For #1657, add https configs

trunk/conf/https.flv.live.conf

@@ -0,0 +1,25 @@
+# the config for srs to remux rtmp to flv live stream.
+# @see https://github.com/ossrs/srs/issues/1657#issuecomment-722971676
+# @see full.conf for detail config.
+
+listen              1935;
+max_connections     1000;
+daemon              off;
+srs_log_tank        console;
+http_server {
+    enabled         on;
+    listen          8080;
+    dir             ./objs/nginx/html;
+    https {
+        enabled on;
+        listen 8088;
+        key ./conf/server.key;
+        cert ./conf/server.crt;
+    }
+}
+vhost __defaultVhost__ {
+    http_remux {
+        enabled     on;
+        mount       [vhost]/[app]/[stream].flv;
+    }
+}

trunk/conf/https.hls.conf

@@ -0,0 +1,29 @@
+# the config for srs to delivery hls
+# @see https://github.com/ossrs/srs/issues/1657#issuecomment-722971676
+# @see full.conf for detail config.
+
+listen              1935;
+max_connections     1000;
+daemon              off;
+srs_log_tank        console;
+http_server {
+    enabled         on;
+    listen          8080;
+    dir             ./objs/nginx/html;
+    https {
+        enabled on;
+        listen 8088;
+        key ./conf/server.key;
+        cert ./conf/server.crt;
+    }
+}
+vhost __defaultVhost__ {
+    hls {
+        enabled         on;
+        hls_fragment    10;
+        hls_window      60;
+        hls_path        ./objs/nginx/html;
+        hls_m3u8_file   [app]/[stream].m3u8;
+        hls_ts_file     [app]/[stream]-[seq].ts;
+    }
+}

trunk/conf/https.hooks.callback.conf

@@ -0,0 +1,19 @@
+# http-hooks or https-callbacks config for srs.
+# @see https://github.com/ossrs/srs/issues/1657#issuecomment-720889906
+# @see full.conf for detail config.
+
+listen              1935;
+max_connections     1000;
+daemon              off;
+srs_log_tank        console;
+vhost __defaultVhost__ {
+    http_hooks {
+        enabled         on;
+        on_connect      https://127.0.0.1:443/api/v1/clients;
+        on_close        https://127.0.0.1:443/api/v1/clients;
+        on_publish      https://127.0.0.1:443/api/v1/streams;
+        on_unpublish    https://127.0.0.1:443/api/v1/streams;
+        on_play         https://127.0.0.1:443/api/v1/sessions;
+        on_stop         https://127.0.0.1:443/api/v1/sessions;
+    }
+}

trunk/conf/https.rtc.conf

@@ -0,0 +1,50 @@
+
+listen              1935;
+max_connections     1000;
+daemon              off;
+srs_log_tank        console;
+
+http_server {
+    enabled         on;
+    listen          8080;
+    dir             ./objs/nginx/html;
+    https {
+        enabled on;
+        listen 8088;
+        key ./conf/server.key;
+        cert ./conf/server.crt;
+    }
+}
+
+http_api {
+    enabled         on;
+    listen          1985;
+    https {
+        enabled on;
+        listen 1990;
+        key ./conf/server.key;
+        cert ./conf/server.crt;
+    }
+}
+stats {
+    network         0;
+}
+rtc_server {
+    enabled         on;
+    # Listen at udp://8000
+    listen          8000;
+    #
+    # The $CANDIDATE means fetch from env, if not configed, use * as default.
+    #
+    # The * means retrieving server IP automatically, from all network interfaces,
+    # @see https://github.com/ossrs/srs/issues/307#issuecomment-599028124
+    candidate       $CANDIDATE;
+}
+
+vhost __defaultVhost__ {
+    rtc {
+        enabled     on;
+        bframe      discard;
+    }
+}
+

trunk/src/protocol/srs_service_http_client.cpp

@@ -193,34 +193,46 @@ srs_error_t SrsSslClient::read(void* plaintext, size_t nn_plaintext, ssize_t* nr
 {
     srs_error_t err = srs_success;
 
-    // TODO: Can we avoid copy?
-    int nn_cipher = nn_plaintext;
-    char* cipher = new char[nn_cipher];
-    SrsAutoFreeA(char, cipher);
+    while (true) {
+        int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0);
+        int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl);
 
-    ssize_t nn = 0;
-    // Read the cipher from SSL.
-    if ((err = transport->read(cipher, nn_cipher, &nn)) != srs_success) {
-        return srs_error_wrap(err, "https: read");
+        // OK, got data.
+        if (r0 > 0) {
+            srs_assert(r0 <= nn_plaintext);
+            if (nread) {
+                *nread = r0;
+            }
+            return err;
+        }
+
+        // Need to read more data to feed SSL.
+        if (r0 == -1 && r1 == SSL_ERROR_WANT_READ) {
+            // TODO: Can we avoid copy?
+            int nn_cipher = nn_plaintext;
+            char* cipher = new char[nn_cipher];
+            SrsAutoFreeA(char, cipher);
+
+            // Read the cipher from SSL.
+            ssize_t nn = 0;
+            if ((err = transport->read(cipher, nn_cipher, &nn)) != srs_success) {
+                return srs_error_wrap(err, "https: read");
+            }
+
+            int r0 = BIO_write(bio_in, cipher, nn);
+            if (r0 <= 0) {
+                // TODO: 0 or -1 maybe block, use BIO_should_retry to check.
+                return srs_error_new(ERROR_HTTPS_READ, "BIO_write r0=%d, cipher=%p, size=%d", r0, cipher, nn);
+            }
+            continue;
+        }
+
+        // Fail for error.
+        if (r0 <= 0) {
+            return srs_error_new(ERROR_HTTPS_READ, "SSL_read r0=%d, r1=%d, r2=%d, r3=%d",
+                r0, r1, r2, r3);
+        }
     }
-
-    int r0 = BIO_write(bio_in, cipher, nn);
-    if (r0 <= 0) {
-        // TODO: 0 or -1 maybe block, use BIO_should_retry to check.
-        return srs_error_new(ERROR_HTTPS_READ, "BIO_write r0=%d, cipher=%p, size=%d", r0, cipher, nn);
-    }
-
-    r0 = SSL_read(ssl, plaintext, nn);
-    if (r0 <= 0) {
-        return srs_error_new(ERROR_HTTPS_READ, "SSL_read r0=%d, cipher=%p, size=%d", r0, cipher, nn);
-    }
-
-    srs_assert(r0 <= nn_plaintext);
-    if (nread) {
-        *nread = r0;
-    }
-
-    return err;
 }
 
 srs_error_t SrsSslClient::write(void* plaintext, size_t nn_plaintext, ssize_t* nwrite)