modify:ssl type default only tls now

xengine-qyt · xengine-qyt · commit 9fc323f78b9d · 2024-04-16T11:10:52.000+08:00
modify:ssl support multi type cert
diff --git a/XEngine_Source/StorageModule_Config/Config_Define.h b/XEngine_Source/StorageModule_Config/Config_Define.h
@@ -97,8 +97,8 @@ typedef struct tag_XEngine_ServerConfig
     struct  
     {
         XCHAR tszCertChain[MAX_PATH];
+        XCHAR tszCertServer[MAX_PATH];
         XCHAR tszCertKey[MAX_PATH];
-        int nSslType;
         bool bDLEnable;
         bool bUPEnable;
         bool bCHEnable;
diff --git a/XEngine_Source/StorageModule_Config/Config_Json/Config_Json.cpp b/XEngine_Source/StorageModule_Config/Config_Json/Config_Json.cpp
@@ -212,11 +212,14 @@ bool CConfig_Json::Config_Json_File(LPCXSTR lpszConfigFile, XENGINE_SERVERCONFIG
 	pSt_ServerConfig->st_XCert.bDLEnable = st_JsonCert["bDLEnable"].asInt();
 	pSt_ServerConfig->st_XCert.bUPEnable = st_JsonCert["bUPEnable"].asInt();
 	pSt_ServerConfig->st_XCert.bCHEnable = st_JsonCert["bCHEnable"].asInt();
-	pSt_ServerConfig->st_XCert.nSslType = st_JsonCert["nSslType"].asInt();
 	if (!st_JsonP2xp["tszCertChain"].isNull())
 	{
 		_tcsxcpy(pSt_ServerConfig->st_XCert.tszCertChain, st_JsonP2xp["tszCertChain"].asCString());
 	}
+	if (!st_JsonP2xp["tszCertServer"].isNull())
+	{
+		_tcsxcpy(pSt_ServerConfig->st_XCert.tszCertServer, st_JsonP2xp["tszCertServer"].asCString());
+	}
 	if (!st_JsonP2xp["tszCertKey"].isNull())
 	{
 		_tcsxcpy(pSt_ServerConfig->st_XCert.tszCertKey, st_JsonP2xp["tszCertKey"].asCString());
diff --git a/XEngine_Source/XEngine_StorageApp/XEngine_StorageApp.cpp b/XEngine_Source/XEngine_StorageApp/XEngine_StorageApp.cpp
@@ -241,13 +241,20 @@ int main(int argc, char** argv)
 
 		if (st_ServiceCfg.st_XCert.bDLEnable)
 		{
-			xhDLSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, (ENUM_XENGINE_OPENSSL_PROTOCOL)st_ServiceCfg.st_XCert.nSslType);
+			if (_tcsxlen(st_ServiceCfg.st_XCert.tszCertServer) > 0)
+			{
+				xhDLSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertServer, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);
+			}
+			else
+			{
+				xhDLSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);
+			}
 			if (NULL == xhDLSsl)
 			{
 				XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("启动服务中，启动下载SSL服务失败，错误：%lX"), Session_GetLastError());
 				goto XENGINE_EXITAPP;
 			}
-			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动下载SSL服务成功,证书链:%s,证书Key:%s,验证模式:%d"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey, st_ServiceCfg.st_XCert.nSslType);
+			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动下载SSL服务成功,证书链:%s,证书Key:%s"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey);
 		}
 		else
 		{
@@ -301,13 +308,20 @@ int main(int argc, char** argv)
 
 		if (st_ServiceCfg.st_XCert.bUPEnable)
 		{
-			xhUPSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, (ENUM_XENGINE_OPENSSL_PROTOCOL)st_ServiceCfg.st_XCert.nSslType);
+			if (_tcsxlen(st_ServiceCfg.st_XCert.tszCertServer) > 0)
+			{
+				xhUPSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertServer, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);
+			}
+			else
+			{
+				xhUPSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);
+			}
 			if (NULL == xhUPSsl)
 			{
 				XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("启动服务中，启动上传SSL服务失败，错误：%lX"), Session_GetLastError());
 				goto XENGINE_EXITAPP;
 			}
-			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动上传SSL服务成功,证书链:%s,证书Key:%s,验证模式:%d"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey, st_ServiceCfg.st_XCert.nSslType);
+			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动上传SSL服务成功,证书链:%s,证书Key:%s"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey);
 		}
 		else
 		{
@@ -354,13 +368,20 @@ int main(int argc, char** argv)
 
 		if (st_ServiceCfg.st_XCert.bCHEnable)
 		{
-			xhCHSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, (ENUM_XENGINE_OPENSSL_PROTOCOL)st_ServiceCfg.st_XCert.nSslType);
+			if (_tcsxlen(st_ServiceCfg.st_XCert.tszCertServer) > 0)
+			{
+				xhCHSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertServer, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);
+			}
+			else
+			{
+				xhCHSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);
+			}
 			if (NULL == xhCHSsl)
 			{
 				XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("启动服务中，启动业务SSL服务失败，错误：%lX"), Session_GetLastError());
 				goto XENGINE_EXITAPP;
 			}
-			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动业务SSL服务成功,证书链:%s,证书Key:%s,验证模式:%d"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey, st_ServiceCfg.st_XCert.nSslType);
+			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动业务SSL服务成功,证书链:%s,证书Key:%s"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey);
 		}
 		else
 		{

Original file line number	Diff line number	Diff line change
`@@ -212,11 +212,14 @@ bool CConfig_Json::Config_Json_File(LPCXSTR lpszConfigFile, XENGINE_SERVERCONFIG`
`212`	`212`	`pSt_ServerConfig->st_XCert.bDLEnable = st_JsonCert["bDLEnable"].asInt();`
`213`	`213`	`pSt_ServerConfig->st_XCert.bUPEnable = st_JsonCert["bUPEnable"].asInt();`
`214`	`214`	`pSt_ServerConfig->st_XCert.bCHEnable = st_JsonCert["bCHEnable"].asInt();`
`215`		`- pSt_ServerConfig->st_XCert.nSslType = st_JsonCert["nSslType"].asInt();`
`216`	`215`	`if (!st_JsonP2xp["tszCertChain"].isNull())`
`217`	`216`	`{`
`218`	`217`	`_tcsxcpy(pSt_ServerConfig->st_XCert.tszCertChain, st_JsonP2xp["tszCertChain"].asCString());`
`219`	`218`	`}`
	`219`	`+ if (!st_JsonP2xp["tszCertServer"].isNull())`
	`220`	`+ {`
	`221`	`+ _tcsxcpy(pSt_ServerConfig->st_XCert.tszCertServer, st_JsonP2xp["tszCertServer"].asCString());`
	`222`	`+ }`
`220`	`223`	`if (!st_JsonP2xp["tszCertKey"].isNull())`
`221`	`224`	`{`
`222`	`225`	`_tcsxcpy(pSt_ServerConfig->st_XCert.tszCertKey, st_JsonP2xp["tszCertKey"].asCString());`
Original file line number	Diff line number	Diff line change
`@@ -241,13 +241,20 @@ int main(int argc, char** argv)`
`241`	`241`
`242`	`242`	`if (st_ServiceCfg.st_XCert.bDLEnable)`
`243`	`243`	`{`
`244`		`- xhDLSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, (ENUM_XENGINE_OPENSSL_PROTOCOL)st_ServiceCfg.st_XCert.nSslType);`
	`244`	`+ if (_tcsxlen(st_ServiceCfg.st_XCert.tszCertServer) > 0)`
	`245`	`+ {`
	`246`	`+ xhDLSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertServer, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);`
	`247`	`+ }`
	`248`	`+ else`
	`249`	`+ {`
	`250`	`+ xhDLSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);`
	`251`	`+ }`
`245`	`252`	`if (NULL == xhDLSsl)`
`246`	`253`	`{`
`247`	`254`	`XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("启动服务中，启动下载SSL服务失败，错误：%lX"), Session_GetLastError());`
`248`	`255`	`goto XENGINE_EXITAPP;`
`249`	`256`	`}`
`250`		`- XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动下载SSL服务成功,证书链:%s,证书Key:%s,验证模式:%d"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey, st_ServiceCfg.st_XCert.nSslType);`
	`257`	`+ XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动下载SSL服务成功,证书链:%s,证书Key:%s"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey);`
`251`	`258`	`}`
`252`	`259`	`else`
`253`	`260`	`{`
`@@ -301,13 +308,20 @@ int main(int argc, char** argv)`
`301`	`308`
`302`	`309`	`if (st_ServiceCfg.st_XCert.bUPEnable)`
`303`	`310`	`{`
`304`		`- xhUPSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, (ENUM_XENGINE_OPENSSL_PROTOCOL)st_ServiceCfg.st_XCert.nSslType);`
	`311`	`+ if (_tcsxlen(st_ServiceCfg.st_XCert.tszCertServer) > 0)`
	`312`	`+ {`
	`313`	`+ xhUPSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertServer, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);`
	`314`	`+ }`
	`315`	`+ else`
	`316`	`+ {`
	`317`	`+ xhUPSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);`
	`318`	`+ }`
`305`	`319`	`if (NULL == xhUPSsl)`
`306`	`320`	`{`
`307`	`321`	`XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("启动服务中，启动上传SSL服务失败，错误：%lX"), Session_GetLastError());`
`308`	`322`	`goto XENGINE_EXITAPP;`
`309`	`323`	`}`
`310`		`- XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动上传SSL服务成功,证书链:%s,证书Key:%s,验证模式:%d"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey, st_ServiceCfg.st_XCert.nSslType);`
	`324`	`+ XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动上传SSL服务成功,证书链:%s,证书Key:%s"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey);`
`311`	`325`	`}`
`312`	`326`	`else`
`313`	`327`	`{`
`@@ -354,13 +368,20 @@ int main(int argc, char** argv)`
`354`	`368`
`355`	`369`	`if (st_ServiceCfg.st_XCert.bCHEnable)`
`356`	`370`	`{`
`357`		`- xhCHSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, (ENUM_XENGINE_OPENSSL_PROTOCOL)st_ServiceCfg.st_XCert.nSslType);`
	`371`	`+ if (_tcsxlen(st_ServiceCfg.st_XCert.tszCertServer) > 0)`
	`372`	`+ {`
	`373`	`+ xhCHSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertServer, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);`
	`374`	`+ }`
	`375`	`+ else`
	`376`	`+ {`
	`377`	`+ xhCHSsl = OPenSsl_Server_InitEx(st_ServiceCfg.st_XCert.tszCertChain, NULL, st_ServiceCfg.st_XCert.tszCertKey, false, false, XENGINE_OPENSSL_PROTOCOL_TLS_SERVER);`
	`378`	`+ }`
`358`	`379`	`if (NULL == xhCHSsl)`
`359`	`380`	`{`
`360`	`381`	`XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("启动服务中，启动业务SSL服务失败，错误：%lX"), Session_GetLastError());`
`361`	`382`	`goto XENGINE_EXITAPP;`
`362`	`383`	`}`
`363`		`- XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动业务SSL服务成功,证书链:%s,证书Key:%s,验证模式:%d"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey, st_ServiceCfg.st_XCert.nSslType);`
	`384`	`+ XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("启动服务中，启动业务SSL服务成功,证书链:%s,证书Key:%s"), st_ServiceCfg.st_XCert.tszCertChain, st_ServiceCfg.st_XCert.tszCertKey);`
`364`	`385`	`}`
`365`	`386`	`else`
`366`	`387`	`{`