ssize_t len;
 
 	if((len = (sizeof(ac->buf_read) - ac->buf_read_cnt)) < 0
-			|| (len = SSL_read(ac->ssl,
+			|| (len = READ(fd, ac, len)) <= 0)
-					&ac->buf_read[ac->buf_read_cnt],
+		return _read_error(fd, ac);
-					len)) <= 0)
-	{
-		/* FIXME */
-		SSL_shutdown(ac->ssl);
-		close(fd);
-		return 1;
-	}
 	ac->buf_read_cnt += len;
 #ifdef DEBUG
 	fprintf(stderr, "%s%d%s%zd%s", "appclient_read(", fd, ") ", len,
@@ -89,13 +95,8 @@ static int _appclient_read(int fd, AppClient * ac)
 			ac->buf_read, ac->buf_read_cnt, ac->lastfunc,
 			ac->lastargs);
 	if(len < 0 || len > ac->buf_read_cnt)
-	{
+		return _read_error(fd, ac);
-		/* FIXME report error */
+	if(len == 0) /* try again */
-		SSL_shutdown(ac->ssl);
-		close(fd);
-		return 1;
-	}
-	if(len == 0) /* EAGAIN */
 		return 0;
 	ac->buf_read_cnt -= len;
 	event_unregister_timeout(ac->event,
@@ -103,7 +104,23 @@ static int _appclient_read(int fd, AppClient * ac)
 	return 1;
 }
 
+static int _read_error(int fd, AppClient * ac)
+{
+	/* FIXME catch error */
+#ifdef WITH_SSL
+	SSL_shutdown(ac->ssl);
+#endif
+	close(fd);
+	return 1;
+}
 
+
+/* appclient_write */
+#ifdef WITH_SSL
+# define WRITE(fd, ac, len) SSL_write(ac->ssl, ac->buf_write, len)
+#else
+# define WRITE(fd, ac, len) write(fd, ac->buf_write, len)
+#endif
 static int _appclient_write(int fd, AppClient * ac)
 {
 	ssize_t len;
@@ -113,16 +130,18 @@ static int _appclient_write(int fd, AppClient * ac)
 	fprintf(stderr, "%s%d%s%zd%s", "appclient_write(", fd, ") ", len,
 			" bytes\n");
 #endif
-	if((len = SSL_write(ac->ssl, ac->buf_write, len)) <= 0)
+	if((len = WRITE(fd, ac, len)) <= 0)
 	{
+#ifdef WITH_SSL
 		SSL_shutdown(ac->ssl);
+#endif
 		return 1;
 	}
 	memmove(ac->buf_write, &ac->buf_write[len], len);
 	ac->buf_write_cnt-=len;
 	if(ac->buf_write_cnt > 0)
-		return 0;
+		return 0; /* there is more to write */
-	event_register_io_read(ac->event, fd,
+	event_register_io_read(ac->event, fd, /* read the answer */
 			(EventIOFunc)_appclient_read, ac);
 	return 1;
 }
@@ -167,11 +186,15 @@ AppClient * appclient_new_event(char * app, Event * event)
 	appclient->event = event;
 	appclient->buf_read_cnt = 0;
 	appclient->buf_write_cnt = 0;
+#ifdef WITH_SSL
 	appclient->ssl = NULL;
 	if((appclient->ssl_ctx = SSL_CTX_new(SSLv3_client_method())) == NULL
 			|| SSL_CTX_set_cipher_list(appclient->ssl_ctx,
 				SSL_DEFAULT_CIPHER_LIST) != 1
 			|| _new_connect(appclient, app) != 0)
+#else
+	if(_new_connect(appclient, app) != 0)
+#endif
 	{
 		appclient_delete(appclient);
 		return NULL;
@@ -192,19 +215,26 @@ static int _new_connect(AppClient * appclient, char * app)
 	if(_connect_addr("Session", &sa.sin_addr.s_addr) != 0)
 		return 1;
 	if(connect(appclient->fd, (struct sockaddr *)&sa, sizeof(sa)) != 0
+#ifdef WITH_SSL
 			|| (appclient->ssl = SSL_new(appclient->ssl_ctx))
 			== NULL
-			|| SSL_set_fd(appclient->ssl, appclient->fd) != 1)
+			|| SSL_set_fd(appclient->ssl, appclient->fd) != 1
+#endif
+			)
 		return 1;
+#ifdef WITH_SSL
 	SSL_set_connect_state(appclient->ssl);
+#endif
 	if(appclient_call(appclient, &port, "port", app) != 0
 			|| port < 0)
 		return 1;
 	if(port == 0)
 		return 0;
+#ifdef WITH_SSL
 	SSL_shutdown(appclient->ssl);
 	SSL_free(appclient->ssl);
 	appclient->ssl = NULL;
+#endif
 	close(appclient->fd);
 	appclient->fd = -1;
 #ifdef DEBUG
@@ -219,11 +249,16 @@ static int _new_connect(AppClient * appclient, char * app)
 		return 1;
 	sa.sin_port = htons(port);
 	if(connect(appclient->fd, (struct sockaddr *)&sa, sizeof(sa)) != 0
+#ifdef WITH_SSL
 			|| (appclient->ssl = SSL_new(appclient->ssl_ctx))
 			== NULL
-			|| SSL_set_fd(appclient->ssl, appclient->fd) != 1)
+			|| SSL_set_fd(appclient->ssl, appclient->fd) != 1
+#endif
+			)
 		return 1;
+#ifdef WITH_SSL
 	SSL_set_connect_state(appclient->ssl);
+#endif
 	return 0;
 }
 
@@ -258,10 +293,12 @@ void appclient_delete(AppClient * appclient)
 	appinterface_delete(appclient->interface);
 	if(appclient->fd != -1)
 		close(appclient->fd);
+#ifdef WITH_SSL
 	if(appclient->ssl != NULL)
 		SSL_free(appclient->ssl);
 	if(appclient->ssl_ctx != NULL)
 		SSL_CTX_free(appclient->ssl_ctx);
+#endif
 	free(appclient);
 }
 

src/appinterface.c

@@ -24,7 +24,9 @@
 #include <string.h>
 #include <dlfcn.h>
 #include <netinet/in.h>
-#include <openssl/ssl.h>
+#ifdef WITH_SSL
+# include <openssl/ssl.h>
+#endif
 #include "System.h"
 #include "appinterface.h"
 
@@ -115,7 +117,9 @@ static int _new_vfs(AppInterface * appinterface);
 
 AppInterface * appinterface_new(char const * app)
 {
+#ifdef WITH_SSL
 	static int ssl_init = 0;
+#endif
 	AppInterface * appinterface;
 	/* FIXME read this from available Servers configuration, or imagine a
 	 * solution to negociate it directly */
@@ -132,12 +136,14 @@ AppInterface * appinterface_new(char const * app)
 	};
 	size_t i;
 
+#ifdef WITH_SSL
 	if(ssl_init == 0)
 	{
 		SSL_library_init();
 		SSL_load_error_strings();
 		ssl_init = 1;
 	}
+#endif
 #ifdef DEBUG
 	fprintf(stderr, "%s%s%s", "appinterface_new(", app, ");\n");
 #endif

src/appserver.c

@@ -25,10 +25,12 @@
 #endif
 #include <string.h>
 #include <netinet/in.h>
-#include <openssl/ssl.h>
+#ifdef WITH_SSL
+# include <openssl/ssl.h>
+#endif
+
 #include "System.h"
 #include "appinterface.h"
-
 #include "../config.h"
 
 
@@ -52,7 +54,9 @@ typedef struct _AppServerClient
 	size_t buf_read_cnt;
 	char buf_write[ASC_BUFSIZE];
 	size_t buf_write_cnt;
+#ifdef WITH_SSL
 	SSL * ssl;
+#endif
 } AppServerClient;
 
 
@@ -61,7 +65,11 @@ typedef struct _AppServerClient
 static void _appserverclient_delete(AppServerClient * appserverclient);
 
 static AppServerClient * _appserverclient_new(int fd, uint32_t addr,
-		uint16_t port, SSL_CTX * ssl_ctx)
+		uint16_t port
+#ifdef WITH_SSL
+		, SSL_CTX * ssl_ctx
+#endif
+		)
 {
 	AppServerClient * asc;
 
@@ -73,6 +81,7 @@ static AppServerClient * _appserverclient_new(int fd, uint32_t addr,
 	asc->port = port;
 	asc->buf_read_cnt = 0;
 	asc->buf_write_cnt = 0;
+#ifdef WITH_SSL
 	if((asc->ssl = SSL_new(ssl_ctx)) == NULL
 			|| SSL_set_fd(asc->ssl, fd) != 1)
 	{
@@ -80,6 +89,7 @@ static AppServerClient * _appserverclient_new(int fd, uint32_t addr,
 		return NULL;
 	}
 	SSL_set_accept_state(asc->ssl);
+#endif
 	asc->fd = fd;
 	return asc;
 }
@@ -89,8 +99,10 @@ static AppServerClient * _appserverclient_new(int fd, uint32_t addr,
 static void _appserverclient_delete(AppServerClient * appserverclient)
 {
 	/* FIXME find a way to properly report error */
+#ifdef WITH_SSL
 	if(appserverclient->ssl != NULL)
 		SSL_free(appserverclient->ssl);
+#endif
 	if(appserverclient->fd != -1)
 		close(appserverclient->fd);
 	free(appserverclient);
@@ -106,7 +118,9 @@ struct _AppServer
 	AppInterface * interface;
 	Event * event;
 	int event_free;
+#ifdef WITH_SSL
 	SSL_CTX * ssl_ctx;
+#endif
 	AppServerClientArray * clients;
 };
 
@@ -116,7 +130,7 @@ static int _appserver_accept(int fd, AppServer * appserver);
 static int _appserver_read(int fd, AppServer * appserver);
 static int _appserver_write(int fd, AppServer * appserver);
 
-/* _appserver_accept */
+/* appserver_accept */
 static int _appserver_accept(int fd, AppServer * appserver)
 {
 	struct sockaddr_in sa;
@@ -130,8 +144,11 @@ static int _appserver_accept(int fd, AppServer * appserver)
 #endif
 	if((newfd = accept(fd, (struct sockaddr *)&sa, &sa_size)) == -1)
 		return 1;
-	if((asc = _appserverclient_new(newfd, sa.sin_addr.s_addr, sa.sin_port,
+	if((asc = _appserverclient_new(newfd, sa.sin_addr.s_addr, sa.sin_port
-					appserver->ssl_ctx)) == NULL)
+#ifdef WITH_SSL
+					, appserver->ssl_ctx
+#endif
+					)) == NULL)
 	{
 		/* FIXME report error */
 		close(newfd);
@@ -144,8 +161,15 @@ static int _appserver_accept(int fd, AppServer * appserver)
 }
 
 
-/* _appserver_read */
+/* appserver_read */
+#ifdef WITH_SSL
+# define READ(fd, asc, len) SSL_read(asc->ssl, \
+		&asc->buf_read[asc->buf_read_cnt], len)
+#else
+# define READ(fd, asc, len) read(fd, &asc->buf_read[asc->buf_read_cnt], len)
+#endif
 static int _read_process(AppServer * appserver, AppServerClient * asc);
+
 static int _appserver_read(int fd, AppServer * appserver)
 {
 	AppServerClient * asc = NULL;
@@ -163,11 +187,11 @@ static int _appserver_read(int fd, AppServer * appserver)
 	if(asc == NULL)
 		return 1;
 	if((len = sizeof(asc->buf_read) - asc->buf_read_cnt) <= 0
-			|| (len = SSL_read(asc->ssl,
+			|| (len = READ(fd, asc, len)) <= 0)
-					&asc->buf_read[asc->buf_read_cnt],
-					len)) <= 0)
 	{
+#ifdef WITH_SSL
 		SSL_shutdown(asc->ssl);
+#endif
 		/* FIXME do all this in appserverclient_delete() or something
 		 * like appserver_remove_client() */
 		if(asc->buf_write_cnt > 0)
@@ -199,6 +223,7 @@ static int _read_process(AppServer * appserver, AppServerClient * asc)
 }
 
 static int _appserver_receive(AppServer * appserver, AppServerClient * asc);
+
 static int _read_logged(AppServer * appserver, AppServerClient * asc)
 {
 	if(_appserver_receive(appserver, asc) != 0)
@@ -234,7 +259,13 @@ static int _appserver_receive(AppServer * appserver, AppServerClient * asc)
 }
 
 
-/* _appserver_write */
+/* appserver_write */
+#ifdef WITH_SSL
+# define WRITE(fd, asc) SSL_write(asc->ssl, asc->buf_write, asc->buf_write_cnt)
+#else
+# define WRITE(fd, asc) write(fd, asc->buf_write, asc->buf_write_cnt)
+#endif
+
 static int _appserver_write(int fd, AppServer * appserver)
 {
 	AppServerClient * asc;
@@ -255,9 +286,7 @@ static int _appserver_write(int fd, AppServer * appserver)
 #ifdef DEBUG
 	fprintf(stderr, "sending result: %zu long\n", asc->buf_write_cnt);
 #endif
-	if(asc->buf_write_cnt == 0
+	if(asc->buf_write_cnt == 0 || (len = WRITE(fd, asc)) <= 0)
-			|| (len = SSL_write(asc->ssl, asc->buf_write,
-					asc->buf_write_cnt)) <= 0)
 		return 1; /* FIXME what here?!? */
 	memmove(asc->buf_write, &asc->buf_write[len], len);
 	asc->buf_write_cnt-=len;
@@ -295,21 +324,26 @@ static int _new_server(AppServer * appserver, int options);
 AppServer * appserver_new_event(char const * app, int options, Event * event)
 {
 	AppServer * appserver;
+#ifdef WITH_SSL
 	char crt[256];
 
 	if(snprintf(crt, sizeof(crt), "%s%s%s", PREFIX "/etc/AppServer/", app,
 				".crt") >= sizeof(crt))
 		return NULL;
+#endif
 	if((appserver = malloc(sizeof(AppServer))) == NULL)
 		return NULL;
 	appserver->interface = NULL;
 	appserver->event = event;
 	appserver->event_free = 0;
+#ifdef WITH_SSL
 	appserver->ssl_ctx = NULL;
+#endif
 	if((appserver->clients = AppServerClientarray_new()) == NULL
 			|| (appserver->interface = appinterface_new_server(app))
 			== NULL
 			|| _new_server(appserver, options) != 0
+#ifdef WITH_SSL
 			|| (appserver->ssl_ctx = SSL_CTX_new(
 					SSLv3_server_method())) == NULL
 			|| SSL_CTX_set_cipher_list(appserver->ssl_ctx,
@@ -317,7 +351,9 @@ AppServer * appserver_new_event(char const * app, int options, Event * event)
 			|| SSL_CTX_use_certificate_file(appserver->ssl_ctx, crt,
 				SSL_FILETYPE_PEM) == 0
 			|| SSL_CTX_use_PrivateKey_file(appserver->ssl_ctx, crt,
-				SSL_FILETYPE_PEM) == 0)
+				SSL_FILETYPE_PEM) == 0
+#endif
+			)
 	{
 		appserver_delete(appserver);
 		return NULL;
@@ -356,8 +392,10 @@ void appserver_delete(AppServer * appserver)
 	if(appserver->event_free)
 		event_delete(appserver->event);
 	array_delete(appserver->clients);
+#ifdef WITH_SSL
 	if(appserver->ssl_ctx != NULL)
 		SSL_CTX_free(appserver->ssl_ctx);
+#endif
 	free(appserver);
 }
 

src/project.conf

@@ -12,4 +12,4 @@ sources=appclient.c,appinterface.c,appserver.c,array.c,buffer.c,config.c,event.c
 depends=appinterface.h
 
 [appserver.c]
-depends=appinterface.h
+depends=appinterface.h,../config.h