if (priv->local_key == NULL) {
/* In this case we cannot do anything, e.g. we cannot decrypt payload */
- priv->flags |= RSPAMD_HTTP_CONN_FLAG_ENCRYPTED;
+ priv->flags &= ~RSPAMD_HTTP_CONN_FLAG_ENCRYPTED;
}
else {
/* Check sanity of what we have */
priv = conn->priv;
+ if ((conn->opts & RSPAMD_HTTP_REQUIRE_ENCRYPTION) && !IS_CONN_ENCRYPTED (priv)) {
+ msg_err ("unencrypted connection when encryption has been requested");
+ return -1;
+ }
+
if ((conn->opts & RSPAMD_HTTP_BODY_PARTIAL) == 0 && IS_CONN_ENCRYPTED (priv)) {
mode = rspamd_keypair_alg (priv->local_key);
*/
enum rspamd_http_options {
RSPAMD_HTTP_BODY_PARTIAL = 0x1, /**< Call body handler on all body data portions *///!< RSPAMD_HTTP_BODY_PARTIAL
- RSPAMD_HTTP_CLIENT_SIMPLE = 0x2, /**< Read HTTP client reply automatically */ //!< RSPAMD_HTTP_CLIENT_SIMPLE
- RSPAMD_HTTP_CLIENT_ENCRYPTED = 0x4, /**< Encrypt data for client */ //!< RSPAMD_HTTP_CLIENT_ENCRYPTED
- RSPAMD_HTTP_CLIENT_SHARED = 0x8, /**< Store reply in shared memory */ //!< RSPAMD_HTTP_CLIENT_SHARED
+ RSPAMD_HTTP_CLIENT_SIMPLE = 0x1u << 1, /**< Read HTTP client reply automatically */ //!< RSPAMD_HTTP_CLIENT_SIMPLE
+ RSPAMD_HTTP_CLIENT_ENCRYPTED = 0x1u << 2, /**< Encrypt data for client */ //!< RSPAMD_HTTP_CLIENT_ENCRYPTED
+ RSPAMD_HTTP_CLIENT_SHARED = 0x1u << 3, /**< Store reply in shared memory */ //!< RSPAMD_HTTP_CLIENT_SHARED
+ RSPAMD_HTTP_REQUIRE_ENCRYPTION = 0x1u << 4
};
typedef int (*rspamd_http_body_handler_t) (struct rspamd_http_connection *conn,
projects / thirdparty / rspamd.git / commitdiff
