Web interface: allow using service.cert PEM certificate to enable SSL support.
This commit is contained in:
Jan Kaluza
parent
17fe52b61f
commit
d0d08adf5a
6 changed files with 34 additions and 1 deletions
|
|
@ -8,6 +8,11 @@ SET_SOURCE_FILES_PROPERTIES(${CMAKE_CURRENT_SOURCE_DIR}/../../include/transport/
|
|||
|
||||
target_link_libraries(spectrum2_manager transport ${SWIFTEN_LIBRARY} ${PROTOBUF_LIBRARIES})
|
||||
|
||||
if (CMAKE_COMPILER_IS_GNUCXX)
|
||||
add_definitions(-DMG_ENABLE_SSL)
|
||||
target_link_libraries(spectrum2_manager ${OPENSSL_LIBRARIES})
|
||||
endif()
|
||||
|
||||
if(APPLE)
|
||||
target_link_libraries(spectrum2_manager transport ${APPLE_FRAMEWORKS})
|
||||
endif()
|
||||
|
|
|
|||
|
|
@ -18,6 +18,9 @@ function show_instances() {
|
|||
else if (admin) {
|
||||
var command = "start";
|
||||
}
|
||||
else {
|
||||
var command = "";
|
||||
}
|
||||
var row = '<tr>'
|
||||
row += '<td>' + instance.name + '</td>'
|
||||
row += '<td>' + instance.status + '</td>'
|
||||
|
|
@ -26,8 +29,13 @@ function show_instances() {
|
|||
row += '<td><a class="button_command" href="/instances/register.shtml?id=' + instance.id + '">' + command + '</a>' + '</td></tr>';
|
||||
$("#main_result > tbody:last-child").append(row);
|
||||
}
|
||||
else if (command == "") {
|
||||
row += '<td></td></tr>';
|
||||
$("#main_result > tbody:last-child").append(row);
|
||||
}
|
||||
else {
|
||||
row += '<td><a class="button_command" href="/api/v1/instances/' + command + '/' + instance.id + '">' + command + '</a>' + '</td></tr>';
|
||||
$("#main_result > tbody:last-child").append(row);
|
||||
$(".button_command").click(function(e) {
|
||||
e.preventDefault();
|
||||
$(this).parent().empty().progressbar( {value: false} ).css('height', '1em');
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@ bool ManagerConfig::load(const std::string &configfile, boost::program_options::
|
|||
("service.admin_username", value<std::string>()->default_value(""), "Administrator username.")
|
||||
("service.admin_password", value<std::string>()->default_value(""), "Administrator password.")
|
||||
("service.port", value<int>()->default_value(8081), "Web interface port.")
|
||||
("service.cert", value<std::string>()->default_value(""), "Web interface certificate in PEM format when TLS should be used.")
|
||||
("service.config_directory", value<std::string>()->default_value("/etc/spectrum2/transports/"), "Directory with spectrum2 configuration files. One .cfg file per one instance")
|
||||
("service.data_dir", value<std::string>()->default_value("/var/lib/spectrum2_manager/html"), "Directory to store Spectrum 2 manager data")
|
||||
("servers.server", value<std::vector<std::string> >()->multitoken(), "Server.")
|
||||
|
|
|
|||
|
|
@ -2228,6 +2228,7 @@ static int mg_use_cert(SSL_CTX *ctx, const char *pem_file) {
|
|||
return 0;
|
||||
} else if (SSL_CTX_use_certificate_file(ctx, pem_file, 1) == 0 ||
|
||||
SSL_CTX_use_PrivateKey_file(ctx, pem_file, 1) == 0) {
|
||||
ERR_print_errors_fp(stderr);
|
||||
return -2;
|
||||
} else {
|
||||
#ifndef MG_DISABLE_PFS
|
||||
|
|
|
|||
|
|
@ -644,6 +644,7 @@ int json_emit_va(char *buf, int buf_len, const char *fmt, va_list);
|
|||
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
|
||||
#endif
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
#else
|
||||
typedef void *SSL;
|
||||
typedef void *SSL_CTX;
|
||||
|
|
|
|||
|
|
@ -63,7 +63,24 @@ Server::Server(ManagerConfig *config, const std::string &config_file) {
|
|||
m_password = CONFIG_STRING(m_config, "service.admin_password");
|
||||
|
||||
mg_mgr_init(&m_mgr, this);
|
||||
m_nc = mg_bind(&m_mgr, std::string(":" + boost::lexical_cast<std::string>(CONFIG_INT(m_config, "service.port"))).c_str(), &_event_handler);
|
||||
|
||||
struct mg_bind_opts opts;
|
||||
memset(&opts, 0, sizeof(opts));
|
||||
const char *error_string;
|
||||
opts.error_string = &error_string;
|
||||
m_nc = mg_bind_opt(&m_mgr, std::string(":" + boost::lexical_cast<std::string>(CONFIG_INT(m_config, "service.port"))).c_str(), &_event_handler, opts);
|
||||
if (!m_nc) {
|
||||
std::cerr << "Error creating server: " << error_string << "\n";
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (!CONFIG_STRING(m_config, "service.cert").empty()) {
|
||||
const char *err_str = mg_set_ssl(m_nc, CONFIG_STRING(m_config, "service.cert").c_str(), NULL);
|
||||
if (err_str) {
|
||||
std::cerr << "Error setting SSL certificate: " << err_str << "\n";
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
mg_set_protocol_http_websocket(m_nc);
|
||||
|
||||
s_http_server_opts.document_root = CONFIG_STRING(m_config, "service.data_dir").c_str();
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue