diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2015-09-10 15:39:36 +0000 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2015-09-10 15:39:36 +0000 |
commit | a12f20bd4c621a7b5e88ca52830ad1bb74a8e2d8 (patch) | |
tree | b1b657c1f27d6d5885e39c17c5079c8d587926d2 /src/gns/gnunet-gns-proxy.c | |
parent | 2f9bbed9ec4a4e631e585e4d2facde5a326d928c (diff) | |
download | gnunet-a12f20bd4c621a7b5e88ca52830ad1bb74a8e2d8.tar.gz gnunet-a12f20bd4c621a7b5e88ca52830ad1bb74a8e2d8.zip |
- revert
Diffstat (limited to 'src/gns/gnunet-gns-proxy.c')
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 1006 |
1 files changed, 454 insertions, 552 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index 124fe806d..687b0cfb5 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -48,8 +48,6 @@ | |||
48 | #include "gns.h" | 48 | #include "gns.h" |
49 | 49 | ||
50 | 50 | ||
51 | #define GNUID_HTTP_HEADER_GNUID_RESPONSE "X-GNUid-Requested-Info" | ||
52 | |||
53 | /** | 51 | /** |
54 | * Default Socks5 listen port. | 52 | * Default Socks5 listen port. |
55 | */ | 53 | */ |
@@ -123,10 +121,6 @@ | |||
123 | */ | 121 | */ |
124 | #define SOCKS_AUTH_NONE 0 | 122 | #define SOCKS_AUTH_NONE 0 |
125 | 123 | ||
126 | /** | ||
127 | * Enable GNUid functionality | ||
128 | */ | ||
129 | #define GNUID_ENABLED 1 | ||
130 | 124 | ||
131 | /** | 125 | /** |
132 | * Commands in Socks5. | 126 | * Commands in Socks5. |
@@ -539,16 +533,6 @@ struct Socks5Request | |||
539 | struct curl_slist *hosts; | 533 | struct curl_slist *hosts; |
540 | 534 | ||
541 | /** | 535 | /** |
542 | * Custom response headers | ||
543 | */ | ||
544 | struct curl_slist *resp_headers; | ||
545 | |||
546 | /** | ||
547 | * GNUid redirect | ||
548 | */ | ||
549 | char* redirect_gnuid; | ||
550 | |||
551 | /** | ||
552 | * HTTP response code to give to MHD for the response. | 536 | * HTTP response code to give to MHD for the response. |
553 | */ | 537 | */ |
554 | unsigned int response_code; | 538 | unsigned int response_code; |
@@ -739,9 +723,9 @@ cleanup_s5r (struct Socks5Request *s5r) | |||
739 | } | 723 | } |
740 | curl_slist_free_all (s5r->headers); | 724 | curl_slist_free_all (s5r->headers); |
741 | if (NULL != s5r->hosts) | 725 | if (NULL != s5r->hosts) |
726 | { | ||
742 | curl_slist_free_all (s5r->hosts); | 727 | curl_slist_free_all (s5r->hosts); |
743 | if (NULL != s5r->resp_headers) | 728 | } |
744 | curl_slist_free_all (s5r->resp_headers); | ||
745 | if ( (NULL != s5r->response) && | 729 | if ( (NULL != s5r->response) && |
746 | (curl_failure_response != s5r->response) ) | 730 | (curl_failure_response != s5r->response) ) |
747 | MHD_destroy_response (s5r->response); | 731 | MHD_destroy_response (s5r->response); |
@@ -1147,8 +1131,6 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls) | |||
1147 | } | 1131 | } |
1148 | GNUNET_free (leho_host); | 1132 | GNUNET_free (leho_host); |
1149 | } | 1133 | } |
1150 | |||
1151 | |||
1152 | /* MHD does not allow certain characters in values, remove those */ | 1134 | /* MHD does not allow certain characters in values, remove those */ |
1153 | if (NULL != (tok = strchr (hdr_val, '\n'))) | 1135 | if (NULL != (tok = strchr (hdr_val, '\n'))) |
1154 | *tok = '\0'; | 1136 | *tok = '\0'; |
@@ -1156,27 +1138,6 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls) | |||
1156 | *tok = '\0'; | 1138 | *tok = '\0'; |
1157 | if (NULL != (tok = strchr (hdr_val, '\t'))) | 1139 | if (NULL != (tok = strchr (hdr_val, '\t'))) |
1158 | *tok = '\0'; | 1140 | *tok = '\0'; |
1159 | if (GNUID_ENABLED) | ||
1160 | { | ||
1161 | if (0 == strcasecmp (GNUID_HTTP_HEADER_GNUID_RESPONSE, hdr_type)) | ||
1162 | { | ||
1163 | char* redirect; | ||
1164 | GNUNET_asprintf (&redirect, | ||
1165 | "%s?requested_by=http://%s:%d%s&requested_infos=%s", | ||
1166 | "http://localhost:8000#/identities", //TODO read this from config | ||
1167 | s5r->domain, | ||
1168 | s5r->port, | ||
1169 | s5r->url, | ||
1170 | hdr_val); | ||
1171 | |||
1172 | s5r->response_code = MHD_HTTP_FOUND; | ||
1173 | GNUNET_break (MHD_YES == MHD_add_response_header (s5r->response, | ||
1174 | MHD_HTTP_HEADER_LOCATION, | ||
1175 | redirect)); | ||
1176 | printf ("%s", redirect); | ||
1177 | GNUNET_free (redirect); | ||
1178 | } | ||
1179 | } | ||
1180 | if (0 != strlen (hdr_val)) | 1141 | if (0 != strlen (hdr_val)) |
1181 | { | 1142 | { |
1182 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1143 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -1499,37 +1460,6 @@ con_val_iter (void *cls, | |||
1499 | 1460 | ||
1500 | 1461 | ||
1501 | /** | 1462 | /** |
1502 | * Read HTTP request uri from the request. | ||
1503 | * | ||
1504 | * @param cls our `struct Socks5Request` | ||
1505 | * @param kind value kind | ||
1506 | * @param key field key | ||
1507 | * @param value field value | ||
1508 | * @return MHD_YES to continue to iterate | ||
1509 | */ | ||
1510 | static int | ||
1511 | con_val_uri_iter (void *cls, | ||
1512 | enum MHD_ValueKind kind, | ||
1513 | const char *key, | ||
1514 | const char *value) | ||
1515 | { | ||
1516 | struct Socks5Request *s5r = cls; | ||
1517 | char *hdr; | ||
1518 | |||
1519 | if (0 == strcasecmp ("gnuid_token", key)) | ||
1520 | { | ||
1521 | GNUNET_asprintf (&hdr, | ||
1522 | "%s: Bearer %s", | ||
1523 | MHD_HTTP_HEADER_AUTHORIZATION, | ||
1524 | value); | ||
1525 | s5r->headers = curl_slist_append (s5r->headers, | ||
1526 | hdr); | ||
1527 | GNUNET_free (hdr); | ||
1528 | } | ||
1529 | return MHD_YES; | ||
1530 | } | ||
1531 | |||
1532 | /** | ||
1533 | * Main MHD callback for handling requests. | 1463 | * Main MHD callback for handling requests. |
1534 | * | 1464 | * |
1535 | * @param cls unused | 1465 | * @param cls unused |
@@ -1565,7 +1495,6 @@ create_response (void *cls, | |||
1565 | struct Socks5Request *s5r = *con_cls; | 1495 | struct Socks5Request *s5r = *con_cls; |
1566 | char *curlurl; | 1496 | char *curlurl; |
1567 | char *curl_hosts; | 1497 | char *curl_hosts; |
1568 | char *curl_headers; | ||
1569 | char ipstring[INET6_ADDRSTRLEN]; | 1498 | char ipstring[INET6_ADDRSTRLEN]; |
1570 | char ipaddr[INET6_ADDRSTRLEN + 2]; | 1499 | char ipaddr[INET6_ADDRSTRLEN + 2]; |
1571 | const struct sockaddr *sa; | 1500 | const struct sockaddr *sa; |
@@ -1586,47 +1515,47 @@ create_response (void *cls, | |||
1586 | sa = (const struct sockaddr *) &s5r->destination_address; | 1515 | sa = (const struct sockaddr *) &s5r->destination_address; |
1587 | switch (sa->sa_family) | 1516 | switch (sa->sa_family) |
1588 | { | 1517 | { |
1589 | case AF_INET: | 1518 | case AF_INET: |
1590 | s4 = (const struct sockaddr_in *) &s5r->destination_address; | 1519 | s4 = (const struct sockaddr_in *) &s5r->destination_address; |
1591 | if (NULL == inet_ntop (AF_INET, | 1520 | if (NULL == inet_ntop (AF_INET, |
1592 | &s4->sin_addr, | 1521 | &s4->sin_addr, |
1593 | ipstring, | 1522 | ipstring, |
1594 | sizeof (ipstring))) | 1523 | sizeof (ipstring))) |
1595 | { | 1524 | { |
1596 | GNUNET_break (0); | 1525 | GNUNET_break (0); |
1597 | return MHD_NO; | 1526 | return MHD_NO; |
1598 | } | 1527 | } |
1599 | GNUNET_snprintf (ipaddr, | 1528 | GNUNET_snprintf (ipaddr, |
1600 | sizeof (ipaddr), | 1529 | sizeof (ipaddr), |
1601 | "%s", | 1530 | "%s", |
1602 | ipstring); | 1531 | ipstring); |
1603 | port = ntohs (s4->sin_port); | 1532 | port = ntohs (s4->sin_port); |
1604 | break; | 1533 | break; |
1605 | case AF_INET6: | 1534 | case AF_INET6: |
1606 | s6 = (const struct sockaddr_in6 *) &s5r->destination_address; | 1535 | s6 = (const struct sockaddr_in6 *) &s5r->destination_address; |
1607 | if (NULL == inet_ntop (AF_INET6, | 1536 | if (NULL == inet_ntop (AF_INET6, |
1608 | &s6->sin6_addr, | 1537 | &s6->sin6_addr, |
1609 | ipstring, | 1538 | ipstring, |
1610 | sizeof (ipstring))) | 1539 | sizeof (ipstring))) |
1611 | { | 1540 | { |
1612 | GNUNET_break (0); | 1541 | GNUNET_break (0); |
1613 | return MHD_NO; | 1542 | return MHD_NO; |
1614 | } | 1543 | } |
1615 | GNUNET_snprintf (ipaddr, | 1544 | GNUNET_snprintf (ipaddr, |
1616 | sizeof (ipaddr), | 1545 | sizeof (ipaddr), |
1617 | "[%s]", | 1546 | "[%s]", |
1618 | ipstring); | 1547 | ipstring); |
1619 | port = ntohs (s6->sin6_port); | 1548 | port = ntohs (s6->sin6_port); |
1620 | break; | 1549 | break; |
1621 | default: | 1550 | default: |
1622 | GNUNET_break (0); | 1551 | GNUNET_break (0); |
1623 | return MHD_NO; | 1552 | return MHD_NO; |
1624 | } | 1553 | } |
1625 | s5r->curl = curl_easy_init (); | 1554 | s5r->curl = curl_easy_init (); |
1626 | if (NULL == s5r->curl) | 1555 | if (NULL == s5r->curl) |
1627 | return MHD_queue_response (con, | 1556 | return MHD_queue_response (con, |
1628 | MHD_HTTP_INTERNAL_SERVER_ERROR, | 1557 | MHD_HTTP_INTERNAL_SERVER_ERROR, |
1629 | curl_failure_response); | 1558 | curl_failure_response); |
1630 | curl_easy_setopt (s5r->curl, CURLOPT_HEADERFUNCTION, &curl_check_hdr); | 1559 | curl_easy_setopt (s5r->curl, CURLOPT_HEADERFUNCTION, &curl_check_hdr); |
1631 | curl_easy_setopt (s5r->curl, CURLOPT_HEADERDATA, s5r); | 1560 | curl_easy_setopt (s5r->curl, CURLOPT_HEADERDATA, s5r); |
1632 | curl_easy_setopt (s5r->curl, CURLOPT_FOLLOWLOCATION, 0); | 1561 | curl_easy_setopt (s5r->curl, CURLOPT_FOLLOWLOCATION, 0); |
@@ -1639,7 +1568,6 @@ create_response (void *cls, | |||
1639 | curl_easy_setopt (s5r->curl, CURLOPT_NOSIGNAL, 1L); | 1568 | curl_easy_setopt (s5r->curl, CURLOPT_NOSIGNAL, 1L); |
1640 | curl_easy_setopt (s5r->curl, CURLOPT_PRIVATE, s5r); | 1569 | curl_easy_setopt (s5r->curl, CURLOPT_PRIVATE, s5r); |
1641 | curl_easy_setopt (s5r->curl, CURLOPT_VERBOSE, 0); | 1570 | curl_easy_setopt (s5r->curl, CURLOPT_VERBOSE, 0); |
1642 | |||
1643 | /** | 1571 | /** |
1644 | * Pre-populate cache to resolve Hostname. | 1572 | * Pre-populate cache to resolve Hostname. |
1645 | * This is necessary as the DNS name in the CURLOPT_URL is used | 1573 | * This is necessary as the DNS name in the CURLOPT_URL is used |
@@ -1647,27 +1575,27 @@ create_response (void *cls, | |||
1647 | */ | 1575 | */ |
1648 | if (NULL != s5r->leho) | 1576 | if (NULL != s5r->leho) |
1649 | { | 1577 | { |
1650 | GNUNET_asprintf (&curl_hosts, | 1578 | GNUNET_asprintf (&curl_hosts, |
1651 | "%s:%d:%s", | 1579 | "%s:%d:%s", |
1652 | s5r->leho, | 1580 | s5r->leho, |
1653 | port, | 1581 | port, |
1654 | ipaddr); | 1582 | ipaddr); |
1655 | s5r->hosts = curl_slist_append(NULL, curl_hosts); | 1583 | s5r->hosts = curl_slist_append(NULL, curl_hosts); |
1656 | curl_easy_setopt(s5r->curl, CURLOPT_RESOLVE, s5r->hosts); | 1584 | curl_easy_setopt(s5r->curl, CURLOPT_RESOLVE, s5r->hosts); |
1657 | GNUNET_free (curl_hosts); | 1585 | GNUNET_free (curl_hosts); |
1658 | } | 1586 | } |
1659 | GNUNET_asprintf (&curlurl, | 1587 | GNUNET_asprintf (&curlurl, |
1660 | (HTTPS_PORT != s5r->port) | 1588 | (HTTPS_PORT != s5r->port) |
1661 | ? "http://%s:%d%s" | 1589 | ? "http://%s:%d%s" |
1662 | : "https://%s:%d%s", | 1590 | : "https://%s:%d%s", |
1663 | (NULL != s5r->leho) | 1591 | (NULL != s5r->leho) |
1664 | ? s5r->leho | 1592 | ? s5r->leho |
1665 | : ipaddr, | 1593 | : ipaddr, |
1666 | port, | 1594 | port, |
1667 | s5r->url); | 1595 | s5r->url); |
1668 | curl_easy_setopt (s5r->curl, | 1596 | curl_easy_setopt (s5r->curl, |
1669 | CURLOPT_URL, | 1597 | CURLOPT_URL, |
1670 | curlurl); | 1598 | curlurl); |
1671 | GNUNET_free (curlurl); | 1599 | GNUNET_free (curlurl); |
1672 | 1600 | ||
1673 | if (0 == strcasecmp (meth, MHD_HTTP_METHOD_PUT)) | 1601 | if (0 == strcasecmp (meth, MHD_HTTP_METHOD_PUT)) |
@@ -1700,24 +1628,11 @@ create_response (void *cls, | |||
1700 | curl_easy_setopt (s5r->curl, CURLOPT_WRITEFUNCTION, &curl_download_cb); | 1628 | curl_easy_setopt (s5r->curl, CURLOPT_WRITEFUNCTION, &curl_download_cb); |
1701 | curl_easy_setopt (s5r->curl, CURLOPT_WRITEDATA, s5r); | 1629 | curl_easy_setopt (s5r->curl, CURLOPT_WRITEDATA, s5r); |
1702 | } | 1630 | } |
1703 | else if (0 == strcasecmp (meth, MHD_HTTP_METHOD_OPTIONS)) | ||
1704 | { | ||
1705 | s5r->state = SOCKS5_SOCKET_DOWNLOAD_STARTED; | ||
1706 | curl_easy_setopt (s5r->curl, CURLOPT_CUSTOMREQUEST, "OPTIONS"); | ||
1707 | curl_easy_setopt (s5r->curl, CURLOPT_WRITEFUNCTION, &curl_download_cb); | ||
1708 | curl_easy_setopt (s5r->curl, CURLOPT_WRITEDATA, s5r); | ||
1709 | GNUNET_asprintf (&curl_headers, | ||
1710 | "%s: %s", | ||
1711 | "Connection", | ||
1712 | "keep-alive"); | ||
1713 | s5r->headers = curl_slist_append(s5r->headers, curl_headers); | ||
1714 | GNUNET_free (curl_headers); | ||
1715 | } | ||
1716 | else | 1631 | else |
1717 | { | 1632 | { |
1718 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1633 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
1719 | _("Unsupported HTTP method `%s'\n"), | 1634 | _("Unsupported HTTP method `%s'\n"), |
1720 | meth); | 1635 | meth); |
1721 | curl_easy_cleanup (s5r->curl); | 1636 | curl_easy_cleanup (s5r->curl); |
1722 | s5r->curl = NULL; | 1637 | s5r->curl = NULL; |
1723 | return MHD_NO; | 1638 | return MHD_NO; |
@@ -1741,7 +1656,7 @@ create_response (void *cls, | |||
1741 | curl_easy_setopt (s5r->curl, CURLOPT_USE_SSL, CURLUSESSL_ALL); | 1656 | curl_easy_setopt (s5r->curl, CURLOPT_USE_SSL, CURLUSESSL_ALL); |
1742 | curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYPEER, 1L); | 1657 | curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYPEER, 1L); |
1743 | /* Disable cURL checking the hostname, as we will check ourselves | 1658 | /* Disable cURL checking the hostname, as we will check ourselves |
1744 | as only we have the domain name or the LEHO or the DANE record */ | 1659 | as only we have the domain name or the LEHO or the DANE record */ |
1745 | curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYHOST, 0L); | 1660 | curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYHOST, 0L); |
1746 | } | 1661 | } |
1747 | else | 1662 | else |
@@ -1757,21 +1672,8 @@ create_response (void *cls, | |||
1757 | return MHD_NO; | 1672 | return MHD_NO; |
1758 | } | 1673 | } |
1759 | MHD_get_connection_values (con, | 1674 | MHD_get_connection_values (con, |
1760 | MHD_HEADER_KIND, | 1675 | MHD_HEADER_KIND, |
1761 | &con_val_iter, s5r); | 1676 | &con_val_iter, s5r); |
1762 | if (GNUID_ENABLED) | ||
1763 | { | ||
1764 | MHD_get_connection_values (con, | ||
1765 | MHD_GET_ARGUMENT_KIND, | ||
1766 | &con_val_uri_iter, s5r); | ||
1767 | GNUNET_asprintf (&curl_headers, | ||
1768 | "%s: %s", | ||
1769 | "X-GNUid-Available", | ||
1770 | "YES"); | ||
1771 | s5r->headers = curl_slist_append(s5r->headers, curl_headers); | ||
1772 | GNUNET_free (curl_headers); | ||
1773 | } | ||
1774 | |||
1775 | curl_easy_setopt (s5r->curl, CURLOPT_HTTPHEADER, s5r->headers); | 1677 | curl_easy_setopt (s5r->curl, CURLOPT_HTTPHEADER, s5r->headers); |
1776 | curl_download_prepare (); | 1678 | curl_download_prepare (); |
1777 | return MHD_YES; | 1679 | return MHD_YES; |
@@ -1781,10 +1683,10 @@ create_response (void *cls, | |||
1781 | if (0 != *upload_data_size) | 1683 | if (0 != *upload_data_size) |
1782 | { | 1684 | { |
1783 | left = GNUNET_MIN (*upload_data_size, | 1685 | left = GNUNET_MIN (*upload_data_size, |
1784 | sizeof (s5r->io_buf) - s5r->io_len); | 1686 | sizeof (s5r->io_buf) - s5r->io_len); |
1785 | memcpy (&s5r->io_buf[s5r->io_len], | 1687 | memcpy (&s5r->io_buf[s5r->io_len], |
1786 | upload_data, | 1688 | upload_data, |
1787 | left); | 1689 | left); |
1788 | s5r->io_len += left; | 1690 | s5r->io_len += left; |
1789 | *upload_data_size -= left; | 1691 | *upload_data_size -= left; |
1790 | GNUNET_assert (NULL != s5r->curl); | 1692 | GNUNET_assert (NULL != s5r->curl); |
@@ -1795,16 +1697,16 @@ create_response (void *cls, | |||
1795 | if (SOCKS5_SOCKET_UPLOAD_STARTED == s5r->state) | 1697 | if (SOCKS5_SOCKET_UPLOAD_STARTED == s5r->state) |
1796 | { | 1698 | { |
1797 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1699 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1798 | "Finished processing UPLOAD\n"); | 1700 | "Finished processing UPLOAD\n"); |
1799 | s5r->state = SOCKS5_SOCKET_UPLOAD_DONE; | 1701 | s5r->state = SOCKS5_SOCKET_UPLOAD_DONE; |
1800 | } | 1702 | } |
1801 | if (NULL == s5r->response) | 1703 | if (NULL == s5r->response) |
1802 | return MHD_YES; /* too early to queue response, did not yet get headers from cURL */ | 1704 | return MHD_YES; /* too early to queue response, did not yet get headers from cURL */ |
1803 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1705 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1804 | "Queueing response with MHD\n"); | 1706 | "Queueing response with MHD\n"); |
1805 | return MHD_queue_response (con, | 1707 | return MHD_queue_response (con, |
1806 | s5r->response_code, | 1708 | s5r->response_code, |
1807 | s5r->response); | 1709 | s5r->response); |
1808 | } | 1710 | } |
1809 | 1711 | ||
1810 | 1712 | ||
@@ -1822,9 +1724,9 @@ create_response (void *cls, | |||
1822 | */ | 1724 | */ |
1823 | static void | 1725 | static void |
1824 | mhd_completed_cb (void *cls, | 1726 | mhd_completed_cb (void *cls, |
1825 | struct MHD_Connection *connection, | 1727 | struct MHD_Connection *connection, |
1826 | void **con_cls, | 1728 | void **con_cls, |
1827 | enum MHD_RequestTerminationCode toe) | 1729 | enum MHD_RequestTerminationCode toe) |
1828 | { | 1730 | { |
1829 | struct Socks5Request *s5r = *con_cls; | 1731 | struct Socks5Request *s5r = *con_cls; |
1830 | 1732 | ||
@@ -1832,8 +1734,8 @@ mhd_completed_cb (void *cls, | |||
1832 | return; | 1734 | return; |
1833 | if (MHD_REQUEST_TERMINATED_COMPLETED_OK != toe) | 1735 | if (MHD_REQUEST_TERMINATED_COMPLETED_OK != toe) |
1834 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 1736 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, |
1835 | "MHD encountered error handling request: %d\n", | 1737 | "MHD encountered error handling request: %d\n", |
1836 | toe); | 1738 | toe); |
1837 | cleanup_s5r (s5r); | 1739 | cleanup_s5r (s5r); |
1838 | curl_download_prepare(); | 1740 | curl_download_prepare(); |
1839 | *con_cls = NULL; | 1741 | *con_cls = NULL; |
@@ -1855,15 +1757,15 @@ mhd_completed_cb (void *cls, | |||
1855 | */ | 1757 | */ |
1856 | static void * | 1758 | static void * |
1857 | mhd_log_callback (void *cls, | 1759 | mhd_log_callback (void *cls, |
1858 | const char *url, | 1760 | const char *url, |
1859 | struct MHD_Connection *connection) | 1761 | struct MHD_Connection *connection) |
1860 | { | 1762 | { |
1861 | struct Socks5Request *s5r; | 1763 | struct Socks5Request *s5r; |
1862 | const union MHD_ConnectionInfo *ci; | 1764 | const union MHD_ConnectionInfo *ci; |
1863 | int sock; | 1765 | int sock; |
1864 | 1766 | ||
1865 | ci = MHD_get_connection_info (connection, | 1767 | ci = MHD_get_connection_info (connection, |
1866 | MHD_CONNECTION_INFO_CONNECTION_FD); | 1768 | MHD_CONNECTION_INFO_CONNECTION_FD); |
1867 | if (NULL == ci) | 1769 | if (NULL == ci) |
1868 | { | 1770 | { |
1869 | GNUNET_break (0); | 1771 | GNUNET_break (0); |
@@ -1876,8 +1778,8 @@ mhd_log_callback (void *cls, | |||
1876 | { | 1778 | { |
1877 | if (NULL != s5r->url) | 1779 | if (NULL != s5r->url) |
1878 | { | 1780 | { |
1879 | GNUNET_break (0); | 1781 | GNUNET_break (0); |
1880 | return NULL; | 1782 | return NULL; |
1881 | } | 1783 | } |
1882 | s5r->url = GNUNET_strdup (url); | 1784 | s5r->url = GNUNET_strdup (url); |
1883 | GNUNET_SCHEDULER_cancel (s5r->timeout_task); | 1785 | GNUNET_SCHEDULER_cancel (s5r->timeout_task); |
@@ -1899,8 +1801,8 @@ static void | |||
1899 | kill_httpd (struct MhdHttpList *hd) | 1801 | kill_httpd (struct MhdHttpList *hd) |
1900 | { | 1802 | { |
1901 | GNUNET_CONTAINER_DLL_remove (mhd_httpd_head, | 1803 | GNUNET_CONTAINER_DLL_remove (mhd_httpd_head, |
1902 | mhd_httpd_tail, | 1804 | mhd_httpd_tail, |
1903 | hd); | 1805 | hd); |
1904 | GNUNET_free_non_null (hd->domain); | 1806 | GNUNET_free_non_null (hd->domain); |
1905 | MHD_stop_daemon (hd->daemon); | 1807 | MHD_stop_daemon (hd->daemon); |
1906 | if (NULL != hd->httpd_task) | 1808 | if (NULL != hd->httpd_task) |
@@ -1923,7 +1825,7 @@ kill_httpd (struct MhdHttpList *hd) | |||
1923 | */ | 1825 | */ |
1924 | static void | 1826 | static void |
1925 | kill_httpd_task (void *cls, | 1827 | kill_httpd_task (void *cls, |
1926 | const struct GNUNET_SCHEDULER_TaskContext *tc) | 1828 | const struct GNUNET_SCHEDULER_TaskContext *tc) |
1927 | { | 1829 | { |
1928 | struct MhdHttpList *hd = cls; | 1830 | struct MhdHttpList *hd = cls; |
1929 | 1831 | ||
@@ -1997,15 +1899,15 @@ schedule_httpd (struct MhdHttpList *hd) | |||
1997 | { | 1899 | { |
1998 | /* daemon is idle, kill after timeout */ | 1900 | /* daemon is idle, kill after timeout */ |
1999 | hd->httpd_task = GNUNET_SCHEDULER_add_delayed (MHD_CACHE_TIMEOUT, | 1901 | hd->httpd_task = GNUNET_SCHEDULER_add_delayed (MHD_CACHE_TIMEOUT, |
2000 | &kill_httpd_task, | 1902 | &kill_httpd_task, |
2001 | hd); | 1903 | hd); |
2002 | } | 1904 | } |
2003 | else | 1905 | else |
2004 | { | 1906 | { |
2005 | hd->httpd_task = | 1907 | hd->httpd_task = |
2006 | GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, | 1908 | GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, |
2007 | tv, wrs, wws, | 1909 | tv, wrs, wws, |
2008 | &do_httpd, hd); | 1910 | &do_httpd, hd); |
2009 | } | 1911 | } |
2010 | if (NULL != wrs) | 1912 | if (NULL != wrs) |
2011 | GNUNET_NETWORK_fdset_destroy (wrs); | 1913 | GNUNET_NETWORK_fdset_destroy (wrs); |
@@ -2044,7 +1946,7 @@ run_mhd_now (struct MhdHttpList *hd) | |||
2044 | hd->httpd_task) | 1946 | hd->httpd_task) |
2045 | GNUNET_SCHEDULER_cancel (hd->httpd_task); | 1947 | GNUNET_SCHEDULER_cancel (hd->httpd_task); |
2046 | hd->httpd_task = GNUNET_SCHEDULER_add_now (&do_httpd, | 1948 | hd->httpd_task = GNUNET_SCHEDULER_add_now (&do_httpd, |
2047 | hd); | 1949 | hd); |
2048 | } | 1950 | } |
2049 | 1951 | ||
2050 | 1952 | ||
@@ -2057,14 +1959,14 @@ run_mhd_now (struct MhdHttpList *hd) | |||
2057 | */ | 1959 | */ |
2058 | static void* | 1960 | static void* |
2059 | load_file (const char* filename, | 1961 | load_file (const char* filename, |
2060 | unsigned int* size) | 1962 | unsigned int* size) |
2061 | { | 1963 | { |
2062 | void *buffer; | 1964 | void *buffer; |
2063 | uint64_t fsize; | 1965 | uint64_t fsize; |
2064 | 1966 | ||
2065 | if (GNUNET_OK != | 1967 | if (GNUNET_OK != |
2066 | GNUNET_DISK_file_size (filename, &fsize, | 1968 | GNUNET_DISK_file_size (filename, &fsize, |
2067 | GNUNET_YES, GNUNET_YES)) | 1969 | GNUNET_YES, GNUNET_YES)) |
2068 | return NULL; | 1970 | return NULL; |
2069 | if (fsize > MAX_PEM_SIZE) | 1971 | if (fsize > MAX_PEM_SIZE) |
2070 | return NULL; | 1972 | return NULL; |
@@ -2088,7 +1990,7 @@ load_file (const char* filename, | |||
2088 | */ | 1990 | */ |
2089 | static int | 1991 | static int |
2090 | load_key_from_file (gnutls_x509_privkey_t key, | 1992 | load_key_from_file (gnutls_x509_privkey_t key, |
2091 | const char* keyfile) | 1993 | const char* keyfile) |
2092 | { | 1994 | { |
2093 | gnutls_datum_t key_data; | 1995 | gnutls_datum_t key_data; |
2094 | int ret; | 1996 | int ret; |
@@ -2102,7 +2004,7 @@ load_key_from_file (gnutls_x509_privkey_t key, | |||
2102 | { | 2004 | { |
2103 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2005 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2104 | _("Unable to import private key from file `%s'\n"), | 2006 | _("Unable to import private key from file `%s'\n"), |
2105 | keyfile); | 2007 | keyfile); |
2106 | } | 2008 | } |
2107 | GNUNET_free_non_null (key_data.data); | 2009 | GNUNET_free_non_null (key_data.data); |
2108 | return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK; | 2010 | return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK; |
@@ -2118,7 +2020,7 @@ load_key_from_file (gnutls_x509_privkey_t key, | |||
2118 | */ | 2020 | */ |
2119 | static int | 2021 | static int |
2120 | load_cert_from_file (gnutls_x509_crt_t crt, | 2022 | load_cert_from_file (gnutls_x509_crt_t crt, |
2121 | const char* certfile) | 2023 | const char* certfile) |
2122 | { | 2024 | { |
2123 | gnutls_datum_t cert_data; | 2025 | gnutls_datum_t cert_data; |
2124 | int ret; | 2026 | int ret; |
@@ -2131,7 +2033,7 @@ load_cert_from_file (gnutls_x509_crt_t crt, | |||
2131 | if (GNUTLS_E_SUCCESS != ret) | 2033 | if (GNUTLS_E_SUCCESS != ret) |
2132 | { | 2034 | { |
2133 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2035 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2134 | _("Unable to import certificate %s\n"), certfile); | 2036 | _("Unable to import certificate %s\n"), certfile); |
2135 | } | 2037 | } |
2136 | GNUNET_free_non_null (cert_data.data); | 2038 | GNUNET_free_non_null (cert_data.data); |
2137 | return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK; | 2039 | return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK; |
@@ -2156,8 +2058,8 @@ generate_gns_certificate (const char *name) | |||
2156 | struct ProxyGNSCertificate *pgc; | 2058 | struct ProxyGNSCertificate *pgc; |
2157 | 2059 | ||
2158 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2060 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2159 | "Generating TLS/SSL certificate for `%s'\n", | 2061 | "Generating TLS/SSL certificate for `%s'\n", |
2160 | name); | 2062 | name); |
2161 | GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&request)); | 2063 | GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&request)); |
2162 | GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_key (request, proxy_ca.key)); | 2064 | GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_key (request, proxy_ca.key)); |
2163 | pgc = GNUNET_new (struct ProxyGNSCertificate); | 2065 | pgc = GNUNET_new (struct ProxyGNSCertificate); |
@@ -2170,25 +2072,25 @@ generate_gns_certificate (const char *name) | |||
2170 | GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_version (request, 3)); | 2072 | GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_version (request, 3)); |
2171 | gnutls_rnd (GNUTLS_RND_NONCE, &serial, sizeof (serial)); | 2073 | gnutls_rnd (GNUTLS_RND_NONCE, &serial, sizeof (serial)); |
2172 | gnutls_x509_crt_set_serial (request, | 2074 | gnutls_x509_crt_set_serial (request, |
2173 | &serial, | 2075 | &serial, |
2174 | sizeof (serial)); | 2076 | sizeof (serial)); |
2175 | etime = time (NULL); | 2077 | etime = time (NULL); |
2176 | tm_data = localtime (&etime); | 2078 | tm_data = localtime (&etime); |
2177 | gnutls_x509_crt_set_activation_time (request, | 2079 | gnutls_x509_crt_set_activation_time (request, |
2178 | etime); | 2080 | etime); |
2179 | tm_data->tm_year++; | 2081 | tm_data->tm_year++; |
2180 | etime = mktime (tm_data); | 2082 | etime = mktime (tm_data); |
2181 | gnutls_x509_crt_set_expiration_time (request, | 2083 | gnutls_x509_crt_set_expiration_time (request, |
2182 | etime); | 2084 | etime); |
2183 | gnutls_x509_crt_sign (request, | 2085 | gnutls_x509_crt_sign (request, |
2184 | proxy_ca.cert, | 2086 | proxy_ca.cert, |
2185 | proxy_ca.key); | 2087 | proxy_ca.key); |
2186 | key_buf_size = sizeof (pgc->key); | 2088 | key_buf_size = sizeof (pgc->key); |
2187 | cert_buf_size = sizeof (pgc->cert); | 2089 | cert_buf_size = sizeof (pgc->cert); |
2188 | gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM, | 2090 | gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM, |
2189 | pgc->cert, &cert_buf_size); | 2091 | pgc->cert, &cert_buf_size); |
2190 | gnutls_x509_privkey_export (proxy_ca.key, GNUTLS_X509_FMT_PEM, | 2092 | gnutls_x509_privkey_export (proxy_ca.key, GNUTLS_X509_FMT_PEM, |
2191 | pgc->key, &key_buf_size); | 2093 | pgc->key, &key_buf_size); |
2192 | gnutls_x509_crt_deinit (request); | 2094 | gnutls_x509_crt_deinit (request); |
2193 | return pgc; | 2095 | return pgc; |
2194 | } | 2096 | } |
@@ -2229,27 +2131,27 @@ lookup_ssl_httpd (const char* domain) | |||
2229 | } | 2131 | } |
2230 | for (hd = mhd_httpd_head; NULL != hd; hd = hd->next) | 2132 | for (hd = mhd_httpd_head; NULL != hd; hd = hd->next) |
2231 | if ( (NULL != hd->domain) && | 2133 | if ( (NULL != hd->domain) && |
2232 | (0 == strcmp (hd->domain, domain)) ) | 2134 | (0 == strcmp (hd->domain, domain)) ) |
2233 | return hd; | 2135 | return hd; |
2234 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2136 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2235 | "Starting fresh MHD HTTPS instance for domain `%s'\n", | 2137 | "Starting fresh MHD HTTPS instance for domain `%s'\n", |
2236 | domain); | 2138 | domain); |
2237 | pgc = generate_gns_certificate (domain); | 2139 | pgc = generate_gns_certificate (domain); |
2238 | hd = GNUNET_new (struct MhdHttpList); | 2140 | hd = GNUNET_new (struct MhdHttpList); |
2239 | hd->is_ssl = GNUNET_YES; | 2141 | hd->is_ssl = GNUNET_YES; |
2240 | hd->domain = GNUNET_strdup (domain); | 2142 | hd->domain = GNUNET_strdup (domain); |
2241 | hd->proxy_cert = pgc; | 2143 | hd->proxy_cert = pgc; |
2242 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL | MHD_USE_NO_LISTEN_SOCKET, | 2144 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL | MHD_USE_NO_LISTEN_SOCKET, |
2243 | 0, | 2145 | 0, |
2244 | NULL, NULL, | 2146 | NULL, NULL, |
2245 | &create_response, hd, | 2147 | &create_response, hd, |
2246 | MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16, | 2148 | MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16, |
2247 | MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL, | 2149 | MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL, |
2248 | MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL, | 2150 | MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL, |
2249 | MHD_OPTION_EXTERNAL_LOGGER, &mhd_error_log_callback, NULL, | 2151 | MHD_OPTION_EXTERNAL_LOGGER, &mhd_error_log_callback, NULL, |
2250 | MHD_OPTION_HTTPS_MEM_KEY, pgc->key, | 2152 | MHD_OPTION_HTTPS_MEM_KEY, pgc->key, |
2251 | MHD_OPTION_HTTPS_MEM_CERT, pgc->cert, | 2153 | MHD_OPTION_HTTPS_MEM_CERT, pgc->cert, |
2252 | MHD_OPTION_END); | 2154 | MHD_OPTION_END); |
2253 | if (NULL == hd->daemon) | 2155 | if (NULL == hd->daemon) |
2254 | { | 2156 | { |
2255 | GNUNET_free (pgc); | 2157 | GNUNET_free (pgc); |
@@ -2257,8 +2159,8 @@ lookup_ssl_httpd (const char* domain) | |||
2257 | return NULL; | 2159 | return NULL; |
2258 | } | 2160 | } |
2259 | GNUNET_CONTAINER_DLL_insert (mhd_httpd_head, | 2161 | GNUNET_CONTAINER_DLL_insert (mhd_httpd_head, |
2260 | mhd_httpd_tail, | 2162 | mhd_httpd_tail, |
2261 | hd); | 2163 | hd); |
2262 | return hd; | 2164 | return hd; |
2263 | } | 2165 | } |
2264 | 2166 | ||
@@ -2273,7 +2175,7 @@ lookup_ssl_httpd (const char* domain) | |||
2273 | */ | 2175 | */ |
2274 | static void | 2176 | static void |
2275 | timeout_s5r_handshake (void *cls, | 2177 | timeout_s5r_handshake (void *cls, |
2276 | const struct GNUNET_SCHEDULER_TaskContext *tc) | 2178 | const struct GNUNET_SCHEDULER_TaskContext *tc) |
2277 | { | 2179 | { |
2278 | struct Socks5Request *s5r = cls; | 2180 | struct Socks5Request *s5r = cls; |
2279 | 2181 | ||
@@ -2300,22 +2202,22 @@ setup_data_transfer (struct Socks5Request *s5r) | |||
2300 | 2202 | ||
2301 | switch (s5r->port) | 2203 | switch (s5r->port) |
2302 | { | 2204 | { |
2303 | case HTTPS_PORT: | 2205 | case HTTPS_PORT: |
2304 | hd = lookup_ssl_httpd (s5r->domain); | 2206 | hd = lookup_ssl_httpd (s5r->domain); |
2305 | if (NULL == hd) | 2207 | if (NULL == hd) |
2306 | { | 2208 | { |
2307 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2209 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2308 | _("Failed to start HTTPS server for `%s'\n"), | 2210 | _("Failed to start HTTPS server for `%s'\n"), |
2309 | s5r->domain); | 2211 | s5r->domain); |
2310 | cleanup_s5r (s5r); | 2212 | cleanup_s5r (s5r); |
2311 | return; | 2213 | return; |
2312 | } | 2214 | } |
2313 | break; | 2215 | break; |
2314 | case HTTP_PORT: | 2216 | case HTTP_PORT: |
2315 | default: | 2217 | default: |
2316 | GNUNET_assert (NULL != httpd); | 2218 | GNUNET_assert (NULL != httpd); |
2317 | hd = httpd; | 2219 | hd = httpd; |
2318 | break; | 2220 | break; |
2319 | } | 2221 | } |
2320 | fd = GNUNET_NETWORK_get_fd (s5r->sock); | 2222 | fd = GNUNET_NETWORK_get_fd (s5r->sock); |
2321 | addr = GNUNET_NETWORK_get_addr (s5r->sock); | 2223 | addr = GNUNET_NETWORK_get_addr (s5r->sock); |
@@ -2324,15 +2226,15 @@ setup_data_transfer (struct Socks5Request *s5r) | |||
2324 | if (MHD_YES != MHD_add_connection (hd->daemon, fd, addr, len)) | 2226 | if (MHD_YES != MHD_add_connection (hd->daemon, fd, addr, len)) |
2325 | { | 2227 | { |
2326 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 2228 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
2327 | _("Failed to pass client to MHD\n")); | 2229 | _("Failed to pass client to MHD\n")); |
2328 | cleanup_s5r (s5r); | 2230 | cleanup_s5r (s5r); |
2329 | return; | 2231 | return; |
2330 | } | 2232 | } |
2331 | s5r->hd = hd; | 2233 | s5r->hd = hd; |
2332 | schedule_httpd (hd); | 2234 | schedule_httpd (hd); |
2333 | s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT, | 2235 | s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT, |
2334 | &timeout_s5r_handshake, | 2236 | &timeout_s5r_handshake, |
2335 | s5r); | 2237 | s5r); |
2336 | } | 2238 | } |
2337 | 2239 | ||
2338 | 2240 | ||
@@ -2347,15 +2249,15 @@ setup_data_transfer (struct Socks5Request *s5r) | |||
2347 | */ | 2249 | */ |
2348 | static void | 2250 | static void |
2349 | do_write (void *cls, | 2251 | do_write (void *cls, |
2350 | const struct GNUNET_SCHEDULER_TaskContext *tc) | 2252 | const struct GNUNET_SCHEDULER_TaskContext *tc) |
2351 | { | 2253 | { |
2352 | struct Socks5Request *s5r = cls; | 2254 | struct Socks5Request *s5r = cls; |
2353 | ssize_t len; | 2255 | ssize_t len; |
2354 | 2256 | ||
2355 | s5r->wtask = NULL; | 2257 | s5r->wtask = NULL; |
2356 | len = GNUNET_NETWORK_socket_send (s5r->sock, | 2258 | len = GNUNET_NETWORK_socket_send (s5r->sock, |
2357 | s5r->wbuf, | 2259 | s5r->wbuf, |
2358 | s5r->wbuf_len); | 2260 | s5r->wbuf_len); |
2359 | if (len <= 0) | 2261 | if (len <= 0) |
2360 | { | 2262 | { |
2361 | /* write error: connection closed, shutdown, etc.; just clean up */ | 2263 | /* write error: connection closed, shutdown, etc.; just clean up */ |
@@ -2363,16 +2265,16 @@ do_write (void *cls, | |||
2363 | return; | 2265 | return; |
2364 | } | 2266 | } |
2365 | memmove (s5r->wbuf, | 2267 | memmove (s5r->wbuf, |
2366 | &s5r->wbuf[len], | 2268 | &s5r->wbuf[len], |
2367 | s5r->wbuf_len - len); | 2269 | s5r->wbuf_len - len); |
2368 | s5r->wbuf_len -= len; | 2270 | s5r->wbuf_len -= len; |
2369 | if (s5r->wbuf_len > 0) | 2271 | if (s5r->wbuf_len > 0) |
2370 | { | 2272 | { |
2371 | /* not done writing */ | 2273 | /* not done writing */ |
2372 | s5r->wtask = | 2274 | s5r->wtask = |
2373 | GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, | 2275 | GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, |
2374 | s5r->sock, | 2276 | s5r->sock, |
2375 | &do_write, s5r); | 2277 | &do_write, s5r); |
2376 | return; | 2278 | return; |
2377 | } | 2279 | } |
2378 | 2280 | ||
@@ -2380,21 +2282,21 @@ do_write (void *cls, | |||
2380 | 2282 | ||
2381 | switch (s5r->state) | 2283 | switch (s5r->state) |
2382 | { | 2284 | { |
2383 | case SOCKS5_INIT: | 2285 | case SOCKS5_INIT: |
2384 | GNUNET_assert (0); | 2286 | GNUNET_assert (0); |
2385 | break; | 2287 | break; |
2386 | case SOCKS5_REQUEST: | 2288 | case SOCKS5_REQUEST: |
2387 | GNUNET_assert (NULL != s5r->rtask); | 2289 | GNUNET_assert (NULL != s5r->rtask); |
2388 | break; | 2290 | break; |
2389 | case SOCKS5_DATA_TRANSFER: | 2291 | case SOCKS5_DATA_TRANSFER: |
2390 | setup_data_transfer (s5r); | 2292 | setup_data_transfer (s5r); |
2391 | return; | 2293 | return; |
2392 | case SOCKS5_WRITE_THEN_CLEANUP: | 2294 | case SOCKS5_WRITE_THEN_CLEANUP: |
2393 | cleanup_s5r (s5r); | 2295 | cleanup_s5r (s5r); |
2394 | return; | 2296 | return; |
2395 | default: | 2297 | default: |
2396 | GNUNET_break (0); | 2298 | GNUNET_break (0); |
2397 | break; | 2299 | break; |
2398 | } | 2300 | } |
2399 | } | 2301 | } |
2400 | 2302 | ||
@@ -2407,7 +2309,7 @@ do_write (void *cls, | |||
2407 | */ | 2309 | */ |
2408 | static void | 2310 | static void |
2409 | signal_socks_failure (struct Socks5Request *s5r, | 2311 | signal_socks_failure (struct Socks5Request *s5r, |
2410 | enum Socks5StatusCode sc) | 2312 | enum Socks5StatusCode sc) |
2411 | { | 2313 | { |
2412 | struct Socks5ServerResponseMessage *s_resp; | 2314 | struct Socks5ServerResponseMessage *s_resp; |
2413 | 2315 | ||
@@ -2419,8 +2321,8 @@ signal_socks_failure (struct Socks5Request *s5r, | |||
2419 | if (NULL != s5r->wtask) | 2321 | if (NULL != s5r->wtask) |
2420 | s5r->wtask = | 2322 | s5r->wtask = |
2421 | GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, | 2323 | GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, |
2422 | s5r->sock, | 2324 | s5r->sock, |
2423 | &do_write, s5r); | 2325 | &do_write, s5r); |
2424 | } | 2326 | } |
2425 | 2327 | ||
2426 | 2328 | ||
@@ -2441,15 +2343,15 @@ signal_socks_success (struct Socks5Request *s5r) | |||
2441 | s_resp->addr_type = SOCKS5_AT_IPV4; | 2343 | s_resp->addr_type = SOCKS5_AT_IPV4; |
2442 | /* zero out IPv4 address and port */ | 2344 | /* zero out IPv4 address and port */ |
2443 | memset (&s_resp[1], | 2345 | memset (&s_resp[1], |
2444 | 0, | 2346 | 0, |
2445 | sizeof (struct in_addr) + sizeof (uint16_t)); | 2347 | sizeof (struct in_addr) + sizeof (uint16_t)); |
2446 | s5r->wbuf_len += sizeof (struct Socks5ServerResponseMessage) + | 2348 | s5r->wbuf_len += sizeof (struct Socks5ServerResponseMessage) + |
2447 | sizeof (struct in_addr) + sizeof (uint16_t); | 2349 | sizeof (struct in_addr) + sizeof (uint16_t); |
2448 | if (NULL == s5r->wtask) | 2350 | if (NULL == s5r->wtask) |
2449 | s5r->wtask = | 2351 | s5r->wtask = |
2450 | GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, | 2352 | GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, |
2451 | s5r->sock, | 2353 | s5r->sock, |
2452 | &do_write, s5r); | 2354 | &do_write, s5r); |
2453 | } | 2355 | } |
2454 | 2356 | ||
2455 | 2357 | ||
@@ -2462,8 +2364,8 @@ signal_socks_success (struct Socks5Request *s5r) | |||
2462 | */ | 2364 | */ |
2463 | static void | 2365 | static void |
2464 | handle_gns_result (void *cls, | 2366 | handle_gns_result (void *cls, |
2465 | uint32_t rd_count, | 2367 | uint32_t rd_count, |
2466 | const struct GNUNET_GNSRECORD_Data *rd) | 2368 | const struct GNUNET_GNSRECORD_Data *rd) |
2467 | { | 2369 | { |
2468 | struct Socks5Request *s5r = cls; | 2370 | struct Socks5Request *s5r = cls; |
2469 | uint32_t i; | 2371 | uint32_t i; |
@@ -2477,100 +2379,100 @@ handle_gns_result (void *cls, | |||
2477 | r = &rd[i]; | 2379 | r = &rd[i]; |
2478 | switch (r->record_type) | 2380 | switch (r->record_type) |
2479 | { | 2381 | { |
2480 | case GNUNET_DNSPARSER_TYPE_A: | 2382 | case GNUNET_DNSPARSER_TYPE_A: |
2481 | { | 2383 | { |
2482 | struct sockaddr_in *in; | 2384 | struct sockaddr_in *in; |
2483 | 2385 | ||
2484 | if (sizeof (struct in_addr) != r->data_size) | 2386 | if (sizeof (struct in_addr) != r->data_size) |
2485 | { | 2387 | { |
2486 | GNUNET_break_op (0); | 2388 | GNUNET_break_op (0); |
2487 | break; | 2389 | break; |
2488 | } | 2390 | } |
2489 | if (GNUNET_YES == got_ip) | 2391 | if (GNUNET_YES == got_ip) |
2490 | break; | 2392 | break; |
2491 | if (GNUNET_OK != | 2393 | if (GNUNET_OK != |
2492 | GNUNET_NETWORK_test_pf (PF_INET)) | 2394 | GNUNET_NETWORK_test_pf (PF_INET)) |
2493 | break; | 2395 | break; |
2494 | got_ip = GNUNET_YES; | 2396 | got_ip = GNUNET_YES; |
2495 | in = (struct sockaddr_in *) &s5r->destination_address; | 2397 | in = (struct sockaddr_in *) &s5r->destination_address; |
2496 | in->sin_family = AF_INET; | 2398 | in->sin_family = AF_INET; |
2497 | memcpy (&in->sin_addr, | 2399 | memcpy (&in->sin_addr, |
2498 | r->data, | 2400 | r->data, |
2499 | r->data_size); | 2401 | r->data_size); |
2500 | in->sin_port = htons (s5r->port); | 2402 | in->sin_port = htons (s5r->port); |
2501 | #if HAVE_SOCKADDR_IN_SIN_LEN | 2403 | #if HAVE_SOCKADDR_IN_SIN_LEN |
2502 | in->sin_len = sizeof (*in); | 2404 | in->sin_len = sizeof (*in); |
2503 | #endif | 2405 | #endif |
2504 | } | 2406 | } |
2505 | break; | 2407 | break; |
2506 | case GNUNET_DNSPARSER_TYPE_AAAA: | 2408 | case GNUNET_DNSPARSER_TYPE_AAAA: |
2507 | { | 2409 | { |
2508 | struct sockaddr_in6 *in; | 2410 | struct sockaddr_in6 *in; |
2509 | 2411 | ||
2510 | if (sizeof (struct in6_addr) != r->data_size) | 2412 | if (sizeof (struct in6_addr) != r->data_size) |
2511 | { | 2413 | { |
2512 | GNUNET_break_op (0); | 2414 | GNUNET_break_op (0); |
2513 | break; | 2415 | break; |
2514 | } | 2416 | } |
2515 | if (GNUNET_YES == got_ip) | 2417 | if (GNUNET_YES == got_ip) |
2516 | break; | 2418 | break; |
2517 | if (GNUNET_OK != | 2419 | if (GNUNET_OK != |
2518 | GNUNET_NETWORK_test_pf (PF_INET)) | 2420 | GNUNET_NETWORK_test_pf (PF_INET)) |
2519 | break; | 2421 | break; |
2520 | /* FIXME: allow user to disable IPv6 per configuration option... */ | 2422 | /* FIXME: allow user to disable IPv6 per configuration option... */ |
2521 | got_ip = GNUNET_YES; | 2423 | got_ip = GNUNET_YES; |
2522 | in = (struct sockaddr_in6 *) &s5r->destination_address; | 2424 | in = (struct sockaddr_in6 *) &s5r->destination_address; |
2523 | in->sin6_family = AF_INET6; | 2425 | in->sin6_family = AF_INET6; |
2524 | memcpy (&in->sin6_addr, | 2426 | memcpy (&in->sin6_addr, |
2525 | r->data, | 2427 | r->data, |
2526 | r->data_size); | 2428 | r->data_size); |
2527 | in->sin6_port = htons (s5r->port); | 2429 | in->sin6_port = htons (s5r->port); |
2528 | #if HAVE_SOCKADDR_IN_SIN_LEN | 2430 | #if HAVE_SOCKADDR_IN_SIN_LEN |
2529 | in->sin6_len = sizeof (*in); | 2431 | in->sin6_len = sizeof (*in); |
2530 | #endif | 2432 | #endif |
2531 | } | 2433 | } |
2532 | break; | 2434 | break; |
2533 | case GNUNET_GNSRECORD_TYPE_VPN: | 2435 | case GNUNET_GNSRECORD_TYPE_VPN: |
2534 | GNUNET_break (0); /* should have been translated within GNS */ | 2436 | GNUNET_break (0); /* should have been translated within GNS */ |
2535 | break; | 2437 | break; |
2536 | case GNUNET_GNSRECORD_TYPE_LEHO: | 2438 | case GNUNET_GNSRECORD_TYPE_LEHO: |
2537 | GNUNET_free_non_null (s5r->leho); | 2439 | GNUNET_free_non_null (s5r->leho); |
2538 | s5r->leho = GNUNET_strndup (r->data, | 2440 | s5r->leho = GNUNET_strndup (r->data, |
2539 | r->data_size); | 2441 | r->data_size); |
2540 | break; | 2442 | break; |
2541 | case GNUNET_GNSRECORD_TYPE_BOX: | 2443 | case GNUNET_GNSRECORD_TYPE_BOX: |
2542 | { | 2444 | { |
2543 | const struct GNUNET_GNSRECORD_BoxRecord *box; | 2445 | const struct GNUNET_GNSRECORD_BoxRecord *box; |
2544 | 2446 | ||
2545 | if (r->data_size < sizeof (struct GNUNET_GNSRECORD_BoxRecord)) | 2447 | if (r->data_size < sizeof (struct GNUNET_GNSRECORD_BoxRecord)) |
2546 | { | 2448 | { |
2547 | GNUNET_break_op (0); | 2449 | GNUNET_break_op (0); |
2548 | break; | ||
2549 | } | ||
2550 | box = r->data; | ||
2551 | if ( (ntohl (box->record_type) != GNUNET_DNSPARSER_TYPE_TLSA) || | ||
2552 | (ntohs (box->protocol) != IPPROTO_TCP) || | ||
2553 | (ntohs (box->service) != s5r->port) ) | ||
2554 | break; /* BOX record does not apply */ | ||
2555 | GNUNET_free_non_null (s5r->dane_data); | ||
2556 | s5r->dane_data_len = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); | ||
2557 | s5r->dane_data = GNUNET_malloc (s5r->dane_data_len); | ||
2558 | memcpy (s5r->dane_data, | ||
2559 | &box[1], | ||
2560 | s5r->dane_data_len); | ||
2561 | break; | 2450 | break; |
2562 | } | 2451 | } |
2563 | default: | 2452 | box = r->data; |
2564 | /* don't care */ | 2453 | if ( (ntohl (box->record_type) != GNUNET_DNSPARSER_TYPE_TLSA) || |
2454 | (ntohs (box->protocol) != IPPROTO_TCP) || | ||
2455 | (ntohs (box->service) != s5r->port) ) | ||
2456 | break; /* BOX record does not apply */ | ||
2457 | GNUNET_free_non_null (s5r->dane_data); | ||
2458 | s5r->dane_data_len = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); | ||
2459 | s5r->dane_data = GNUNET_malloc (s5r->dane_data_len); | ||
2460 | memcpy (s5r->dane_data, | ||
2461 | &box[1], | ||
2462 | s5r->dane_data_len); | ||
2565 | break; | 2463 | break; |
2464 | } | ||
2465 | default: | ||
2466 | /* don't care */ | ||
2467 | break; | ||
2566 | } | 2468 | } |
2567 | } | 2469 | } |
2568 | if (GNUNET_YES != got_ip) | 2470 | if (GNUNET_YES != got_ip) |
2569 | { | 2471 | { |
2570 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2472 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2571 | "Name resolution failed to yield useful IP address.\n"); | 2473 | "Name resolution failed to yield useful IP address.\n"); |
2572 | signal_socks_failure (s5r, | 2474 | signal_socks_failure (s5r, |
2573 | SOCKS5_STATUS_GENERAL_FAILURE); | 2475 | SOCKS5_STATUS_GENERAL_FAILURE); |
2574 | return; | 2476 | return; |
2575 | } | 2477 | } |
2576 | s5r->state = SOCKS5_DATA_TRANSFER; | 2478 | s5r->state = SOCKS5_DATA_TRANSFER; |
@@ -2586,12 +2488,12 @@ handle_gns_result (void *cls, | |||
2586 | */ | 2488 | */ |
2587 | static void | 2489 | static void |
2588 | clear_from_s5r_rbuf (struct Socks5Request *s5r, | 2490 | clear_from_s5r_rbuf (struct Socks5Request *s5r, |
2589 | size_t len) | 2491 | size_t len) |
2590 | { | 2492 | { |
2591 | GNUNET_assert (len <= s5r->rbuf_len); | 2493 | GNUNET_assert (len <= s5r->rbuf_len); |
2592 | memmove (s5r->rbuf, | 2494 | memmove (s5r->rbuf, |
2593 | &s5r->rbuf[len], | 2495 | &s5r->rbuf[len], |
2594 | s5r->rbuf_len - len); | 2496 | s5r->rbuf_len - len); |
2595 | s5r->rbuf_len -= len; | 2497 | s5r->rbuf_len -= len; |
2596 | } | 2498 | } |
2597 | 2499 | ||
@@ -2604,7 +2506,7 @@ clear_from_s5r_rbuf (struct Socks5Request *s5r, | |||
2604 | */ | 2506 | */ |
2605 | static void | 2507 | static void |
2606 | do_s5r_read (void *cls, | 2508 | do_s5r_read (void *cls, |
2607 | const struct GNUNET_SCHEDULER_TaskContext *tc) | 2509 | const struct GNUNET_SCHEDULER_TaskContext *tc) |
2608 | { | 2510 | { |
2609 | struct Socks5Request *s5r = cls; | 2511 | struct Socks5Request *s5r = cls; |
2610 | const struct Socks5ClientHelloMessage *c_hello; | 2512 | const struct Socks5ClientHelloMessage *c_hello; |
@@ -2618,196 +2520,196 @@ do_s5r_read (void *cls, | |||
2618 | (GNUNET_NETWORK_fdset_isset (tc->read_ready, s5r->sock)) ) | 2520 | (GNUNET_NETWORK_fdset_isset (tc->read_ready, s5r->sock)) ) |
2619 | { | 2521 | { |
2620 | rlen = GNUNET_NETWORK_socket_recv (s5r->sock, | 2522 | rlen = GNUNET_NETWORK_socket_recv (s5r->sock, |
2621 | &s5r->rbuf[s5r->rbuf_len], | 2523 | &s5r->rbuf[s5r->rbuf_len], |
2622 | sizeof (s5r->rbuf) - s5r->rbuf_len); | 2524 | sizeof (s5r->rbuf) - s5r->rbuf_len); |
2623 | if (rlen <= 0) | 2525 | if (rlen <= 0) |
2624 | { | 2526 | { |
2625 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2527 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2626 | "socks5 client disconnected.\n"); | 2528 | "socks5 client disconnected.\n"); |
2627 | cleanup_s5r (s5r); | 2529 | cleanup_s5r (s5r); |
2628 | return; | 2530 | return; |
2629 | } | 2531 | } |
2630 | s5r->rbuf_len += rlen; | 2532 | s5r->rbuf_len += rlen; |
2631 | } | 2533 | } |
2632 | s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | 2534 | s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, |
2633 | s5r->sock, | 2535 | s5r->sock, |
2634 | &do_s5r_read, s5r); | 2536 | &do_s5r_read, s5r); |
2635 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2537 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2636 | "Processing %u bytes of socks data in state %d\n", | 2538 | "Processing %u bytes of socks data in state %d\n", |
2637 | s5r->rbuf_len, | 2539 | s5r->rbuf_len, |
2638 | s5r->state); | 2540 | s5r->state); |
2639 | switch (s5r->state) | 2541 | switch (s5r->state) |
2640 | { | 2542 | { |
2641 | case SOCKS5_INIT: | 2543 | case SOCKS5_INIT: |
2642 | c_hello = (const struct Socks5ClientHelloMessage*) &s5r->rbuf; | 2544 | c_hello = (const struct Socks5ClientHelloMessage*) &s5r->rbuf; |
2643 | if ( (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage)) || | 2545 | if ( (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage)) || |
2644 | (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods) ) | 2546 | (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods) ) |
2645 | return; /* need more data */ | 2547 | return; /* need more data */ |
2646 | if (SOCKS_VERSION_5 != c_hello->version) | 2548 | if (SOCKS_VERSION_5 != c_hello->version) |
2647 | { | 2549 | { |
2648 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2550 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2649 | _("Unsupported socks version %d\n"), | 2551 | _("Unsupported socks version %d\n"), |
2650 | (int) c_hello->version); | 2552 | (int) c_hello->version); |
2651 | cleanup_s5r (s5r); | 2553 | cleanup_s5r (s5r); |
2652 | return; | ||
2653 | } | ||
2654 | clear_from_s5r_rbuf (s5r, | ||
2655 | sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods); | ||
2656 | GNUNET_assert (0 == s5r->wbuf_len); | ||
2657 | s_hello = (struct Socks5ServerHelloMessage *) &s5r->wbuf; | ||
2658 | s5r->wbuf_len = sizeof (struct Socks5ServerHelloMessage); | ||
2659 | s_hello->version = SOCKS_VERSION_5; | ||
2660 | s_hello->auth_method = SOCKS_AUTH_NONE; | ||
2661 | GNUNET_assert (NULL == s5r->wtask); | ||
2662 | s5r->wtask = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
2663 | s5r->sock, | ||
2664 | &do_write, s5r); | ||
2665 | s5r->state = SOCKS5_REQUEST; | ||
2666 | return; | 2554 | return; |
2667 | case SOCKS5_REQUEST: | 2555 | } |
2668 | c_req = (const struct Socks5ClientRequestMessage *) &s5r->rbuf; | 2556 | clear_from_s5r_rbuf (s5r, |
2669 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage)) | 2557 | sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods); |
2670 | return; | 2558 | GNUNET_assert (0 == s5r->wbuf_len); |
2671 | switch (c_req->command) | 2559 | s_hello = (struct Socks5ServerHelloMessage *) &s5r->wbuf; |
2560 | s5r->wbuf_len = sizeof (struct Socks5ServerHelloMessage); | ||
2561 | s_hello->version = SOCKS_VERSION_5; | ||
2562 | s_hello->auth_method = SOCKS_AUTH_NONE; | ||
2563 | GNUNET_assert (NULL == s5r->wtask); | ||
2564 | s5r->wtask = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
2565 | s5r->sock, | ||
2566 | &do_write, s5r); | ||
2567 | s5r->state = SOCKS5_REQUEST; | ||
2568 | return; | ||
2569 | case SOCKS5_REQUEST: | ||
2570 | c_req = (const struct Socks5ClientRequestMessage *) &s5r->rbuf; | ||
2571 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage)) | ||
2572 | return; | ||
2573 | switch (c_req->command) | ||
2574 | { | ||
2575 | case SOCKS5_CMD_TCP_STREAM: | ||
2576 | /* handled below */ | ||
2577 | break; | ||
2578 | default: | ||
2579 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2580 | _("Unsupported socks command %d\n"), | ||
2581 | (int) c_req->command); | ||
2582 | signal_socks_failure (s5r, | ||
2583 | SOCKS5_STATUS_COMMAND_NOT_SUPPORTED); | ||
2584 | return; | ||
2585 | } | ||
2586 | switch (c_req->addr_type) | ||
2587 | { | ||
2588 | case SOCKS5_AT_IPV4: | ||
2672 | { | 2589 | { |
2673 | case SOCKS5_CMD_TCP_STREAM: | 2590 | const struct in_addr *v4 = (const struct in_addr *) &c_req[1]; |
2674 | /* handled below */ | 2591 | const uint16_t *port = (const uint16_t *) &v4[1]; |
2675 | break; | 2592 | struct sockaddr_in *in; |
2676 | default: | 2593 | |
2594 | s5r->port = ntohs (*port); | ||
2595 | if (HTTPS_PORT == s5r->port) | ||
2596 | { | ||
2677 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2597 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2678 | _("Unsupported socks command %d\n"), | 2598 | _("SSL connection to plain IPv4 address requested\n")); |
2679 | (int) c_req->command); | ||
2680 | signal_socks_failure (s5r, | 2599 | signal_socks_failure (s5r, |
2681 | SOCKS5_STATUS_COMMAND_NOT_SUPPORTED); | 2600 | SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE); |
2682 | return; | 2601 | return; |
2683 | } | 2602 | } |
2684 | switch (c_req->addr_type) | 2603 | alen = sizeof (struct in_addr); |
2685 | { | 2604 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) + |
2686 | case SOCKS5_AT_IPV4: | 2605 | alen + sizeof (uint16_t)) |
2687 | { | 2606 | return; /* need more data */ |
2688 | const struct in_addr *v4 = (const struct in_addr *) &c_req[1]; | 2607 | in = (struct sockaddr_in *) &s5r->destination_address; |
2689 | const uint16_t *port = (const uint16_t *) &v4[1]; | 2608 | in->sin_family = AF_INET; |
2690 | struct sockaddr_in *in; | 2609 | in->sin_addr = *v4; |
2691 | 2610 | in->sin_port = *port; | |
2692 | s5r->port = ntohs (*port); | ||
2693 | if (HTTPS_PORT == s5r->port) | ||
2694 | { | ||
2695 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2696 | _("SSL connection to plain IPv4 address requested\n")); | ||
2697 | signal_socks_failure (s5r, | ||
2698 | SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE); | ||
2699 | return; | ||
2700 | } | ||
2701 | alen = sizeof (struct in_addr); | ||
2702 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) + | ||
2703 | alen + sizeof (uint16_t)) | ||
2704 | return; /* need more data */ | ||
2705 | in = (struct sockaddr_in *) &s5r->destination_address; | ||
2706 | in->sin_family = AF_INET; | ||
2707 | in->sin_addr = *v4; | ||
2708 | in->sin_port = *port; | ||
2709 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
2710 | in->sin_len = sizeof (*in); | ||
2711 | #endif | ||
2712 | s5r->state = SOCKS5_DATA_TRANSFER; | ||
2713 | } | ||
2714 | break; | ||
2715 | case SOCKS5_AT_IPV6: | ||
2716 | { | ||
2717 | const struct in6_addr *v6 = (const struct in6_addr *) &c_req[1]; | ||
2718 | const uint16_t *port = (const uint16_t *) &v6[1]; | ||
2719 | struct sockaddr_in6 *in; | ||
2720 | |||
2721 | s5r->port = ntohs (*port); | ||
2722 | if (HTTPS_PORT == s5r->port) | ||
2723 | { | ||
2724 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2725 | _("SSL connection to plain IPv4 address requested\n")); | ||
2726 | signal_socks_failure (s5r, | ||
2727 | SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE); | ||
2728 | return; | ||
2729 | } | ||
2730 | alen = sizeof (struct in6_addr); | ||
2731 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) + | ||
2732 | alen + sizeof (uint16_t)) | ||
2733 | return; /* need more data */ | ||
2734 | in = (struct sockaddr_in6 *) &s5r->destination_address; | ||
2735 | in->sin6_family = AF_INET6; | ||
2736 | in->sin6_addr = *v6; | ||
2737 | in->sin6_port = *port; | ||
2738 | #if HAVE_SOCKADDR_IN_SIN_LEN | 2611 | #if HAVE_SOCKADDR_IN_SIN_LEN |
2739 | in->sin6_len = sizeof (*in); | 2612 | in->sin_len = sizeof (*in); |
2740 | #endif | 2613 | #endif |
2741 | s5r->state = SOCKS5_DATA_TRANSFER; | 2614 | s5r->state = SOCKS5_DATA_TRANSFER; |
2742 | } | 2615 | } |
2743 | break; | 2616 | break; |
2744 | case SOCKS5_AT_DOMAINNAME: | 2617 | case SOCKS5_AT_IPV6: |
2745 | { | 2618 | { |
2746 | const uint8_t *dom_len; | 2619 | const struct in6_addr *v6 = (const struct in6_addr *) &c_req[1]; |
2747 | const char *dom_name; | 2620 | const uint16_t *port = (const uint16_t *) &v6[1]; |
2748 | const uint16_t *port; | 2621 | struct sockaddr_in6 *in; |
2749 | 2622 | ||
2750 | dom_len = (const uint8_t *) &c_req[1]; | 2623 | s5r->port = ntohs (*port); |
2751 | alen = *dom_len + 1; | 2624 | if (HTTPS_PORT == s5r->port) |
2752 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) + | 2625 | { |
2753 | alen + sizeof (uint16_t)) | ||
2754 | return; /* need more data */ | ||
2755 | dom_name = (const char *) &dom_len[1]; | ||
2756 | port = (const uint16_t*) &dom_name[*dom_len]; | ||
2757 | s5r->domain = GNUNET_strndup (dom_name, *dom_len); | ||
2758 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2759 | "Requested connection is to %s:%d\n", | ||
2760 | s5r->domain, | ||
2761 | ntohs (*port)); | ||
2762 | s5r->state = SOCKS5_RESOLVING; | ||
2763 | s5r->port = ntohs (*port); | ||
2764 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2765 | s5r->domain, | ||
2766 | &local_gns_zone, | ||
2767 | GNUNET_DNSPARSER_TYPE_A, | ||
2768 | GNUNET_NO /* only cached */, | ||
2769 | (GNUNET_YES == do_shorten) ? &local_shorten_zone : NULL, | ||
2770 | &handle_gns_result, | ||
2771 | s5r); | ||
2772 | break; | ||
2773 | } | ||
2774 | default: | ||
2775 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2626 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2776 | _("Unsupported socks address type %d\n"), | 2627 | _("SSL connection to plain IPv4 address requested\n")); |
2777 | (int) c_req->addr_type); | ||
2778 | signal_socks_failure (s5r, | 2628 | signal_socks_failure (s5r, |
2779 | SOCKS5_STATUS_ADDRESS_TYPE_NOT_SUPPORTED); | 2629 | SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE); |
2780 | return; | 2630 | return; |
2631 | } | ||
2632 | alen = sizeof (struct in6_addr); | ||
2633 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) + | ||
2634 | alen + sizeof (uint16_t)) | ||
2635 | return; /* need more data */ | ||
2636 | in = (struct sockaddr_in6 *) &s5r->destination_address; | ||
2637 | in->sin6_family = AF_INET6; | ||
2638 | in->sin6_addr = *v6; | ||
2639 | in->sin6_port = *port; | ||
2640 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
2641 | in->sin6_len = sizeof (*in); | ||
2642 | #endif | ||
2643 | s5r->state = SOCKS5_DATA_TRANSFER; | ||
2781 | } | 2644 | } |
2782 | clear_from_s5r_rbuf (s5r, | 2645 | break; |
2783 | sizeof (struct Socks5ClientRequestMessage) + | 2646 | case SOCKS5_AT_DOMAINNAME: |
2784 | alen + sizeof (uint16_t)); | ||
2785 | if (0 != s5r->rbuf_len) | ||
2786 | { | ||
2787 | /* read more bytes than healthy, why did the client send more!? */ | ||
2788 | GNUNET_break_op (0); | ||
2789 | signal_socks_failure (s5r, | ||
2790 | SOCKS5_STATUS_GENERAL_FAILURE); | ||
2791 | return; | ||
2792 | } | ||
2793 | if (SOCKS5_DATA_TRANSFER == s5r->state) | ||
2794 | { | 2647 | { |
2795 | /* if we are not waiting for GNS resolution, signal success */ | 2648 | const uint8_t *dom_len; |
2796 | signal_socks_success (s5r); | 2649 | const char *dom_name; |
2650 | const uint16_t *port; | ||
2651 | |||
2652 | dom_len = (const uint8_t *) &c_req[1]; | ||
2653 | alen = *dom_len + 1; | ||
2654 | if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) + | ||
2655 | alen + sizeof (uint16_t)) | ||
2656 | return; /* need more data */ | ||
2657 | dom_name = (const char *) &dom_len[1]; | ||
2658 | port = (const uint16_t*) &dom_name[*dom_len]; | ||
2659 | s5r->domain = GNUNET_strndup (dom_name, *dom_len); | ||
2660 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2661 | "Requested connection is to %s:%d\n", | ||
2662 | s5r->domain, | ||
2663 | ntohs (*port)); | ||
2664 | s5r->state = SOCKS5_RESOLVING; | ||
2665 | s5r->port = ntohs (*port); | ||
2666 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2667 | s5r->domain, | ||
2668 | &local_gns_zone, | ||
2669 | GNUNET_DNSPARSER_TYPE_A, | ||
2670 | GNUNET_NO /* only cached */, | ||
2671 | (GNUNET_YES == do_shorten) ? &local_shorten_zone : NULL, | ||
2672 | &handle_gns_result, | ||
2673 | s5r); | ||
2674 | break; | ||
2797 | } | 2675 | } |
2798 | /* We are done reading right now */ | ||
2799 | GNUNET_SCHEDULER_cancel (s5r->rtask); | ||
2800 | s5r->rtask = NULL; | ||
2801 | return; | ||
2802 | case SOCKS5_RESOLVING: | ||
2803 | GNUNET_assert (0); | ||
2804 | return; | ||
2805 | case SOCKS5_DATA_TRANSFER: | ||
2806 | GNUNET_assert (0); | ||
2807 | return; | ||
2808 | default: | 2676 | default: |
2809 | GNUNET_assert (0); | 2677 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2678 | _("Unsupported socks address type %d\n"), | ||
2679 | (int) c_req->addr_type); | ||
2680 | signal_socks_failure (s5r, | ||
2681 | SOCKS5_STATUS_ADDRESS_TYPE_NOT_SUPPORTED); | ||
2682 | return; | ||
2683 | } | ||
2684 | clear_from_s5r_rbuf (s5r, | ||
2685 | sizeof (struct Socks5ClientRequestMessage) + | ||
2686 | alen + sizeof (uint16_t)); | ||
2687 | if (0 != s5r->rbuf_len) | ||
2688 | { | ||
2689 | /* read more bytes than healthy, why did the client send more!? */ | ||
2690 | GNUNET_break_op (0); | ||
2691 | signal_socks_failure (s5r, | ||
2692 | SOCKS5_STATUS_GENERAL_FAILURE); | ||
2810 | return; | 2693 | return; |
2694 | } | ||
2695 | if (SOCKS5_DATA_TRANSFER == s5r->state) | ||
2696 | { | ||
2697 | /* if we are not waiting for GNS resolution, signal success */ | ||
2698 | signal_socks_success (s5r); | ||
2699 | } | ||
2700 | /* We are done reading right now */ | ||
2701 | GNUNET_SCHEDULER_cancel (s5r->rtask); | ||
2702 | s5r->rtask = NULL; | ||
2703 | return; | ||
2704 | case SOCKS5_RESOLVING: | ||
2705 | GNUNET_assert (0); | ||
2706 | return; | ||
2707 | case SOCKS5_DATA_TRANSFER: | ||
2708 | GNUNET_assert (0); | ||
2709 | return; | ||
2710 | default: | ||
2711 | GNUNET_assert (0); | ||
2712 | return; | ||
2811 | } | 2713 | } |
2812 | } | 2714 | } |
2813 | 2715 | ||
@@ -2820,7 +2722,7 @@ do_s5r_read (void *cls, | |||
2820 | */ | 2722 | */ |
2821 | static void | 2723 | static void |
2822 | do_accept (void *cls, | 2724 | do_accept (void *cls, |
2823 | const struct GNUNET_SCHEDULER_TaskContext *tc) | 2725 | const struct GNUNET_SCHEDULER_TaskContext *tc) |
2824 | { | 2726 | { |
2825 | struct GNUNET_NETWORK_Handle *lsock = cls; | 2727 | struct GNUNET_NETWORK_Handle *lsock = cls; |
2826 | struct GNUNET_NETWORK_Handle *s; | 2728 | struct GNUNET_NETWORK_Handle *s; |
@@ -2850,8 +2752,8 @@ do_accept (void *cls, | |||
2850 | "Got an inbound connection, waiting for data\n"); | 2752 | "Got an inbound connection, waiting for data\n"); |
2851 | s5r = GNUNET_new (struct Socks5Request); | 2753 | s5r = GNUNET_new (struct Socks5Request); |
2852 | GNUNET_CONTAINER_DLL_insert (s5r_head, | 2754 | GNUNET_CONTAINER_DLL_insert (s5r_head, |
2853 | s5r_tail, | 2755 | s5r_tail, |
2854 | s5r); | 2756 | s5r); |
2855 | s5r->sock = s; | 2757 | s5r->sock = s; |
2856 | s5r->state = SOCKS5_INIT; | 2758 | s5r->state = SOCKS5_INIT; |
2857 | s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | 2759 | s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, |
@@ -2955,7 +2857,7 @@ bind_v4 () | |||
2955 | return NULL; | 2857 | return NULL; |
2956 | if (GNUNET_OK != | 2858 | if (GNUNET_OK != |
2957 | GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa4, | 2859 | GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa4, |
2958 | sizeof (sa4))) | 2860 | sizeof (sa4))) |
2959 | { | 2861 | { |
2960 | eno = errno; | 2862 | eno = errno; |
2961 | GNUNET_NETWORK_socket_close (ls); | 2863 | GNUNET_NETWORK_socket_close (ls); |
@@ -2991,7 +2893,7 @@ bind_v6 () | |||
2991 | return NULL; | 2893 | return NULL; |
2992 | if (GNUNET_OK != | 2894 | if (GNUNET_OK != |
2993 | GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa6, | 2895 | GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa6, |
2994 | sizeof (sa6))) | 2896 | sizeof (sa6))) |
2995 | { | 2897 | { |
2996 | eno = errno; | 2898 | eno = errno; |
2997 | GNUNET_NETWORK_socket_close (ls); | 2899 | GNUNET_NETWORK_socket_close (ls); |
@@ -3065,13 +2967,13 @@ run_cont () | |||
3065 | /* start MHD daemon for HTTP */ | 2967 | /* start MHD daemon for HTTP */ |
3066 | hd = GNUNET_new (struct MhdHttpList); | 2968 | hd = GNUNET_new (struct MhdHttpList); |
3067 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_NO_LISTEN_SOCKET, | 2969 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_NO_LISTEN_SOCKET, |
3068 | 0, | 2970 | 0, |
3069 | NULL, NULL, | 2971 | NULL, NULL, |
3070 | &create_response, hd, | 2972 | &create_response, hd, |
3071 | MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16, | 2973 | MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16, |
3072 | MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL, | 2974 | MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL, |
3073 | MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL, | 2975 | MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL, |
3074 | MHD_OPTION_END); | 2976 | MHD_OPTION_END); |
3075 | if (NULL == hd->daemon) | 2977 | if (NULL == hd->daemon) |
3076 | { | 2978 | { |
3077 | GNUNET_free (hd); | 2979 | GNUNET_free (hd); |
@@ -3104,15 +3006,15 @@ run_cont () | |||
3104 | */ | 3006 | */ |
3105 | static void | 3007 | static void |
3106 | identity_shorten_cb (void *cls, | 3008 | identity_shorten_cb (void *cls, |
3107 | struct GNUNET_IDENTITY_Ego *ego, | 3009 | struct GNUNET_IDENTITY_Ego *ego, |
3108 | void **ctx, | 3010 | void **ctx, |
3109 | const char *name) | 3011 | const char *name) |
3110 | { | 3012 | { |
3111 | id_op = NULL; | 3013 | id_op = NULL; |
3112 | if (NULL == ego) | 3014 | if (NULL == ego) |
3113 | { | 3015 | { |
3114 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 3016 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
3115 | _("No ego configured for `shorten-zone`\n")); | 3017 | _("No ego configured for `shorten-zone`\n")); |
3116 | } | 3018 | } |
3117 | else | 3019 | else |
3118 | { | 3020 | { |
@@ -3144,25 +3046,25 @@ identity_shorten_cb (void *cls, | |||
3144 | */ | 3046 | */ |
3145 | static void | 3047 | static void |
3146 | identity_master_cb (void *cls, | 3048 | identity_master_cb (void *cls, |
3147 | struct GNUNET_IDENTITY_Ego *ego, | 3049 | struct GNUNET_IDENTITY_Ego *ego, |
3148 | void **ctx, | 3050 | void **ctx, |
3149 | const char *name) | 3051 | const char *name) |
3150 | { | 3052 | { |
3151 | id_op = NULL; | 3053 | id_op = NULL; |
3152 | if (NULL == ego) | 3054 | if (NULL == ego) |
3153 | { | 3055 | { |
3154 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 3056 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
3155 | _("No ego configured for `%s`\n"), | 3057 | _("No ego configured for `%s`\n"), |
3156 | "gns-proxy"); | 3058 | "gns-proxy"); |
3157 | GNUNET_SCHEDULER_shutdown (); | 3059 | GNUNET_SCHEDULER_shutdown (); |
3158 | return; | 3060 | return; |
3159 | } | 3061 | } |
3160 | GNUNET_IDENTITY_ego_get_public_key (ego, | 3062 | GNUNET_IDENTITY_ego_get_public_key (ego, |
3161 | &local_gns_zone); | 3063 | &local_gns_zone); |
3162 | id_op = GNUNET_IDENTITY_get (identity, | 3064 | id_op = GNUNET_IDENTITY_get (identity, |
3163 | "gns-short", | 3065 | "gns-short", |
3164 | &identity_shorten_cb, | 3066 | &identity_shorten_cb, |
3165 | NULL); | 3067 | NULL); |
3166 | } | 3068 | } |
3167 | 3069 | ||
3168 | 3070 | ||
@@ -3193,12 +3095,12 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
3193 | if (NULL == cafile) | 3095 | if (NULL == cafile) |
3194 | { | 3096 | { |
3195 | if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns-proxy", | 3097 | if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns-proxy", |
3196 | "PROXY_CACERT", | 3098 | "PROXY_CACERT", |
3197 | &cafile_cfg)) | 3099 | &cafile_cfg)) |
3198 | { | 3100 | { |
3199 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, | 3101 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, |
3200 | "gns-proxy", | 3102 | "gns-proxy", |
3201 | "PROXY_CACERT"); | 3103 | "PROXY_CACERT"); |
3202 | return; | 3104 | return; |
3203 | } | 3105 | } |
3204 | cafile = cafile_cfg; | 3106 | cafile = cafile_cfg; |
@@ -3214,8 +3116,8 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
3214 | (GNUNET_OK != load_key_from_file (proxy_ca.key, cafile)) ) | 3116 | (GNUNET_OK != load_key_from_file (proxy_ca.key, cafile)) ) |
3215 | { | 3117 | { |
3216 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 3118 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
3217 | _("Failed to load SSL/TLS key and certificate from `%s'\n"), | 3119 | _("Failed to load SSL/TLS key and certificate from `%s'\n"), |
3218 | cafile); | 3120 | cafile); |
3219 | gnutls_x509_crt_deinit (proxy_ca.cert); | 3121 | gnutls_x509_crt_deinit (proxy_ca.cert); |
3220 | gnutls_x509_privkey_deinit (proxy_ca.key); | 3122 | gnutls_x509_privkey_deinit (proxy_ca.key); |
3221 | gnutls_global_deinit (); | 3123 | gnutls_global_deinit (); |
@@ -3233,11 +3135,11 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
3233 | return; | 3135 | return; |
3234 | } | 3136 | } |
3235 | identity = GNUNET_IDENTITY_connect (cfg, | 3137 | identity = GNUNET_IDENTITY_connect (cfg, |
3236 | NULL, NULL); | 3138 | NULL, NULL); |
3237 | id_op = GNUNET_IDENTITY_get (identity, | 3139 | id_op = GNUNET_IDENTITY_get (identity, |
3238 | "gns-proxy", | 3140 | "gns-proxy", |
3239 | &identity_master_cb, | 3141 | &identity_master_cb, |
3240 | NULL); | 3142 | NULL); |
3241 | GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, | 3143 | GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, |
3242 | &do_shutdown, NULL); | 3144 | &do_shutdown, NULL); |
3243 | } | 3145 | } |
@@ -3255,8 +3157,8 @@ main (int argc, char *const *argv) | |||
3255 | { | 3157 | { |
3256 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { | 3158 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { |
3257 | {'p', "port", NULL, | 3159 | {'p', "port", NULL, |
3258 | gettext_noop ("listen on specified port (default: 7777)"), 1, | 3160 | gettext_noop ("listen on specified port (default: 7777)"), 1, |
3259 | &GNUNET_GETOPT_set_ulong, &port}, | 3161 | &GNUNET_GETOPT_set_ulong, &port}, |
3260 | {'a', "authority", NULL, | 3162 | {'a', "authority", NULL, |
3261 | gettext_noop ("pem file to use as CA"), 1, | 3163 | gettext_noop ("pem file to use as CA"), 1, |
3262 | &GNUNET_GETOPT_set_string, &cafile_opt}, | 3164 | &GNUNET_GETOPT_set_string, &cafile_opt}, |
@@ -3271,15 +3173,15 @@ main (int argc, char *const *argv) | |||
3271 | return 2; | 3173 | return 2; |
3272 | GNUNET_log_setup ("gnunet-gns-proxy", "WARNING", NULL); | 3174 | GNUNET_log_setup ("gnunet-gns-proxy", "WARNING", NULL); |
3273 | curl_failure_response = MHD_create_response_from_buffer (strlen (page), | 3175 | curl_failure_response = MHD_create_response_from_buffer (strlen (page), |
3274 | (void*)page, | 3176 | (void*)page, |
3275 | MHD_RESPMEM_PERSISTENT); | 3177 | MHD_RESPMEM_PERSISTENT); |
3276 | 3178 | ||
3277 | ret = | 3179 | ret = |
3278 | (GNUNET_OK == | 3180 | (GNUNET_OK == |
3279 | GNUNET_PROGRAM_run (argc, argv, "gnunet-gns-proxy", | 3181 | GNUNET_PROGRAM_run (argc, argv, "gnunet-gns-proxy", |
3280 | _("GNUnet GNS proxy"), | 3182 | _("GNUnet GNS proxy"), |
3281 | options, | 3183 | options, |
3282 | &run, NULL)) ? 0 : 1; | 3184 | &run, NULL)) ? 0 : 1; |
3283 | MHD_destroy_response (curl_failure_response); | 3185 | MHD_destroy_response (curl_failure_response); |
3284 | GNUNET_free_non_null ((char *) argv); | 3186 | GNUNET_free_non_null ((char *) argv); |
3285 | GNUNET_CRYPTO_ecdsa_key_clear (&local_shorten_zone); | 3187 | GNUNET_CRYPTO_ecdsa_key_clear (&local_shorten_zone); |