diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-09-17 11:16:38 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-09-17 11:16:38 +0000 |
commit | e2bfb8f7ce648be8e3596ea0c7aa86f5c0fbff4d (patch) | |
tree | 5baa3ce35ca8caca64a84bf1207fe7e6e3738beb /src | |
parent | 684911088a8dc43d871bc05a718317afe69eb85a (diff) | |
download | gnunet-e2bfb8f7ce648be8e3596ea0c7aa86f5c0fbff4d.tar.gz gnunet-e2bfb8f7ce648be8e3596ea0c7aa86f5c0fbff4d.zip |
-more code cleanup
Diffstat (limited to 'src')
-rw-r--r-- | src/gns/Makefile.am | 2 | ||||
-rw-r--r-- | src/gns/gns_proxy_proto.h | 49 | ||||
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 131 |
3 files changed, 121 insertions, 61 deletions
diff --git a/src/gns/Makefile.am b/src/gns/Makefile.am index ed3d57e5e..81c7fed17 100644 --- a/src/gns/Makefile.am +++ b/src/gns/Makefile.am | |||
@@ -101,7 +101,7 @@ gnunet_dns2gns_DEPENDENCIES = \ | |||
101 | libgnunetgns.la | 101 | libgnunetgns.la |
102 | 102 | ||
103 | gnunet_gns_proxy_SOURCES = \ | 103 | gnunet_gns_proxy_SOURCES = \ |
104 | gnunet-gns-proxy.c gns_proxy_proto.h | 104 | gnunet-gns-proxy.c |
105 | gnunet_gns_proxy_LDADD = -lmicrohttpd -lcurl -lgnutls \ | 105 | gnunet_gns_proxy_LDADD = -lmicrohttpd -lcurl -lgnutls \ |
106 | $(top_builddir)/src/gns/libgnunetgns.la \ | 106 | $(top_builddir)/src/gns/libgnunetgns.la \ |
107 | $(top_builddir)/src/identity/libgnunetidentity.la \ | 107 | $(top_builddir)/src/identity/libgnunetidentity.la \ |
diff --git a/src/gns/gns_proxy_proto.h b/src/gns/gns_proxy_proto.h deleted file mode 100644 index ef30d5c03..000000000 --- a/src/gns/gns_proxy_proto.h +++ /dev/null | |||
@@ -1,49 +0,0 @@ | |||
1 | |||
2 | #define SOCKS_VERSION_5 0x05 | ||
3 | #define SOCKS_AUTH_NONE 0 | ||
4 | |||
5 | /* The socks phases */ | ||
6 | enum | ||
7 | { | ||
8 | SOCKS5_INIT, | ||
9 | SOCKS5_REQUEST, | ||
10 | SOCKS5_DATA_TRANSFER | ||
11 | }; | ||
12 | |||
13 | /* Client hello */ | ||
14 | struct socks5_client_hello | ||
15 | { | ||
16 | uint8_t version; | ||
17 | uint8_t num_auth_methods; | ||
18 | char* auth_methods; | ||
19 | }; | ||
20 | |||
21 | /* Client socks request */ | ||
22 | struct socks5_client_request | ||
23 | { | ||
24 | uint8_t version; | ||
25 | uint8_t command; | ||
26 | uint8_t resvd; | ||
27 | uint8_t addr_type; | ||
28 | /* | ||
29 | * followed by either an ip4/ipv6 address | ||
30 | * or a domain name with a length field in front | ||
31 | */ | ||
32 | }; | ||
33 | |||
34 | /* Server hello */ | ||
35 | struct socks5_server_hello | ||
36 | { | ||
37 | uint8_t version; | ||
38 | uint8_t auth_method; | ||
39 | }; | ||
40 | |||
41 | /* Server response to client requests */ | ||
42 | struct socks5_server_response | ||
43 | { | ||
44 | uint8_t version; | ||
45 | uint8_t reply; | ||
46 | uint8_t reserved; | ||
47 | uint8_t addr_type; | ||
48 | uint8_t add_port[18]; | ||
49 | }; | ||
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index 5e18d5da3..5d9463e6d 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -19,9 +19,17 @@ | |||
19 | */ | 19 | */ |
20 | /** | 20 | /** |
21 | * @author Martin Schanzenbach | 21 | * @author Martin Schanzenbach |
22 | * @author Christian Grothoff | ||
22 | * @file src/gns/gnunet-gns-proxy.c | 23 | * @file src/gns/gnunet-gns-proxy.c |
23 | * @brief HTTP(S) proxy that rewrites URIs and fakes certificats to make GNS work | 24 | * @brief HTTP(S) proxy that rewrites URIs and fakes certificats to make GNS work |
24 | * with legacy browsers | 25 | * with legacy browsers |
26 | * | ||
27 | * TODO: | ||
28 | * - make DNS lookup asynchronous | ||
29 | * - simplify POST/PUT processing | ||
30 | * - double-check queueing logic | ||
31 | * - figure out what to do with the 'authority' issue | ||
32 | * - document better | ||
25 | */ | 33 | */ |
26 | #include "platform.h" | 34 | #include "platform.h" |
27 | #include <microhttpd.h> | 35 | #include <microhttpd.h> |
@@ -34,23 +42,40 @@ | |||
34 | #include "gnunet_util_lib.h" | 42 | #include "gnunet_util_lib.h" |
35 | #include "gnunet_gns_service.h" | 43 | #include "gnunet_gns_service.h" |
36 | #include "gnunet_identity_service.h" | 44 | #include "gnunet_identity_service.h" |
37 | #include "gns_proxy_proto.h" | ||
38 | #include "gns.h" | 45 | #include "gns.h" |
39 | 46 | ||
40 | 47 | ||
48 | /** | ||
49 | * Default Socks5 listen port. | ||
50 | */ | ||
41 | #define GNUNET_GNS_PROXY_PORT 7777 | 51 | #define GNUNET_GNS_PROXY_PORT 7777 |
42 | 52 | ||
43 | #define MHD_MAX_CONNECTIONS 300 | 53 | #define MHD_MAX_CONNECTIONS 300 |
44 | 54 | ||
55 | /** | ||
56 | * Maximum supported length for a URI. | ||
57 | */ | ||
45 | #define MAX_HTTP_URI_LENGTH 2048 | 58 | #define MAX_HTTP_URI_LENGTH 2048 |
46 | 59 | ||
47 | #define POSTBUFFERSIZE 4096 | 60 | #define POSTBUFFERSIZE 4096 |
48 | 61 | ||
62 | /** | ||
63 | * Port for plaintext HTTP. | ||
64 | */ | ||
49 | #define HTTP_PORT 80 | 65 | #define HTTP_PORT 80 |
50 | 66 | ||
67 | /** | ||
68 | * Port for HTTPS. | ||
69 | */ | ||
51 | #define HTTPS_PORT 443 | 70 | #define HTTPS_PORT 443 |
52 | 71 | ||
53 | /** | 72 | /** |
73 | * Largest allowed size for a PEM certificate. | ||
74 | */ | ||
75 | #define MAX_PEM_SIZE (10 * 1024) | ||
76 | |||
77 | |||
78 | /** | ||
54 | * Log curl error. | 79 | * Log curl error. |
55 | * | 80 | * |
56 | * @param level log level | 81 | * @param level log level |
@@ -60,6 +85,43 @@ | |||
60 | #define LOG_CURL_EASY(level,fun,rc) GNUNET_log(level, _("%s failed at %s:%d: `%s'\n"), fun, __FILE__, __LINE__, curl_easy_strerror (rc)) | 85 | #define LOG_CURL_EASY(level,fun,rc) GNUNET_log(level, _("%s failed at %s:%d: `%s'\n"), fun, __FILE__, __LINE__, curl_easy_strerror (rc)) |
61 | 86 | ||
62 | 87 | ||
88 | /** | ||
89 | * Which SOCKS version do we speak? | ||
90 | */ | ||
91 | #define SOCKS_VERSION_5 0x05 | ||
92 | |||
93 | /** | ||
94 | * Flag to set for 'no authentication'. | ||
95 | */ | ||
96 | #define SOCKS_AUTH_NONE 0 | ||
97 | |||
98 | |||
99 | /** | ||
100 | * The socks phases | ||
101 | */ | ||
102 | enum SocksPhase | ||
103 | { | ||
104 | /** | ||
105 | * We're waiting to get the request. | ||
106 | */ | ||
107 | SOCKS5_INIT, | ||
108 | |||
109 | /** | ||
110 | * FIXME. | ||
111 | */ | ||
112 | SOCKS5_REQUEST, | ||
113 | |||
114 | /** | ||
115 | * FIXME. | ||
116 | */ | ||
117 | SOCKS5_DATA_TRANSFER | ||
118 | }; | ||
119 | |||
120 | |||
121 | |||
122 | /** | ||
123 | * State machine for the IO buffer. | ||
124 | */ | ||
63 | enum BufferStatus | 125 | enum BufferStatus |
64 | { | 126 | { |
65 | BUF_WAIT_FOR_CURL, | 127 | BUF_WAIT_FOR_CURL, |
@@ -67,7 +129,6 @@ enum BufferStatus | |||
67 | }; | 129 | }; |
68 | 130 | ||
69 | 131 | ||
70 | |||
71 | /** | 132 | /** |
72 | * A structure for CA cert/key | 133 | * A structure for CA cert/key |
73 | */ | 134 | */ |
@@ -84,17 +145,20 @@ struct ProxyCA | |||
84 | gnutls_x509_privkey_t key; | 145 | gnutls_x509_privkey_t key; |
85 | }; | 146 | }; |
86 | 147 | ||
87 | #define MAX_PEM_SIZE (10 * 1024) | ||
88 | 148 | ||
89 | /** | 149 | /** |
90 | * Structure for GNS certificates | 150 | * Structure for GNS certificates |
91 | */ | 151 | */ |
92 | struct ProxyGNSCertificate | 152 | struct ProxyGNSCertificate |
93 | { | 153 | { |
94 | /* The certificate as PEM */ | 154 | /** |
155 | * The certificate as PEM | ||
156 | */ | ||
95 | char cert[MAX_PEM_SIZE]; | 157 | char cert[MAX_PEM_SIZE]; |
96 | 158 | ||
97 | /* The private key as PEM */ | 159 | /** |
160 | * The private key as PEM | ||
161 | */ | ||
98 | char key[MAX_PEM_SIZE]; | 162 | char key[MAX_PEM_SIZE]; |
99 | }; | 163 | }; |
100 | 164 | ||
@@ -128,7 +192,7 @@ struct Socks5Request | |||
128 | /** | 192 | /** |
129 | * The socks state | 193 | * The socks state |
130 | */ | 194 | */ |
131 | int state; | 195 | enum SocksPhase state; |
132 | 196 | ||
133 | /** | 197 | /** |
134 | * Client socket read task | 198 | * Client socket read task |
@@ -329,13 +393,19 @@ struct ProxyCurlTask | |||
329 | /* Cookies to set */ | 393 | /* Cookies to set */ |
330 | struct ProxySetCookieHeader *set_cookies_tail; | 394 | struct ProxySetCookieHeader *set_cookies_tail; |
331 | 395 | ||
332 | /* The authority of the corresponding host (site of origin) */ | 396 | /** |
397 | * The authority of the corresponding host (site of origin) | ||
398 | */ | ||
333 | char authority[256]; | 399 | char authority[256]; |
334 | 400 | ||
335 | /* The hostname (Host header field) */ | 401 | /** |
402 | * The hostname (Host header field) | ||
403 | */ | ||
336 | char host[256]; | 404 | char host[256]; |
337 | 405 | ||
338 | /* The LEgacy HOstname (can be empty) */ | 406 | /** |
407 | * The LEgacy HOstname (can be empty) | ||
408 | */ | ||
339 | char leho[256]; | 409 | char leho[256]; |
340 | 410 | ||
341 | /** | 411 | /** |
@@ -452,6 +522,46 @@ struct ProxyUploadData | |||
452 | }; | 522 | }; |
453 | 523 | ||
454 | 524 | ||
525 | |||
526 | /* Client hello */ | ||
527 | struct socks5_client_hello | ||
528 | { | ||
529 | uint8_t version; | ||
530 | uint8_t num_auth_methods; | ||
531 | char* auth_methods; | ||
532 | }; | ||
533 | |||
534 | /* Client socks request */ | ||
535 | struct socks5_client_request | ||
536 | { | ||
537 | uint8_t version; | ||
538 | uint8_t command; | ||
539 | uint8_t resvd; | ||
540 | uint8_t addr_type; | ||
541 | /* | ||
542 | * followed by either an ip4/ipv6 address | ||
543 | * or a domain name with a length field in front | ||
544 | */ | ||
545 | }; | ||
546 | |||
547 | /* Server hello */ | ||
548 | struct socks5_server_hello | ||
549 | { | ||
550 | uint8_t version; | ||
551 | uint8_t auth_method; | ||
552 | }; | ||
553 | |||
554 | /* Server response to client requests */ | ||
555 | struct socks5_server_response | ||
556 | { | ||
557 | uint8_t version; | ||
558 | uint8_t reply; | ||
559 | uint8_t reserved; | ||
560 | uint8_t addr_type; | ||
561 | uint8_t add_port[18]; | ||
562 | }; | ||
563 | |||
564 | |||
455 | /** | 565 | /** |
456 | * The port the proxy is running on (default 7777) | 566 | * The port the proxy is running on (default 7777) |
457 | */ | 567 | */ |
@@ -2785,7 +2895,7 @@ do_shutdown (void *cls, | |||
2785 | GNUNET_free_non_null (hd->proxy_cert); | 2895 | GNUNET_free_non_null (hd->proxy_cert); |
2786 | GNUNET_free (hd); | 2896 | GNUNET_free (hd); |
2787 | } | 2897 | } |
2788 | for (ctask=ctasks_head; ctask != NULL; ctask=ctask_tmp) | 2898 | for (ctask=ctasks_head; NULL != ctask; ctask=ctask_tmp) |
2789 | { | 2899 | { |
2790 | ctask_tmp = ctask->next; | 2900 | ctask_tmp = ctask->next; |
2791 | if (NULL != ctask->curl) | 2901 | if (NULL != ctask->curl) |
@@ -2915,7 +3025,6 @@ run_cont () | |||
2915 | 3025 | ||
2916 | /* start MHD daemon for HTTP */ | 3026 | /* start MHD daemon for HTTP */ |
2917 | hd = GNUNET_new (struct MhdHttpList); | 3027 | hd = GNUNET_new (struct MhdHttpList); |
2918 | strcpy (hd->domain, ""); | ||
2919 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_NO_LISTEN_SOCKET, | 3028 | hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_NO_LISTEN_SOCKET, |
2920 | 0, | 3029 | 0, |
2921 | NULL, NULL, | 3030 | NULL, NULL, |