diff options
| author | Andras Timar <andras.timar@collabora.com> | 2016-08-28 21:41:28 +0200 |
|---|---|---|
| committer | Andras Timar <andras.timar@collabora.com> | 2016-09-04 10:52:40 +0200 |
| commit | af71a9be15953c2b0c72004243e8a04d6c7afa9a (patch) | |
| tree | 90017436d69050f004fbb5ee21932ac64e3a685e | |
| parent | 5ee7380e3409824c216b87e9d5df7e6af3119178 (diff) | |
loolwsd: add support of SSL termination1.8.3
| -rw-r--r-- | loolwsd/FileServer.hpp | 2 | ||||
| -rw-r--r-- | loolwsd/LOOLWSD.cpp | 12 | ||||
| -rw-r--r-- | loolwsd/LOOLWSD.hpp | 7 | ||||
| -rw-r--r-- | loolwsd/Storage.cpp | 2 | ||||
| -rw-r--r-- | loolwsd/loolwsd.xml.in | 1 |
5 files changed, 20 insertions, 4 deletions
diff --git a/loolwsd/FileServer.hpp b/loolwsd/FileServer.hpp index 874db9964..3bcf113b8 100644 --- a/loolwsd/FileServer.hpp +++ b/loolwsd/FileServer.hpp @@ -217,7 +217,7 @@ private: { HTMLForm form(request, request.stream()); - const auto host = (LOOLWSD::isSSLEnabled() ? "wss://" : "ws://") + (LOOLWSD::ServerName.empty() ? request.getHost() : LOOLWSD::ServerName); + const auto host = ((LOOLWSD::isSSLEnabled() || LOOLWSD::isSSLTermination()) ? "wss://" : "ws://") + (LOOLWSD::ServerName.empty() ? request.getHost() : LOOLWSD::ServerName); const auto path = Poco::Path(LOOLWSD::FileServerRoot, getRequestPathname(request)); Log::debug("Preprocessing file: " + path.toString()); diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp index c14e986df..e9ce1d6e6 100644 --- a/loolwsd/LOOLWSD.cpp +++ b/loolwsd/LOOLWSD.cpp @@ -782,7 +782,7 @@ private: const std::string urlsrc = "urlsrc"; const auto& config = Application::instance().config(); const std::string loleafletHtml = config.getString("loleaflet_html", "loleaflet.html"); - const std::string uriValue = (LOOLWSD::isSSLEnabled() ? "https://" : "http://") + + const std::string uriValue = ((LOOLWSD::isSSLEnabled() || LOOLWSD::isSSLTermination()) ? "https://" : "http://") + (LOOLWSD::ServerName.empty() ? request.getHost() : LOOLWSD::ServerName) + "/loleaflet/" LOOLWSD_VERSION_HASH "/" + loleafletHtml + "?"; @@ -1240,7 +1240,7 @@ std::string lcl_getLaunchURI() aAbsTopSrcDir = Poco::Path(aAbsTopSrcDir).absolute().toString(); std::string aLaunchURI(" "); - aLaunchURI += ((LOOLWSD::isSSLEnabled()) ? "https://" : "http://"); + aLaunchURI += ((LOOLWSD::isSSLEnabled() || LOOLWSD::isSSLTermination()) ? "https://" : "http://"); aLaunchURI += LOOLWSD_TEST_HOST ":"; aLaunchURI += std::to_string(ClientPortNumber); aLaunchURI += LOOLWSD_TEST_LOLEAFLET_UI; @@ -1263,6 +1263,7 @@ std::string LOOLWSD::ServerName; std::string LOOLWSD::FileServerRoot; std::string LOOLWSD::LOKitVersion; Util::RuntimeConstant<bool> LOOLWSD::SSLEnabled; +Util::RuntimeConstant<bool> LOOLWSD::SSLTermination; static std::string UnitTestLibrary; @@ -1322,6 +1323,7 @@ void LOOLWSD::initialize(Application& self) { "logging.color", "true" }, { "logging.level", "trace" }, { "ssl.enable", "true" }, + { "ssl.termination", "true" }, { "ssl.cert_file_path", LOOLWSD_CONFIGDIR "/cert.pem" }, { "ssl.key_file_path", LOOLWSD_CONFIGDIR "/key.pem" }, { "ssl.ca_file_path", LOOLWSD_CONFIGDIR "/ca-chain.cert.pem" }, @@ -1367,6 +1369,12 @@ void LOOLWSD::initialize(Application& self) Log::warn("SSL support: SSL is disabled."); } +#if ENABLE_SSL + LOOLWSD::SSLTermination.set(getConfigValue<bool>(conf, "ssl.termination", true)); +#else + LOOLWSD::SSLTermination.set(false); +#endif + Cache = getPathFromConfig("tile_cache_path"); SysTemplate = getPathFromConfig("sys_template_path"); LoTemplate = getPathFromConfig("lo_template_path"); diff --git a/loolwsd/LOOLWSD.hpp b/loolwsd/LOOLWSD.hpp index ff282d65c..bfc131016 100644 --- a/loolwsd/LOOLWSD.hpp +++ b/loolwsd/LOOLWSD.hpp @@ -57,6 +57,12 @@ public: { return LOOLWSD::SSLEnabled.get(); } + static + bool isSSLTermination() + { + return LOOLWSD::SSLTermination.get(); + } + protected: void initialize(Poco::Util::Application& self) override; @@ -67,6 +73,7 @@ protected: private: static Util::RuntimeConstant<bool> SSLEnabled; + static Util::RuntimeConstant<bool> SSLTermination; void initializeSSL(); void displayHelp(); diff --git a/loolwsd/Storage.cpp b/loolwsd/Storage.cpp index 3fc75b7b1..9f1694e1e 100644 --- a/loolwsd/Storage.cpp +++ b/loolwsd/Storage.cpp @@ -241,7 +241,7 @@ namespace { static inline Poco::Net::HTTPClientSession* lcl_getHTTPClientSession(const Poco::URI& uri) { - return (LOOLWSD::isSSLEnabled()) ? new Poco::Net::HTTPSClientSession(uri.getHost(), uri.getPort(), Poco::Net::SSLManager::instance().defaultClientContext()) + return (LOOLWSD::isSSLEnabled() || LOOLWSD::isSSLTermination()) ? new Poco::Net::HTTPSClientSession(uri.getHost(), uri.getPort(), Poco::Net::SSLManager::instance().defaultClientContext()) : new Poco::Net::HTTPClientSession(uri.getHost(), uri.getPort()); } diff --git a/loolwsd/loolwsd.xml.in b/loolwsd/loolwsd.xml.in index 6366dd60c..880fa5c4f 100644 --- a/loolwsd/loolwsd.xml.in +++ b/loolwsd/loolwsd.xml.in @@ -27,6 +27,7 @@ <ssl desc="SSL settings"> <enable type="bool" default="true">true</enable> + <termination desc="Connection via proxy where loolwsd acts as working via https, but actually uses http." type="bool" default="true">true</termination> <cert_file_path desc="Path to the cert file" relative="false">/etc/loolwsd/cert.pem</cert_file_path> <key_file_path desc="Path to the key file" relative="false">/etc/loolwsd/key.pem</key_file_path> <ca_file_path desc="Path to the ca file" relative="false">/etc/loolwsd/ca-chain.cert.pem</ca_file_path> |