From 950fe85de9ce90edc00bef76eb2ae8067a760c79 Mon Sep 17 00:00:00 2001
From: hzq <huanguuq@163.com>
Date: Fri, 10 May 2024 16:10:26 +0800
Subject: [PATCH] fix ssl cipher list

---
 vendor/httpserver/include/http_domain.h | 4 ++++
 vendor/httpserver/src/http_domain.cpp   | 6 +-----
 vendor/httpserver/src/server.cpp        | 7 +------
 3 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/vendor/httpserver/include/http_domain.h b/vendor/httpserver/include/http_domain.h
index 084b2fdf..6a685878 100755
--- a/vendor/httpserver/include/http_domain.h
+++ b/vendor/httpserver/include/http_domain.h
@@ -27,5 +27,9 @@ namespace http
 
     std::string get_password();
     int  serverNameCallback(SSL *ssl, int *ad, void *arg);
+    static const char *DEFAULT_CIPHER_LIST = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-"
+                                           "AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-"
+                                           "POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-"
+                                           "AES256-GCM-SHA384";
 }
 #endif
\ No newline at end of file
diff --git a/vendor/httpserver/src/http_domain.cpp b/vendor/httpserver/src/http_domain.cpp
index 308022e0..2d793935 100755
--- a/vendor/httpserver/src/http_domain.cpp
+++ b/vendor/httpserver/src/http_domain.cpp
@@ -186,14 +186,10 @@ int serverNameCallback(SSL *ssl, [[maybe_unused]] int *ad, [[maybe_unused]] void
     SSL_clear_options(ssl, 0xFFFFFFFFL);
     SSL_set_options(ssl, SSL_CTX_get_options(ctx));
 
-    constexpr char DEFAULT_CIPHER_LIST[] = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-"
-                                           "AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-"
-                                           "POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-"
-                                           "AES256-GCM-SHA384";
-
     if (SSL_CTX_set_cipher_list(ctx, DEFAULT_CIPHER_LIST) == 0)
     {
         std::cerr << ERR_error_string(ERR_get_error(), nullptr) << std::endl;
+        return SSL_TLSEXT_ERR_OK;
     }
 
     std::vector<unsigned char> next_proto;
diff --git a/vendor/httpserver/src/server.cpp b/vendor/httpserver/src/server.cpp
index 2c2c74c0..306c3d2c 100755
--- a/vendor/httpserver/src/server.cpp
+++ b/vendor/httpserver/src/server.cpp
@@ -2866,7 +2866,7 @@ asio::awaitable<void> httpserver::clientpeerfun(struct httpsocket_t sock_temp, b
 
                         {
                             log_item.clear();
-                            log_item.append(peer->server_ip);
+                            log_item.append(peer->client_ip);
                             log_item.push_back(0x20);
                             log_item.append(get_date("%Y-%m-%d %X"));
                             log_item.push_back(0x20);
@@ -3365,11 +3365,6 @@ void httpserver::listeners()
     //SSL_CTX_set_mode(context_.native_handle(), SSL_MODE_AUTO_RETRY);
     SSL_CTX_set_mode(context_.native_handle(), SSL_MODE_RELEASE_BUFFERS);
 
-    constexpr char DEFAULT_CIPHER_LIST[] = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-"
-                                           "AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-"
-                                           "POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-"
-                                           "AES256-GCM-SHA384";
-
     if (SSL_CTX_set_cipher_list(context_.native_handle(), DEFAULT_CIPHER_LIST) == 0)
     {
         std::cerr << ERR_error_string(ERR_get_error(), nullptr) << std::endl;