From 880d9ca40e1b58c13cbb9538172406e003cb4f87 Mon Sep 17 00:00:00 2001
From: "Rob Swindell (on Windows 11)" <rob@synchro.net>
Date: Sun, 3 Mar 2024 02:46:11 -0800
Subject: [PATCH] Add NO_HTTP option to web server, for a HTTPS-only web server

---
 src/sbbs3/websrvr.c | 3 ++-
 src/sbbs3/websrvr.h | 4 +++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/sbbs3/websrvr.c b/src/sbbs3/websrvr.c
index baeb98a075..735d5d5db1 100644
--- a/src/sbbs3/websrvr.c
+++ b/src/sbbs3/websrvr.c
@@ -7266,7 +7266,8 @@ void web_server(void* arg)
 		 * Add interfaces
 		 */
 
-		xpms_add_list(ws_set, PF_UNSPEC, SOCK_STREAM, 0, startup->interfaces, startup->port, "Web Server", open_socket, startup->seteuid, NULL);
+		if (!(startup->options & WEB_OPT_NO_HTTP))
+			xpms_add_list(ws_set, PF_UNSPEC, SOCK_STREAM, 0, startup->interfaces, startup->port, "Web Server", open_socket, startup->seteuid, NULL);
 		if (startup->options & WEB_OPT_ALLOW_TLS) {
 			if(!ssl_sync(&scfg, lprintf))
 				lprintf(LOG_CRIT, "!ssl_sync() failure trying to enable TLS support");
diff --git a/src/sbbs3/websrvr.h b/src/sbbs3/websrvr.h
index 426adc7e43..8ce722d10d 100644
--- a/src/sbbs3/websrvr.h
+++ b/src/sbbs3/websrvr.h
@@ -83,8 +83,9 @@ static struct init_field web_init_fields[] = {
 #define WEB_OPT_VIRTUAL_HOSTS		(1<<4)	/* Use virtual host html subdirs	*/
 #define WEB_OPT_NO_CGI				(1<<5)	/* Disable CGI support				*/
 #define WEB_OPT_HTTP_LOGGING		(1<<6)	/* Create/write-to HttpLogFile		*/
-#define WEB_OPT_ALLOW_TLS			(1<<7)	/* Enable HTTPS						*/
+#define WEB_OPT_ALLOW_TLS			(1<<7)	/* Enable HTTPS support				*/
 #define WEB_OPT_HSTS_SAFE			(1<<8)	/* All URLs can be served over HTTPS*/
+#define WEB_OPT_NO_HTTP				(1<<9)	/* Disable HTTP support				*/
 
 /* web_startup_t.options bits that require re-init/recycle when changed */
 #define WEB_INIT_OPTS	(WEB_OPT_HTTP_LOGGING)
@@ -97,6 +98,7 @@ static ini_bitdesc_t web_options[] = {
 	{ WEB_OPT_DEBUG_SSJS			,"DEBUG_SSJS"			},
 	{ WEB_OPT_VIRTUAL_HOSTS			,"VIRTUAL_HOSTS"		},
 	{ WEB_OPT_NO_CGI				,"NO_CGI"				},
+	{ WEB_OPT_NO_HTTP				,"NO_HTTP"				},
 	{ WEB_OPT_HTTP_LOGGING			,"HTTP_LOGGING"			},
 	{ WEB_OPT_ALLOW_TLS				,"ALLOW_TLS"			},
 	{ WEB_OPT_HSTS_SAFE				,"HSTS_SAFE"			},
-- 
GitLab