From 06c4d13da6267d9c5698bec9521c76e3efdb1efa Mon Sep 17 00:00:00 2001
From: Sebastian Reichel <sre@ring0.de>
Date: Fri, 13 Feb 2015 16:20:36 +0100
Subject: web: add tls support

---
 src/web/main.vala | 20 +++++++++++++++++++-
 src/web/web.vala  | 14 ++++++++++----
 2 files changed, 29 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/web/main.vala b/src/web/main.vala
index b5fdde3..dd354c5 100644
--- a/src/web/main.vala
+++ b/src/web/main.vala
@@ -20,19 +20,37 @@ public Config cfg;
 string templatedir;
 
 public static int main(string[] args) {
+	TlsCertificate? cert = null;
+	string certificate;
+	string privatekey;
+	uint port;
+
 	try {
 		db  = Bus.get_proxy_sync(BusType.SESSION, "io.mainframe.shopsystem.Database", "/io/mainframe/shopsystem/database");
 		pgp = Bus.get_proxy_sync(BusType.SESSION, "io.mainframe.shopsystem.PGP", "/io/mainframe/shopsystem/pgp");
 		cfg = Bus.get_proxy_sync(BusType.SESSION, "io.mainframe.shopsystem.Config", "/io/mainframe/shopsystem/config");
 		templatedir = cfg.get_string("WEB", "filepath");
+		port = cfg.get_integer("WEB", "port");
+		certificate = cfg.get_string("WEB", "cert");
+		privatekey = cfg.get_string("WEB", "key");
 	} catch(IOError e) {
 		error("IOError: %s\n", e.message);
 	} catch(KeyFileError e) {
 		error("KeyFileError: %s\n", e.message);
 	}
 
+	stdout.printf("Web Server Port: %u\n", port);
+	stdout.printf("TLS certificate: %s\n", certificate);
+	stdout.printf("TLS private key: %s\n", privatekey);
+
 	/* attach WebServer to MainLoop */
-	new WebServer();
+	try {
+		if(certificate != "" && privatekey != "")
+			cert = new TlsCertificate.from_files(certificate, privatekey);
+		new WebServer(port, cert);
+	} catch(Error e) {
+		error("Could not start Webserver: %s\n", e.message);
+	}
 
 	/* start MainLoop */
 	new MainLoop().run();
diff --git a/src/web/web.vala b/src/web/web.vala
index 1ff8acf..aa00586 100644
--- a/src/web/web.vala
+++ b/src/web/web.vala
@@ -987,8 +987,16 @@ public class WebServer {
 		}
 	}
 
-	public WebServer(int port = 8080) {
-		srv = new Soup.Server(Soup.SERVER_PORT, port);
+	public WebServer(uint port = 8080, TlsCertificate? cert = null) throws Error {
+		srv = new Soup.Server("tls-certificate", cert);
+		Soup.ServerListenOptions options = 0;
+
+		if(cert != null)
+			options |= Soup.ServerListenOptions.HTTPS;
+
+		if(!srv.listen_all(port, options)) {
+			throw new GLib.IOError.FAILED("Could not setup webserver!");
+		}
 
 		/* index */
 		srv.add_handler("/", handler_default);
@@ -1022,7 +1030,5 @@ public class WebServer {
 		srv.add_handler("/users", handler_users);
 		srv.add_handler("/users/import", handler_user_import);
 		srv.add_handler("/users/import-pgp", handler_user_pgp_import);
-
-		srv.run_async();
 	}
 }
-- 
cgit v1.2.3