server: add mbedtls support

diff --git a/CMakeLists.txt b/CMakeLists.txt
index fca43f6379a00601026b5fc7e5edd30b46cd81a9..e41c629d16acd4ecbd519e2d98b03868d44b6328 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -67,23 +67,6 @@ endif()
 set(INCLUDE_DIRS ${ZLIB_INCLUDE_DIR} ${LIBWEBSOCKETS_INCLUDE_DIRS} ${JSON-C_INCLUDE_DIRS} ${LIBUV_INCLUDE_DIRS})
 set(LINK_LIBS ${ZLIB_LIBRARIES} ${LIBWEBSOCKETS_LIBRARIES} ${JSON-C_LIBRARIES} ${LIBUV_LIBRARIES})
 
-set (CMAKE_REQUIRED_INCLUDES ${INCLUDE_DIRS})
-include(CheckCSourceCompiles)
-check_c_source_compiles("#include <lws_config.h>
-int main(void) {
-#if defined(LWS_OPENSSL_SUPPORT) || defined(LWS_WITH_TLS)
-    return 0;
-#else
-    return error;
-#endif
-}" LWS_SSL_ENABLED)
-
-if(LWS_SSL_ENABLED)
-    find_package(OpenSSL REQUIRED)
-    list(APPEND INCLUDE_DIRS ${OPENSSL_INCLUDE_DIR})
-    list(APPEND LINK_LIBS ${OPENSSL_LIBRARIES})
-endif()
-
 if(WIN32)
     list(APPEND LINK_LIBS shell32)
 elseif(NOT APPLE)

diff --git a/src/http.c b/src/http.c
index 7fcaf2e9617130069a34b1c6ed08ec003d2963fc..1b789111d724ef42038bce1247c27c07c729ecf3 100644 (file)
--- a/src/http.c
+++ b/src/http.c
@@ -246,7 +246,7 @@ int callback_http(struct lws *wsi, enum lws_callback_reasons reason, void *user,
 
     case LWS_CALLBACK_HTTP_FILE_COMPLETION:
       goto try_to_reuse;
-#if defined(LWS_OPENSSL_SUPPORT) || defined(LWS_WITH_TLS)
+#if (defined(LWS_OPENSSL_SUPPORT) || defined(LWS_WITH_TLS)) && !defined(LWS_WITH_MBEDTLS)
     case LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION:
       if (!len || (SSL_get_verify_result((SSL *)in) != X509_V_OK)) {
         int err = X509_STORE_CTX_get_error((X509_STORE_CTX *)user);

diff --git a/src/server.c b/src/server.c
index 44f6ca63b23d92f090b267b72702c5fc43ad613b..70b0864e583d30ba1c3968b2a5161d803763ed0d 100644 (file)
--- a/src/server.c
+++ b/src/server.c
@@ -509,8 +509,8 @@ int main(int argc, char **argv) {
   if (ssl) {
     info.ssl_cert_filepath = cert_path;
     info.ssl_private_key_filepath = key_path;
-    info.ssl_ca_filepath = ca_path;
-    if (strlen(info.ssl_ca_filepath) > 0)
+    if (strlen(ca_path) > 0)
+      info.ssl_ca_filepath = ca_path;
       info.options |= LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT;
 #if LWS_LIBRARY_VERSION_MAJOR >= 2
     info.options |= LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS;