diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2012-06-11 13:49:41 +0000 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2012-06-11 13:49:41 +0000 |
commit | d986b854f3be2197018e24cff158795376867122 (patch) | |
tree | ecdfaef5ac9ca5017da3dbe4d9d895cee0a0135b /src/gns/gnunet-gns-proxy.c | |
parent | cf2c937c4b721637c75db4d727cb456f23705d92 (diff) | |
download | gnunet-d986b854f3be2197018e24cff158795376867122.tar.gz gnunet-d986b854f3be2197018e24cff158795376867122.zip |
-add connection limit
Diffstat (limited to 'src/gns/gnunet-gns-proxy.c')
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 53 |
1 files changed, 47 insertions, 6 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index f9e8c1119..4e523ac74 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -35,6 +35,7 @@ | |||
35 | #include <time.h> | 35 | #include <time.h> |
36 | 36 | ||
37 | #define GNUNET_GNS_PROXY_PORT 7777 | 37 | #define GNUNET_GNS_PROXY_PORT 7777 |
38 | #define MAX_MHD_CONNECTIONS 300 | ||
38 | 39 | ||
39 | #define MHD_UNIX_SOCK_FILE "mhd_unix_sock.sock" | 40 | #define MHD_UNIX_SOCK_FILE "mhd_unix_sock.sock" |
40 | 41 | ||
@@ -243,6 +244,9 @@ GNUNET_SCHEDULER_TaskIdentifier curl_download_task; | |||
243 | /* The non SSL httpd daemon handle */ | 244 | /* The non SSL httpd daemon handle */ |
244 | static struct MHD_Daemon *httpd; | 245 | static struct MHD_Daemon *httpd; |
245 | 246 | ||
247 | /* Number of current mhd connections */ | ||
248 | static unsigned int total_mhd_connections; | ||
249 | |||
246 | /* The cURL multi handle */ | 250 | /* The cURL multi handle */ |
247 | static CURLM *curl_multi; | 251 | static CURLM *curl_multi; |
248 | 252 | ||
@@ -562,6 +566,7 @@ mhd_content_cb (void *cls, | |||
562 | curl_multi_remove_handle (curl_multi, ctask->curl); | 566 | curl_multi_remove_handle (curl_multi, ctask->curl); |
563 | curl_easy_cleanup (ctask->curl); | 567 | curl_easy_cleanup (ctask->curl); |
564 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); | 568 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); |
569 | total_mhd_connections--; | ||
565 | return MHD_CONTENT_READER_END_OF_STREAM; | 570 | return MHD_CONTENT_READER_END_OF_STREAM; |
566 | } | 571 | } |
567 | 572 | ||
@@ -574,6 +579,7 @@ mhd_content_cb (void *cls, | |||
574 | curl_multi_remove_handle (curl_multi, ctask->curl); | 579 | curl_multi_remove_handle (curl_multi, ctask->curl); |
575 | curl_easy_cleanup (ctask->curl); | 580 | curl_easy_cleanup (ctask->curl); |
576 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); | 581 | GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd); |
582 | total_mhd_connections--; | ||
577 | return MHD_CONTENT_READER_END_WITH_ERROR; | 583 | return MHD_CONTENT_READER_END_WITH_ERROR; |
578 | } | 584 | } |
579 | 585 | ||
@@ -1684,6 +1690,8 @@ generate_gns_certificate (const char *name) | |||
1684 | 1690 | ||
1685 | key_buf_size = sizeof (pgc->key); | 1691 | key_buf_size = sizeof (pgc->key); |
1686 | cert_buf_size = sizeof (pgc->cert); | 1692 | cert_buf_size = sizeof (pgc->cert); |
1693 | |||
1694 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Exporting certificate...\n"); | ||
1687 | 1695 | ||
1688 | gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM, | 1696 | gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM, |
1689 | pgc->cert, &cert_buf_size); | 1697 | pgc->cert, &cert_buf_size); |
@@ -1692,6 +1700,7 @@ generate_gns_certificate (const char *name) | |||
1692 | pgc->key, &key_buf_size); | 1700 | pgc->key, &key_buf_size); |
1693 | 1701 | ||
1694 | 1702 | ||
1703 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n"); | ||
1695 | gnutls_x509_crt_deinit (request); | 1704 | gnutls_x509_crt_deinit (request); |
1696 | 1705 | ||
1697 | return pgc; | 1706 | return pgc; |
@@ -1699,6 +1708,35 @@ generate_gns_certificate (const char *name) | |||
1699 | } | 1708 | } |
1700 | 1709 | ||
1701 | 1710 | ||
1711 | /* | ||
1712 | * Accept policy for mhdaemons | ||
1713 | * | ||
1714 | * @param cls NULL | ||
1715 | * @param addr the sockaddr | ||
1716 | * @param addrlen the sockaddr length | ||
1717 | * @return MHD_NO if sockaddr is wrong or #conns too high | ||
1718 | */ | ||
1719 | static int | ||
1720 | accept_cb (void* cls, const struct sockaddr *addr, socklen_t addrlen) | ||
1721 | { | ||
1722 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1723 | "In MHD accept policy cb\n"); | ||
1724 | |||
1725 | if (addr != NULL) | ||
1726 | { | ||
1727 | if (addr->sa_family == AF_UNIX) | ||
1728 | return MHD_NO; | ||
1729 | } | ||
1730 | |||
1731 | if (total_mhd_connections >= MAX_MHD_CONNECTIONS) | ||
1732 | return MHD_NO; | ||
1733 | |||
1734 | total_mhd_connections++; | ||
1735 | |||
1736 | return MHD_YES; | ||
1737 | } | ||
1738 | |||
1739 | |||
1702 | /** | 1740 | /** |
1703 | * Adds a socket to an SSL MHD instance | 1741 | * Adds a socket to an SSL MHD instance |
1704 | * It is important the the domain name is | 1742 | * It is important the the domain name is |
@@ -1718,10 +1756,6 @@ add_handle_to_ssl_mhd (struct GNUNET_NETWORK_Handle *h, char* domain) | |||
1718 | 1756 | ||
1719 | if (NULL == hd) | 1757 | if (NULL == hd) |
1720 | { | 1758 | { |
1721 | /* Start new MHD */ | ||
1722 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1723 | "No previous SSL instance found... starting new one for %s\n", | ||
1724 | domain); | ||
1725 | 1759 | ||
1726 | pgc = generate_gns_certificate (domain); | 1760 | pgc = generate_gns_certificate (domain); |
1727 | 1761 | ||
@@ -1729,8 +1763,14 @@ add_handle_to_ssl_mhd (struct GNUNET_NETWORK_Handle *h, char* domain) | |||
1729 | hd->is_ssl = GNUNET_YES; | 1763 | hd->is_ssl = GNUNET_YES; |
1730 | strcpy (hd->domain, domain); | 1764 | strcpy (hd->domain, domain); |
1731 | hd->proxy_cert = pgc; | 1765 | hd->proxy_cert = pgc; |
1766 | |||
1767 | /* Start new MHD */ | ||
1768 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1769 | "No previous SSL instance found... starting new one for %s\n", | ||
1770 | domain); | ||
1771 | |||
1732 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL, 4444, | 1772 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL, 4444, |
1733 | NULL, NULL, | 1773 | &accept_cb, NULL, |
1734 | &create_response, hd, | 1774 | &create_response, hd, |
1735 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), | 1775 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), |
1736 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, | 1776 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, |
@@ -2318,6 +2358,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
2318 | 2358 | ||
2319 | mhd_httpd_head = NULL; | 2359 | mhd_httpd_head = NULL; |
2320 | mhd_httpd_tail = NULL; | 2360 | mhd_httpd_tail = NULL; |
2361 | total_mhd_connections = 0; | ||
2321 | 2362 | ||
2322 | mhd_unix_socket = GNUNET_NETWORK_socket_create (AF_UNIX, | 2363 | mhd_unix_socket = GNUNET_NETWORK_socket_create (AF_UNIX, |
2323 | SOCK_STREAM, | 2364 | SOCK_STREAM, |
@@ -2356,7 +2397,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
2356 | hd->is_ssl = GNUNET_NO; | 2397 | hd->is_ssl = GNUNET_NO; |
2357 | strcpy (hd->domain, ""); | 2398 | strcpy (hd->domain, ""); |
2358 | httpd = MHD_start_daemon (MHD_USE_DEBUG, 4444, //Dummy port | 2399 | httpd = MHD_start_daemon (MHD_USE_DEBUG, 4444, //Dummy port |
2359 | NULL, NULL, | 2400 | &accept_cb, NULL, |
2360 | &create_response, hd, | 2401 | &create_response, hd, |
2361 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), | 2402 | MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket), |
2362 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, | 2403 | MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128, |