diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-10-15 13:16:39 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-10-15 13:16:39 +0000 |
commit | 67b2f68562e6a0a3fdddd25c177f258630f49f2c (patch) | |
tree | b0774c41e5c383eca8aa4265aaea0dfd423c1db5 /src/gns/gnunet-gns-proxy.c | |
parent | 139f2f0447ae979085b23620b592130bafbaeef0 (diff) | |
download | gnunet-67b2f68562e6a0a3fdddd25c177f258630f49f2c.tar.gz gnunet-67b2f68562e6a0a3fdddd25c177f258630f49f2c.zip |
-updated libcurl API, do IPv4/IPv6 with separate sockets
Diffstat (limited to 'src/gns/gnunet-gns-proxy.c')
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 164 |
1 files changed, 116 insertions, 48 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index a28ab98dc..7265b9621 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -569,14 +569,24 @@ static unsigned long port = GNUNET_GNS_PROXY_PORT; | |||
569 | static char *cafile_opt; | 569 | static char *cafile_opt; |
570 | 570 | ||
571 | /** | 571 | /** |
572 | * The listen socket of the proxy | 572 | * The listen socket of the proxy for IPv4 |
573 | */ | 573 | */ |
574 | static struct GNUNET_NETWORK_Handle *lsock; | 574 | static struct GNUNET_NETWORK_Handle *lsock4; |
575 | 575 | ||
576 | /** | 576 | /** |
577 | * The listen task ID | 577 | * The listen socket of the proxy for IPv6 |
578 | */ | 578 | */ |
579 | static GNUNET_SCHEDULER_TaskIdentifier ltask; | 579 | static struct GNUNET_NETWORK_Handle *lsock6; |
580 | |||
581 | /** | ||
582 | * The listen task ID for IPv4 | ||
583 | */ | ||
584 | static GNUNET_SCHEDULER_TaskIdentifier ltask4; | ||
585 | |||
586 | /** | ||
587 | * The listen task ID for IPv6 | ||
588 | */ | ||
589 | static GNUNET_SCHEDULER_TaskIdentifier ltask6; | ||
580 | 590 | ||
581 | /** | 591 | /** |
582 | * The cURL download task (curl multi API). | 592 | * The cURL download task (curl multi API). |
@@ -791,41 +801,54 @@ static int | |||
791 | check_ssl_certificate (struct Socks5Request *s5r) | 801 | check_ssl_certificate (struct Socks5Request *s5r) |
792 | { | 802 | { |
793 | unsigned int i; | 803 | unsigned int i; |
794 | union { | 804 | struct curl_tlsinfo tlsinfo; |
795 | gnutls_session_t session; | ||
796 | struct curl_slist * to_slist; | ||
797 | } gptr; | ||
798 | unsigned int cert_list_size; | 805 | unsigned int cert_list_size; |
799 | const gnutls_datum_t *chainp; | 806 | const gnutls_datum_t *chainp; |
807 | union { | ||
808 | struct curl_tlsinfo *tlsinfo; | ||
809 | struct curl_slist *to_slist; | ||
810 | } gptr; | ||
800 | 811 | ||
801 | gptr.to_slist = NULL; | 812 | memset (&tlsinfo, 0, sizeof (tlsinfo)); |
813 | gptr.tlsinfo = &tlsinfo; | ||
802 | if (CURLE_OK != | 814 | if (CURLE_OK != |
803 | curl_easy_getinfo (s5r->curl, | 815 | curl_easy_getinfo (s5r->curl, |
804 | CURLINFO_GNUTLS_SESSION, | 816 | CURLINFO_TLS_SESSION, |
805 | &gptr)) | 817 | &gptr)) |
806 | return GNUNET_SYSERR; | 818 | return GNUNET_SYSERR; |
807 | 819 | if (CURLSSLBACKEND_GNUTLS != tlsinfo.ssl_backend) | |
808 | chainp = gnutls_certificate_get_peers(gptr.session, &cert_list_size); | 820 | { |
821 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
822 | _("Unsupported CURL SSL backend %d\n"), | ||
823 | tlsinfo.ssl_backend); | ||
824 | return GNUNET_SYSERR; | ||
825 | } | ||
826 | chainp = gnutls_certificate_get_peers (tlsinfo.internals, &cert_list_size); | ||
809 | if(!chainp) | 827 | if(!chainp) |
810 | return GNUNET_SYSERR; | 828 | return GNUNET_SYSERR; |
811 | 829 | ||
812 | for(i=0;i<cert_list_size;i++) { | 830 | for(i=0;i<cert_list_size;i++) |
831 | { | ||
813 | gnutls_x509_crt_t cert; | 832 | gnutls_x509_crt_t cert; |
814 | gnutls_datum_t dn; | 833 | gnutls_datum_t dn; |
815 | 834 | ||
816 | if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&cert)) { | 835 | if (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&cert)) |
817 | if((GNUTLS_E_SUCCESS == | 836 | { |
818 | gnutls_x509_crt_import (cert, &chainp[i], | 837 | if (GNUTLS_E_SUCCESS == |
819 | GNUTLS_X509_FMT_DER)) && | 838 | gnutls_x509_crt_import (cert, &chainp[i], |
820 | (GNUTLS_E_SUCCESS == | 839 | GNUTLS_X509_FMT_DER)) |
821 | gnutls_x509_crt_print (cert, | 840 | { |
822 | GNUTLS_CRT_PRINT_FULL, | 841 | if (GNUTLS_E_SUCCESS == |
823 | &dn))) { | 842 | gnutls_x509_crt_print (cert, |
824 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 843 | GNUTLS_CRT_PRINT_FULL, |
825 | "Certificate #%d: %.*s", i, dn.size, dn.data); | 844 | &dn)) |
826 | gnutls_free (dn.data); | 845 | { |
827 | gnutls_x509_crt_deinit (cert); | 846 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
847 | "Certificate #%d: %.*s", i, dn.size, dn.data); | ||
848 | gnutls_free (dn.data); | ||
849 | } | ||
828 | } | 850 | } |
851 | gnutls_x509_crt_deinit (cert); | ||
829 | } | 852 | } |
830 | } | 853 | } |
831 | return GNUNET_OK; | 854 | return GNUNET_OK; |
@@ -1273,7 +1296,7 @@ curl_task_download (void *cls, | |||
1273 | "Suspending cURL multi loop, no more events pending\n"); | 1296 | "Suspending cURL multi loop, no more events pending\n"); |
1274 | return; /* nothing more in progress */ | 1297 | return; /* nothing more in progress */ |
1275 | } | 1298 | } |
1276 | curl_download_prepare(); | 1299 | curl_download_prepare (); |
1277 | } | 1300 | } |
1278 | 1301 | ||
1279 | 1302 | ||
@@ -1838,6 +1861,8 @@ load_key_from_file (gnutls_x509_privkey_t key, | |||
1838 | int ret; | 1861 | int ret; |
1839 | 1862 | ||
1840 | key_data.data = load_file (keyfile, &key_data.size); | 1863 | key_data.data = load_file (keyfile, &key_data.size); |
1864 | if (NULL == key_data.data) | ||
1865 | return GNUNET_SYSERR; | ||
1841 | ret = gnutls_x509_privkey_import (key, &key_data, | 1866 | ret = gnutls_x509_privkey_import (key, &key_data, |
1842 | GNUTLS_X509_FMT_PEM); | 1867 | GNUTLS_X509_FMT_PEM); |
1843 | if (GNUTLS_E_SUCCESS != ret) | 1868 | if (GNUTLS_E_SUCCESS != ret) |
@@ -1866,6 +1891,8 @@ load_cert_from_file (gnutls_x509_crt_t crt, | |||
1866 | int ret; | 1891 | int ret; |
1867 | 1892 | ||
1868 | cert_data.data = load_file (certfile, &cert_data.size); | 1893 | cert_data.data = load_file (certfile, &cert_data.size); |
1894 | if (NULL == cert_data.data) | ||
1895 | return GNUNET_SYSERR; | ||
1869 | ret = gnutls_x509_crt_import (crt, &cert_data, | 1896 | ret = gnutls_x509_crt_import (crt, &cert_data, |
1870 | GNUTLS_X509_FMT_PEM); | 1897 | GNUTLS_X509_FMT_PEM); |
1871 | if (GNUTLS_E_SUCCESS != ret) | 1898 | if (GNUTLS_E_SUCCESS != ret) |
@@ -2495,22 +2522,31 @@ do_s5r_read (void *cls, | |||
2495 | /** | 2522 | /** |
2496 | * Accept new incoming connections | 2523 | * Accept new incoming connections |
2497 | * | 2524 | * |
2498 | * @param cls the closure | 2525 | * @param cls the closure with the lsock4 or lsock6 |
2499 | * @param tc the scheduler context | 2526 | * @param tc the scheduler context |
2500 | */ | 2527 | */ |
2501 | static void | 2528 | static void |
2502 | do_accept (void *cls, | 2529 | do_accept (void *cls, |
2503 | const struct GNUNET_SCHEDULER_TaskContext *tc) | 2530 | const struct GNUNET_SCHEDULER_TaskContext *tc) |
2504 | { | 2531 | { |
2532 | struct GNUNET_NETWORK_Handle *lsock = cls; | ||
2505 | struct GNUNET_NETWORK_Handle *s; | 2533 | struct GNUNET_NETWORK_Handle *s; |
2506 | struct Socks5Request *s5r; | 2534 | struct Socks5Request *s5r; |
2507 | 2535 | ||
2508 | ltask = GNUNET_SCHEDULER_NO_TASK; | 2536 | if (lsock == lsock4) |
2537 | ltask4 = GNUNET_SCHEDULER_NO_TASK; | ||
2538 | else | ||
2539 | ltask6 = GNUNET_SCHEDULER_NO_TASK; | ||
2509 | if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN)) | 2540 | if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN)) |
2510 | return; | 2541 | return; |
2511 | ltask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | 2542 | if (lsock == lsock4) |
2512 | lsock, | 2543 | ltask4 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, |
2513 | &do_accept, NULL); | 2544 | lsock, |
2545 | &do_accept, lsock); | ||
2546 | else | ||
2547 | ltask6 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
2548 | lsock, | ||
2549 | &do_accept, lsock); | ||
2514 | s = GNUNET_NETWORK_socket_accept (lsock, NULL, NULL); | 2550 | s = GNUNET_NETWORK_socket_accept (lsock, NULL, NULL); |
2515 | if (NULL == s) | 2551 | if (NULL == s) |
2516 | { | 2552 | { |
@@ -2550,10 +2586,15 @@ do_shutdown (void *cls, | |||
2550 | kill_httpd (mhd_httpd_head); | 2586 | kill_httpd (mhd_httpd_head); |
2551 | while (NULL != s5r_head) | 2587 | while (NULL != s5r_head) |
2552 | cleanup_s5r (s5r_head); | 2588 | cleanup_s5r (s5r_head); |
2553 | if (NULL != lsock) | 2589 | if (NULL != lsock4) |
2590 | { | ||
2591 | GNUNET_NETWORK_socket_close (lsock4); | ||
2592 | lsock4 = NULL; | ||
2593 | } | ||
2594 | if (NULL != lsock6) | ||
2554 | { | 2595 | { |
2555 | GNUNET_NETWORK_socket_close (lsock); | 2596 | GNUNET_NETWORK_socket_close (lsock6); |
2556 | lsock = NULL; | 2597 | lsock6 = NULL; |
2557 | } | 2598 | } |
2558 | if (NULL != id_op) | 2599 | if (NULL != id_op) |
2559 | { | 2600 | { |
@@ -2580,10 +2621,15 @@ do_shutdown (void *cls, | |||
2580 | GNUNET_SCHEDULER_cancel (curl_download_task); | 2621 | GNUNET_SCHEDULER_cancel (curl_download_task); |
2581 | curl_download_task = GNUNET_SCHEDULER_NO_TASK; | 2622 | curl_download_task = GNUNET_SCHEDULER_NO_TASK; |
2582 | } | 2623 | } |
2583 | if (GNUNET_SCHEDULER_NO_TASK != ltask) | 2624 | if (GNUNET_SCHEDULER_NO_TASK != ltask4) |
2584 | { | 2625 | { |
2585 | GNUNET_SCHEDULER_cancel (ltask); | 2626 | GNUNET_SCHEDULER_cancel (ltask4); |
2586 | ltask = GNUNET_SCHEDULER_NO_TASK; | 2627 | ltask4 = GNUNET_SCHEDULER_NO_TASK; |
2628 | } | ||
2629 | if (GNUNET_SCHEDULER_NO_TASK != ltask6) | ||
2630 | { | ||
2631 | GNUNET_SCHEDULER_cancel (ltask6); | ||
2632 | ltask6 = GNUNET_SCHEDULER_NO_TASK; | ||
2587 | } | 2633 | } |
2588 | gnutls_x509_crt_deinit (proxy_ca.cert); | 2634 | gnutls_x509_crt_deinit (proxy_ca.cert); |
2589 | gnutls_x509_privkey_deinit (proxy_ca.key); | 2635 | gnutls_x509_privkey_deinit (proxy_ca.key); |
@@ -2672,24 +2718,46 @@ run_cont () | |||
2672 | struct MhdHttpList *hd; | 2718 | struct MhdHttpList *hd; |
2673 | 2719 | ||
2674 | /* Open listen socket for socks proxy */ | 2720 | /* Open listen socket for socks proxy */ |
2675 | lsock = bind_v6 (); | 2721 | lsock6 = bind_v6 (); |
2676 | if (NULL == lsock) | 2722 | if (NULL == lsock6) |
2677 | lsock = bind_v4 (); | 2723 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "bind"); |
2678 | if (NULL == lsock) | 2724 | else |
2679 | { | 2725 | { |
2726 | if (GNUNET_OK != GNUNET_NETWORK_socket_listen (lsock6, 5)) | ||
2727 | { | ||
2728 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "listen"); | ||
2729 | GNUNET_NETWORK_socket_close (lsock6); | ||
2730 | lsock6 = NULL; | ||
2731 | } | ||
2732 | else | ||
2733 | { | ||
2734 | ltask6 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
2735 | lsock6, &do_accept, lsock6); | ||
2736 | } | ||
2737 | } | ||
2738 | lsock4 = bind_v4 (); | ||
2739 | if (NULL == lsock4) | ||
2680 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "bind"); | 2740 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "bind"); |
2681 | GNUNET_SCHEDULER_shutdown (); | 2741 | else |
2682 | return; | 2742 | { |
2743 | if (GNUNET_OK != GNUNET_NETWORK_socket_listen (lsock4, 5)) | ||
2744 | { | ||
2745 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "listen"); | ||
2746 | GNUNET_NETWORK_socket_close (lsock4); | ||
2747 | lsock4 = NULL; | ||
2748 | } | ||
2749 | else | ||
2750 | { | ||
2751 | ltask4 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
2752 | lsock4, &do_accept, lsock4); | ||
2753 | } | ||
2683 | } | 2754 | } |
2684 | if (GNUNET_OK != GNUNET_NETWORK_socket_listen (lsock, 5)) | 2755 | if ( (NULL == lsock4) && |
2756 | (NULL == lsock6) ) | ||
2685 | { | 2757 | { |
2686 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "listen"); | ||
2687 | GNUNET_SCHEDULER_shutdown (); | 2758 | GNUNET_SCHEDULER_shutdown (); |
2688 | return; | 2759 | return; |
2689 | } | 2760 | } |
2690 | ltask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
2691 | lsock, &do_accept, NULL); | ||
2692 | |||
2693 | if (0 != curl_global_init (CURL_GLOBAL_WIN32)) | 2761 | if (0 != curl_global_init (CURL_GLOBAL_WIN32)) |
2694 | { | 2762 | { |
2695 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2763 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |