phpdesktop
phpdesktop copied to clipboard
cztomczak
Option for the Mongoose web server to listen on HTTPS/SSL
To implement SSL support it would be required to:
-
Allow for "listen_on" port to be a string "443s" and "s" meaning SSL. While on it we should allow to listen on multiple specified ports. Mongoose allows listen_on to be for example "80,443s" - this listens on HTTP 80 port and HTTPS 443 port.
-
New option "ssl_certificate", path to ssl certificate file (a self-signed certificate in our case)
-
Taking a quick look at mongoose.c and it seems that SSL is being loaded dynamically. Two additional DLL files would need to be distributed with app: ssleay32.dll and libeay32.dll. Looks like there is no need to include SSL header files, as there are already SSL functions signatures defined in mongoose.c. However not sure which version of the OpenSSL library it was tested with. This would need to be figured out - try searching mongoose-users group.
-
New compilation flags might need to be added in VS, from Mongoose manual:
Embedding with OpenSSL on Windows might fail because of calling convention. To force Mongoose to use __stdcall convention, add /Gz compilation flag in Visual Studio compiler.
Mongoose User Manual for reference: https://github.com/cztomczak/phpdesktop/blob/master/mongoose-rev-04fc209/UserManual.md
Would it be better to have two separate settings options Instead of appending an 's' to the port? For example:
listen_on ssl_listen_on
That way you can have a different port for each and communicate with both http and https depending on the port you send to.
Another thought. Since this isn't a feature everyone will use and those DLL's are easily located elsewhere, it might be better if they weren't distributed with PHP Desktop, but instead, instructions could be left in the documentation on how to designate a ssl port in the listen_on setting and where to download the DLL's if you need the feature.