diff options
| author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2012-06-11 13:49:41 +0000 |
|---|---|---|
| committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2012-06-11 13:49:41 +0000 |
| commit | d986b854f3be2197018e24cff158795376867122 (patch) | |
| tree | ecdfaef5ac9ca5017da3dbe4d9d895cee0a0135b /src/gns/gnunet-gns-proxy.c | |
| parent | cf2c937c4b721637c75db4d727cb456f23705d92 (diff) | |
| download | gnunet-d986b854f3be2197018e24cff158795376867122.tar.gz gnunet-d986b854f3be2197018e24cff158795376867122.zip | |
-add connection limit
Diffstat (limited to 'src/gns/gnunet-gns-proxy.c')
| -rw-r--r-- | src/gns/gnunet-gns-proxy.c | 53 |
1 files changed, 47 insertions, 6 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index f9e8c1119..4e523ac74 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
| @@ -35,6 +35,7 @@ | |||
| 35 | #include <time.h> | 35 | #include <time.h> |
| 36 | 36 | ||
| 37 | #define GNUNET_GNS_PROXY_PORT 7777 | 37 | #define GNUNET_GNS_PROXY_PORT 7777 |
| 38 | #define MAX_MHD_CONNECTIONS 300 | ||
| 38 | 39 | ||
| 39 | #define MHD_UNIX_SOCK_FILE "mhd_unix_sock.sock" | 40 | #define MHD_UNIX_SOCK_FILE "mhd_unix_sock.sock" |
| 40 | 41 | ||
| @@ -243,6 +244,9 @@ GNUNET_SCHEDULER_TaskIdentifier curl_download_task; | |||
| 243 | /* The non SSL httpd daemon handle */ | 244 | /* The non SSL httpd daemon handle */ |
| 244 | static struct MHD_Daemon *httpd; | 245 | static struct MHD_Daemon *httpd; |
| 245 | 246 | ||
| 247 | /* Number of current mhd connections */ | ||
| 248 | static unsigned int total_mhd_connections; | ||
| 249 | |||
| 246 | /* The cURL multi handle */ | 250 | /* The cURL multi handle */ |
| 247 | static CURLM *curl_multi; | 251 | static CURLM *curl_multi; |
| 248 | 252 | ||
| @@ -562,6 +566,7 @@ mhd_content_cb (void *cls, | |||
| 562 | curl_multi_remove_handle (curl_multi, ctask->curl); | 566 | curl_multi_remove_handle (curl_multi, ctask->curl); |
| 563 | curl_easy_cleanup (ctask->curl); | 567 | curl_easy_cleanup (ctask->curl); |
| 564 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); | 568 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); |
| 569 | total_mhd_connections--; | ||
| 565 | return MHD_CONTENT_READER_END_OF_STREAM; | 570 | return MHD_CONTENT_READER_END_OF_STREAM; |
| 566 | } | 571 | } |
| 567 | 572 | ||
| @@ -574,6 +579,7 @@ mhd_content_cb (void *cls, | |||
| 574 | curl_multi_remove_handle (curl_multi, ctask->curl); | 579 | curl_multi_remove_handle (curl_multi, ctask->curl); |
| 575 | curl_easy_cleanup (ctask->curl); | 580 | curl_easy_cleanup (ctask->curl); |
| 576 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); | 581 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); |
| 582 | total_mhd_connections--; | ||
| 577 | return MHD_CONTENT_READER_END_WITH_ERROR; | 583 | return MHD_CONTENT_READER_END_WITH_ERROR; |
| 578 | } | 584 | } |
| 579 | 585 | ||
| @@ -1684,6 +1690,8 @@ generate_gns_certificate (const char *name) | |||
| 1684 | 1690 | ||
| 1685 | key_buf_size = sizeof (pgc->key); | 1691 | key_buf_size = sizeof (pgc->key); |
| 1686 | cert_buf_size = sizeof (pgc->cert); | 1692 | cert_buf_size = sizeof (pgc->cert); |
| 1693 | |||
| 1694 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Exporting certificate...\n"); | ||
| 1687 | 1695 | ||
| 1688 | gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM, | 1696 | gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM, |
| 1689 | pgc->cert, &cert_buf_size); | 1697 | pgc->cert, &cert_buf_size); |
| @@ -1692,6 +1700,7 @@ generate_gns_certificate (const char *name) | |||
| 1692 | pgc->key, &key_buf_size); | 1700 | pgc->key, &key_buf_size); |
| 1693 | 1701 | ||
| 1694 | 1702 | ||
| 1703 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n"); | ||
| 1695 | gnutls_x509_crt_deinit (request); | 1704 | gnutls_x509_crt_deinit (request); |
| 1696 | 1705 | ||
| 1697 | return pgc; | 1706 | return pgc; |
| @@ -1699,6 +1708,35 @@ generate_gns_certificate (const char *name) | |||
| 1699 | } | 1708 | } |
| 1700 | 1709 | ||
| 1701 | 1710 | ||
| 1711 | /* | ||
| 1712 | * Accept policy for mhdaemons | ||
| 1713 | * | ||
| 1714 | * @param cls NULL | ||
| 1715 | * @param addr the sockaddr | ||
| 1716 | * @param addrlen the sockaddr length | ||
| 1717 | * @return MHD_NO if sockaddr is wrong or #conns too high | ||
| 1718 | */ | ||
| 1719 | static int | ||
| 1720 | accept_cb (void* cls, const struct sockaddr *addr, socklen_t addrlen) | ||
| 1721 | { | ||
| 1722 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1723 | "In MHD accept policy cb\n"); | ||
| 1724 | |||
| 1725 | if (addr != NULL) | ||
| 1726 | { | ||
| 1727 | if (addr->sa_family == AF_UNIX) | ||
| 1728 | return MHD_NO; | ||
| 1729 | } | ||
| 1730 | |||
| 1731 | if (total_mhd_connections >= MAX_MHD_CONNECTIONS) | ||
| 1732 | return MHD_NO; | ||
| 1733 | |||
| 1734 | total_mhd_connections++; | ||
| 1735 | |||
| 1736 | return MHD_YES; | ||
| 1737 | } | ||
| 1738 | |||
| 1739 | |||
| 1702 | /** | 1740 | /** |
| 1703 | * Adds a socket to an SSL MHD instance | 1741 | * Adds a socket to an SSL MHD instance |
| 1704 | * It is important the the domain name is | 1742 | * It is important the the domain name is |
| @@ -1718,10 +1756,6 @@ add_handle_to_ssl_mhd (struct GNUNET_NETWORK_Handle *h, char* domain) | |||
| 1718 | 1756 | ||
| 1719 | if (NULL == hd) | 1757 | if (NULL == hd) |
| 1720 | { | 1758 | { |
| 1721 | /* Start new MHD */ | ||
| 1722 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1723 | "No previous SSL instance found... starting new one for %s\n", | ||
| 1724 | domain); | ||
| 1725 | 1759 | ||
| 1726 | pgc = generate_gns_certificate (domain); | 1760 | pgc = generate_gns_certificate (domain); |
| 1727 | 1761 | ||
| @@ -1729,8 +1763,14 @@ add_handle_to_ssl_mhd (struct GNUNET_NETWORK_Handle *h, char* domain) | |||
| 1729 | hd->is_ssl = GNUNET_YES; | 1763 | hd->is_ssl = GNUNET_YES; |
| 1730 | strcpy (hd->domain, domain); | 1764 | strcpy (hd->domain, domain); |
| 1731 | hd->proxy_cert = pgc; | 1765 | hd->proxy_cert = pgc; |
| 1766 | |||
| 1767 | /* Start new MHD */ | ||
| 1768 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1769 | "No previous SSL instance found... starting new one for %s\n", | ||
| 1770 | domain); | ||
| 1771 | |||
| 1732 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL, 4444, | 1772 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL, 4444, |
| 1733 | NULL, NULL, | 1773 | &accept_cb, NULL, |
| 1734 | &create_response, hd, | 1774 | &create_response, hd, |
| 1735 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), | 1775 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), |
| 1736 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, | 1776 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, |
| @@ -2318,6 +2358,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
| 2318 | 2358 | ||
| 2319 | mhd_httpd_head = NULL; | 2359 | mhd_httpd_head = NULL; |
| 2320 | mhd_httpd_tail = NULL; | 2360 | mhd_httpd_tail = NULL; |
| 2361 | total_mhd_connections = 0; | ||
| 2321 | 2362 | ||
| 2322 | mhd_unix_socket = GNUNET_NETWORK_socket_create (AF_UNIX, | 2363 | mhd_unix_socket = GNUNET_NETWORK_socket_create (AF_UNIX, |
| 2323 | SOCK_STREAM, | 2364 | SOCK_STREAM, |
| @@ -2356,7 +2397,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
| 2356 | hd->is_ssl = GNUNET_NO; | 2397 | hd->is_ssl = GNUNET_NO; |
| 2357 | strcpy (hd->domain, ""); | 2398 | strcpy (hd->domain, ""); |
| 2358 | httpd = MHD_start_daemon (MHD_USE_DEBUG, 4444, //Dummy port | 2399 | httpd = MHD_start_daemon (MHD_USE_DEBUG, 4444, //Dummy port |
| 2359 | NULL, NULL, | 2400 | &accept_cb, NULL, |
| 2360 | &create_response, hd, | 2401 | &create_response, hd, |
| 2361 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), | 2402 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), |
| 2362 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, | 2403 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, |