aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2015-09-10 14:43:46 +0000
committerMartin Schanzenbach <mschanzenbach@posteo.de>2015-09-10 14:43:46 +0000
commit2f9bbed9ec4a4e631e585e4d2facde5a326d928c (patch)
treef507e3113ad7c062d1c7e20804e7ef7588a7b40e /src
parent26cf681cd2fb59b62f8c6de139e00aa15eaf2ec3 (diff)
downloadgnunet-2f9bbed9ec4a4e631e585e4d2facde5a326d928c.tar.gz
gnunet-2f9bbed9ec4a4e631e585e4d2facde5a326d928c.zip
- update
Diffstat (limited to 'src')
-rw-r--r--src/gns/gnunet-gns-proxy.c1006
-rw-r--r--src/identity/Makefile.am13
-rw-r--r--src/include/gnunet_gnsrecord_lib.h12
3 files changed, 577 insertions, 454 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c
index 687b0cfb5..124fe806d 100644
--- a/src/gns/gnunet-gns-proxy.c
+++ b/src/gns/gnunet-gns-proxy.c
@@ -48,6 +48,8 @@
48#include "gns.h" 48#include "gns.h"
49 49
50 50
51#define GNUID_HTTP_HEADER_GNUID_RESPONSE "X-GNUid-Requested-Info"
52
51/** 53/**
52 * Default Socks5 listen port. 54 * Default Socks5 listen port.
53 */ 55 */
@@ -121,6 +123,10 @@
121 */ 123 */
122#define SOCKS_AUTH_NONE 0 124#define SOCKS_AUTH_NONE 0
123 125
126/**
127 * Enable GNUid functionality
128 */
129#define GNUID_ENABLED 1
124 130
125/** 131/**
126 * Commands in Socks5. 132 * Commands in Socks5.
@@ -533,6 +539,16 @@ struct Socks5Request
533 struct curl_slist *hosts; 539 struct curl_slist *hosts;
534 540
535 /** 541 /**
542 * Custom response headers
543 */
544 struct curl_slist *resp_headers;
545
546 /**
547 * GNUid redirect
548 */
549 char* redirect_gnuid;
550
551 /**
536 * HTTP response code to give to MHD for the response. 552 * HTTP response code to give to MHD for the response.
537 */ 553 */
538 unsigned int response_code; 554 unsigned int response_code;
@@ -723,9 +739,9 @@ cleanup_s5r (struct Socks5Request *s5r)
723 } 739 }
724 curl_slist_free_all (s5r->headers); 740 curl_slist_free_all (s5r->headers);
725 if (NULL != s5r->hosts) 741 if (NULL != s5r->hosts)
726 {
727 curl_slist_free_all (s5r->hosts); 742 curl_slist_free_all (s5r->hosts);
728 } 743 if (NULL != s5r->resp_headers)
744 curl_slist_free_all (s5r->resp_headers);
729 if ( (NULL != s5r->response) && 745 if ( (NULL != s5r->response) &&
730 (curl_failure_response != s5r->response) ) 746 (curl_failure_response != s5r->response) )
731 MHD_destroy_response (s5r->response); 747 MHD_destroy_response (s5r->response);
@@ -1131,6 +1147,8 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls)
1131 } 1147 }
1132 GNUNET_free (leho_host); 1148 GNUNET_free (leho_host);
1133 } 1149 }
1150
1151
1134 /* MHD does not allow certain characters in values, remove those */ 1152 /* MHD does not allow certain characters in values, remove those */
1135 if (NULL != (tok = strchr (hdr_val, '\n'))) 1153 if (NULL != (tok = strchr (hdr_val, '\n')))
1136 *tok = '\0'; 1154 *tok = '\0';
@@ -1138,6 +1156,27 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls)
1138 *tok = '\0'; 1156 *tok = '\0';
1139 if (NULL != (tok = strchr (hdr_val, '\t'))) 1157 if (NULL != (tok = strchr (hdr_val, '\t')))
1140 *tok = '\0'; 1158 *tok = '\0';
1159 if (GNUID_ENABLED)
1160 {
1161 if (0 == strcasecmp (GNUID_HTTP_HEADER_GNUID_RESPONSE, hdr_type))
1162 {
1163 char* redirect;
1164 GNUNET_asprintf (&redirect,
1165 "%s?requested_by=http://%s:%d%s&requested_infos=%s",
1166 "http://localhost:8000#/identities", //TODO read this from config
1167 s5r->domain,
1168 s5r->port,
1169 s5r->url,
1170 hdr_val);
1171
1172 s5r->response_code = MHD_HTTP_FOUND;
1173 GNUNET_break (MHD_YES == MHD_add_response_header (s5r->response,
1174 MHD_HTTP_HEADER_LOCATION,
1175 redirect));
1176 printf ("%s", redirect);
1177 GNUNET_free (redirect);
1178 }
1179 }
1141 if (0 != strlen (hdr_val)) 1180 if (0 != strlen (hdr_val))
1142 { 1181 {
1143 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1182 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -1460,6 +1499,37 @@ con_val_iter (void *cls,
1460 1499
1461 1500
1462/** 1501/**
1502 * Read HTTP request uri from the request.
1503 *
1504 * @param cls our `struct Socks5Request`
1505 * @param kind value kind
1506 * @param key field key
1507 * @param value field value
1508 * @return MHD_YES to continue to iterate
1509 */
1510static int
1511con_val_uri_iter (void *cls,
1512 enum MHD_ValueKind kind,
1513 const char *key,
1514 const char *value)
1515{
1516 struct Socks5Request *s5r = cls;
1517 char *hdr;
1518
1519 if (0 == strcasecmp ("gnuid_token", key))
1520 {
1521 GNUNET_asprintf (&hdr,
1522 "%s: Bearer %s",
1523 MHD_HTTP_HEADER_AUTHORIZATION,
1524 value);
1525 s5r->headers = curl_slist_append (s5r->headers,
1526 hdr);
1527 GNUNET_free (hdr);
1528 }
1529 return MHD_YES;
1530}
1531
1532/**
1463 * Main MHD callback for handling requests. 1533 * Main MHD callback for handling requests.
1464 * 1534 *
1465 * @param cls unused 1535 * @param cls unused
@@ -1495,6 +1565,7 @@ create_response (void *cls,
1495 struct Socks5Request *s5r = *con_cls; 1565 struct Socks5Request *s5r = *con_cls;
1496 char *curlurl; 1566 char *curlurl;
1497 char *curl_hosts; 1567 char *curl_hosts;
1568 char *curl_headers;
1498 char ipstring[INET6_ADDRSTRLEN]; 1569 char ipstring[INET6_ADDRSTRLEN];
1499 char ipaddr[INET6_ADDRSTRLEN + 2]; 1570 char ipaddr[INET6_ADDRSTRLEN + 2];
1500 const struct sockaddr *sa; 1571 const struct sockaddr *sa;
@@ -1515,47 +1586,47 @@ create_response (void *cls,
1515 sa = (const struct sockaddr *) &s5r->destination_address; 1586 sa = (const struct sockaddr *) &s5r->destination_address;
1516 switch (sa->sa_family) 1587 switch (sa->sa_family)
1517 { 1588 {
1518 case AF_INET: 1589 case AF_INET:
1519 s4 = (const struct sockaddr_in *) &s5r->destination_address; 1590 s4 = (const struct sockaddr_in *) &s5r->destination_address;
1520 if (NULL == inet_ntop (AF_INET, 1591 if (NULL == inet_ntop (AF_INET,
1521 &s4->sin_addr, 1592 &s4->sin_addr,
1522 ipstring, 1593 ipstring,
1523 sizeof (ipstring))) 1594 sizeof (ipstring)))
1524 { 1595 {
1525 GNUNET_break (0); 1596 GNUNET_break (0);
1526 return MHD_NO; 1597 return MHD_NO;
1527 } 1598 }
1528 GNUNET_snprintf (ipaddr, 1599 GNUNET_snprintf (ipaddr,
1529 sizeof (ipaddr), 1600 sizeof (ipaddr),
1530 "%s", 1601 "%s",
1531 ipstring); 1602 ipstring);
1532 port = ntohs (s4->sin_port); 1603 port = ntohs (s4->sin_port);
1533 break; 1604 break;
1534 case AF_INET6: 1605 case AF_INET6:
1535 s6 = (const struct sockaddr_in6 *) &s5r->destination_address; 1606 s6 = (const struct sockaddr_in6 *) &s5r->destination_address;
1536 if (NULL == inet_ntop (AF_INET6, 1607 if (NULL == inet_ntop (AF_INET6,
1537 &s6->sin6_addr, 1608 &s6->sin6_addr,
1538 ipstring, 1609 ipstring,
1539 sizeof (ipstring))) 1610 sizeof (ipstring)))
1540 { 1611 {
1541 GNUNET_break (0); 1612 GNUNET_break (0);
1542 return MHD_NO; 1613 return MHD_NO;
1543 } 1614 }
1544 GNUNET_snprintf (ipaddr, 1615 GNUNET_snprintf (ipaddr,
1545 sizeof (ipaddr), 1616 sizeof (ipaddr),
1546 "[%s]", 1617 "[%s]",
1547 ipstring); 1618 ipstring);
1548 port = ntohs (s6->sin6_port); 1619 port = ntohs (s6->sin6_port);
1549 break; 1620 break;
1550 default: 1621 default:
1551 GNUNET_break (0); 1622 GNUNET_break (0);
1552 return MHD_NO; 1623 return MHD_NO;
1553 } 1624 }
1554 s5r->curl = curl_easy_init (); 1625 s5r->curl = curl_easy_init ();
1555 if (NULL == s5r->curl) 1626 if (NULL == s5r->curl)
1556 return MHD_queue_response (con, 1627 return MHD_queue_response (con,
1557 MHD_HTTP_INTERNAL_SERVER_ERROR, 1628 MHD_HTTP_INTERNAL_SERVER_ERROR,
1558 curl_failure_response); 1629 curl_failure_response);
1559 curl_easy_setopt (s5r->curl, CURLOPT_HEADERFUNCTION, &curl_check_hdr); 1630 curl_easy_setopt (s5r->curl, CURLOPT_HEADERFUNCTION, &curl_check_hdr);
1560 curl_easy_setopt (s5r->curl, CURLOPT_HEADERDATA, s5r); 1631 curl_easy_setopt (s5r->curl, CURLOPT_HEADERDATA, s5r);
1561 curl_easy_setopt (s5r->curl, CURLOPT_FOLLOWLOCATION, 0); 1632 curl_easy_setopt (s5r->curl, CURLOPT_FOLLOWLOCATION, 0);
@@ -1568,6 +1639,7 @@ create_response (void *cls,
1568 curl_easy_setopt (s5r->curl, CURLOPT_NOSIGNAL, 1L); 1639 curl_easy_setopt (s5r->curl, CURLOPT_NOSIGNAL, 1L);
1569 curl_easy_setopt (s5r->curl, CURLOPT_PRIVATE, s5r); 1640 curl_easy_setopt (s5r->curl, CURLOPT_PRIVATE, s5r);
1570 curl_easy_setopt (s5r->curl, CURLOPT_VERBOSE, 0); 1641 curl_easy_setopt (s5r->curl, CURLOPT_VERBOSE, 0);
1642
1571 /** 1643 /**
1572 * Pre-populate cache to resolve Hostname. 1644 * Pre-populate cache to resolve Hostname.
1573 * This is necessary as the DNS name in the CURLOPT_URL is used 1645 * This is necessary as the DNS name in the CURLOPT_URL is used
@@ -1575,27 +1647,27 @@ create_response (void *cls,
1575 */ 1647 */
1576 if (NULL != s5r->leho) 1648 if (NULL != s5r->leho)
1577 { 1649 {
1578 GNUNET_asprintf (&curl_hosts, 1650 GNUNET_asprintf (&curl_hosts,
1579 "%s:%d:%s", 1651 "%s:%d:%s",
1580 s5r->leho, 1652 s5r->leho,
1581 port, 1653 port,
1582 ipaddr); 1654 ipaddr);
1583 s5r->hosts = curl_slist_append(NULL, curl_hosts); 1655 s5r->hosts = curl_slist_append(NULL, curl_hosts);
1584 curl_easy_setopt(s5r->curl, CURLOPT_RESOLVE, s5r->hosts); 1656 curl_easy_setopt(s5r->curl, CURLOPT_RESOLVE, s5r->hosts);
1585 GNUNET_free (curl_hosts); 1657 GNUNET_free (curl_hosts);
1586 } 1658 }
1587 GNUNET_asprintf (&curlurl, 1659 GNUNET_asprintf (&curlurl,
1588 (HTTPS_PORT != s5r->port) 1660 (HTTPS_PORT != s5r->port)
1589 ? "http://%s:%d%s" 1661 ? "http://%s:%d%s"
1590 : "https://%s:%d%s", 1662 : "https://%s:%d%s",
1591 (NULL != s5r->leho) 1663 (NULL != s5r->leho)
1592 ? s5r->leho 1664 ? s5r->leho
1593 : ipaddr, 1665 : ipaddr,
1594 port, 1666 port,
1595 s5r->url); 1667 s5r->url);
1596 curl_easy_setopt (s5r->curl, 1668 curl_easy_setopt (s5r->curl,
1597 CURLOPT_URL, 1669 CURLOPT_URL,
1598 curlurl); 1670 curlurl);
1599 GNUNET_free (curlurl); 1671 GNUNET_free (curlurl);
1600 1672
1601 if (0 == strcasecmp (meth, MHD_HTTP_METHOD_PUT)) 1673 if (0 == strcasecmp (meth, MHD_HTTP_METHOD_PUT))
@@ -1628,11 +1700,24 @@ create_response (void *cls,
1628 curl_easy_setopt (s5r->curl, CURLOPT_WRITEFUNCTION, &curl_download_cb); 1700 curl_easy_setopt (s5r->curl, CURLOPT_WRITEFUNCTION, &curl_download_cb);
1629 curl_easy_setopt (s5r->curl, CURLOPT_WRITEDATA, s5r); 1701 curl_easy_setopt (s5r->curl, CURLOPT_WRITEDATA, s5r);
1630 } 1702 }
1703 else if (0 == strcasecmp (meth, MHD_HTTP_METHOD_OPTIONS))
1704 {
1705 s5r->state = SOCKS5_SOCKET_DOWNLOAD_STARTED;
1706 curl_easy_setopt (s5r->curl, CURLOPT_CUSTOMREQUEST, "OPTIONS");
1707 curl_easy_setopt (s5r->curl, CURLOPT_WRITEFUNCTION, &curl_download_cb);
1708 curl_easy_setopt (s5r->curl, CURLOPT_WRITEDATA, s5r);
1709 GNUNET_asprintf (&curl_headers,
1710 "%s: %s",
1711 "Connection",
1712 "keep-alive");
1713 s5r->headers = curl_slist_append(s5r->headers, curl_headers);
1714 GNUNET_free (curl_headers);
1715 }
1631 else 1716 else
1632 { 1717 {
1633 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1718 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1634 _("Unsupported HTTP method `%s'\n"), 1719 _("Unsupported HTTP method `%s'\n"),
1635 meth); 1720 meth);
1636 curl_easy_cleanup (s5r->curl); 1721 curl_easy_cleanup (s5r->curl);
1637 s5r->curl = NULL; 1722 s5r->curl = NULL;
1638 return MHD_NO; 1723 return MHD_NO;
@@ -1656,7 +1741,7 @@ create_response (void *cls,
1656 curl_easy_setopt (s5r->curl, CURLOPT_USE_SSL, CURLUSESSL_ALL); 1741 curl_easy_setopt (s5r->curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
1657 curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYPEER, 1L); 1742 curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYPEER, 1L);
1658 /* Disable cURL checking the hostname, as we will check ourselves 1743 /* Disable cURL checking the hostname, as we will check ourselves
1659 as only we have the domain name or the LEHO or the DANE record */ 1744 as only we have the domain name or the LEHO or the DANE record */
1660 curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYHOST, 0L); 1745 curl_easy_setopt (s5r->curl, CURLOPT_SSL_VERIFYHOST, 0L);
1661 } 1746 }
1662 else 1747 else
@@ -1672,8 +1757,21 @@ create_response (void *cls,
1672 return MHD_NO; 1757 return MHD_NO;
1673 } 1758 }
1674 MHD_get_connection_values (con, 1759 MHD_get_connection_values (con,
1675 MHD_HEADER_KIND, 1760 MHD_HEADER_KIND,
1676 &con_val_iter, s5r); 1761 &con_val_iter, s5r);
1762 if (GNUID_ENABLED)
1763 {
1764 MHD_get_connection_values (con,
1765 MHD_GET_ARGUMENT_KIND,
1766 &con_val_uri_iter, s5r);
1767 GNUNET_asprintf (&curl_headers,
1768 "%s: %s",
1769 "X-GNUid-Available",
1770 "YES");
1771 s5r->headers = curl_slist_append(s5r->headers, curl_headers);
1772 GNUNET_free (curl_headers);
1773 }
1774
1677 curl_easy_setopt (s5r->curl, CURLOPT_HTTPHEADER, s5r->headers); 1775 curl_easy_setopt (s5r->curl, CURLOPT_HTTPHEADER, s5r->headers);
1678 curl_download_prepare (); 1776 curl_download_prepare ();
1679 return MHD_YES; 1777 return MHD_YES;
@@ -1683,10 +1781,10 @@ create_response (void *cls,
1683 if (0 != *upload_data_size) 1781 if (0 != *upload_data_size)
1684 { 1782 {
1685 left = GNUNET_MIN (*upload_data_size, 1783 left = GNUNET_MIN (*upload_data_size,
1686 sizeof (s5r->io_buf) - s5r->io_len); 1784 sizeof (s5r->io_buf) - s5r->io_len);
1687 memcpy (&s5r->io_buf[s5r->io_len], 1785 memcpy (&s5r->io_buf[s5r->io_len],
1688 upload_data, 1786 upload_data,
1689 left); 1787 left);
1690 s5r->io_len += left; 1788 s5r->io_len += left;
1691 *upload_data_size -= left; 1789 *upload_data_size -= left;
1692 GNUNET_assert (NULL != s5r->curl); 1790 GNUNET_assert (NULL != s5r->curl);
@@ -1697,16 +1795,16 @@ create_response (void *cls,
1697 if (SOCKS5_SOCKET_UPLOAD_STARTED == s5r->state) 1795 if (SOCKS5_SOCKET_UPLOAD_STARTED == s5r->state)
1698 { 1796 {
1699 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1797 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1700 "Finished processing UPLOAD\n"); 1798 "Finished processing UPLOAD\n");
1701 s5r->state = SOCKS5_SOCKET_UPLOAD_DONE; 1799 s5r->state = SOCKS5_SOCKET_UPLOAD_DONE;
1702 } 1800 }
1703 if (NULL == s5r->response) 1801 if (NULL == s5r->response)
1704 return MHD_YES; /* too early to queue response, did not yet get headers from cURL */ 1802 return MHD_YES; /* too early to queue response, did not yet get headers from cURL */
1705 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1803 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1706 "Queueing response with MHD\n"); 1804 "Queueing response with MHD\n");
1707 return MHD_queue_response (con, 1805 return MHD_queue_response (con,
1708 s5r->response_code, 1806 s5r->response_code,
1709 s5r->response); 1807 s5r->response);
1710} 1808}
1711 1809
1712 1810
@@ -1724,9 +1822,9 @@ create_response (void *cls,
1724 */ 1822 */
1725static void 1823static void
1726mhd_completed_cb (void *cls, 1824mhd_completed_cb (void *cls,
1727 struct MHD_Connection *connection, 1825 struct MHD_Connection *connection,
1728 void **con_cls, 1826 void **con_cls,
1729 enum MHD_RequestTerminationCode toe) 1827 enum MHD_RequestTerminationCode toe)
1730{ 1828{
1731 struct Socks5Request *s5r = *con_cls; 1829 struct Socks5Request *s5r = *con_cls;
1732 1830
@@ -1734,8 +1832,8 @@ mhd_completed_cb (void *cls,
1734 return; 1832 return;
1735 if (MHD_REQUEST_TERMINATED_COMPLETED_OK != toe) 1833 if (MHD_REQUEST_TERMINATED_COMPLETED_OK != toe)
1736 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1834 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1737 "MHD encountered error handling request: %d\n", 1835 "MHD encountered error handling request: %d\n",
1738 toe); 1836 toe);
1739 cleanup_s5r (s5r); 1837 cleanup_s5r (s5r);
1740 curl_download_prepare(); 1838 curl_download_prepare();
1741 *con_cls = NULL; 1839 *con_cls = NULL;
@@ -1757,15 +1855,15 @@ mhd_completed_cb (void *cls,
1757 */ 1855 */
1758static void * 1856static void *
1759mhd_log_callback (void *cls, 1857mhd_log_callback (void *cls,
1760 const char *url, 1858 const char *url,
1761 struct MHD_Connection *connection) 1859 struct MHD_Connection *connection)
1762{ 1860{
1763 struct Socks5Request *s5r; 1861 struct Socks5Request *s5r;
1764 const union MHD_ConnectionInfo *ci; 1862 const union MHD_ConnectionInfo *ci;
1765 int sock; 1863 int sock;
1766 1864
1767 ci = MHD_get_connection_info (connection, 1865 ci = MHD_get_connection_info (connection,
1768 MHD_CONNECTION_INFO_CONNECTION_FD); 1866 MHD_CONNECTION_INFO_CONNECTION_FD);
1769 if (NULL == ci) 1867 if (NULL == ci)
1770 { 1868 {
1771 GNUNET_break (0); 1869 GNUNET_break (0);
@@ -1778,8 +1876,8 @@ mhd_log_callback (void *cls,
1778 { 1876 {
1779 if (NULL != s5r->url) 1877 if (NULL != s5r->url)
1780 { 1878 {
1781 GNUNET_break (0); 1879 GNUNET_break (0);
1782 return NULL; 1880 return NULL;
1783 } 1881 }
1784 s5r->url = GNUNET_strdup (url); 1882 s5r->url = GNUNET_strdup (url);
1785 GNUNET_SCHEDULER_cancel (s5r->timeout_task); 1883 GNUNET_SCHEDULER_cancel (s5r->timeout_task);
@@ -1801,8 +1899,8 @@ static void
1801kill_httpd (struct MhdHttpList *hd) 1899kill_httpd (struct MhdHttpList *hd)
1802{ 1900{
1803 GNUNET_CONTAINER_DLL_remove (mhd_httpd_head, 1901 GNUNET_CONTAINER_DLL_remove (mhd_httpd_head,
1804 mhd_httpd_tail, 1902 mhd_httpd_tail,
1805 hd); 1903 hd);
1806 GNUNET_free_non_null (hd->domain); 1904 GNUNET_free_non_null (hd->domain);
1807 MHD_stop_daemon (hd->daemon); 1905 MHD_stop_daemon (hd->daemon);
1808 if (NULL != hd->httpd_task) 1906 if (NULL != hd->httpd_task)
@@ -1825,7 +1923,7 @@ kill_httpd (struct MhdHttpList *hd)
1825 */ 1923 */
1826static void 1924static void
1827kill_httpd_task (void *cls, 1925kill_httpd_task (void *cls,
1828 const struct GNUNET_SCHEDULER_TaskContext *tc) 1926 const struct GNUNET_SCHEDULER_TaskContext *tc)
1829{ 1927{
1830 struct MhdHttpList *hd = cls; 1928 struct MhdHttpList *hd = cls;
1831 1929
@@ -1899,15 +1997,15 @@ schedule_httpd (struct MhdHttpList *hd)
1899 { 1997 {
1900 /* daemon is idle, kill after timeout */ 1998 /* daemon is idle, kill after timeout */
1901 hd->httpd_task = GNUNET_SCHEDULER_add_delayed (MHD_CACHE_TIMEOUT, 1999 hd->httpd_task = GNUNET_SCHEDULER_add_delayed (MHD_CACHE_TIMEOUT,
1902 &kill_httpd_task, 2000 &kill_httpd_task,
1903 hd); 2001 hd);
1904 } 2002 }
1905 else 2003 else
1906 { 2004 {
1907 hd->httpd_task = 2005 hd->httpd_task =
1908 GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, 2006 GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
1909 tv, wrs, wws, 2007 tv, wrs, wws,
1910 &do_httpd, hd); 2008 &do_httpd, hd);
1911 } 2009 }
1912 if (NULL != wrs) 2010 if (NULL != wrs)
1913 GNUNET_NETWORK_fdset_destroy (wrs); 2011 GNUNET_NETWORK_fdset_destroy (wrs);
@@ -1946,7 +2044,7 @@ run_mhd_now (struct MhdHttpList *hd)
1946 hd->httpd_task) 2044 hd->httpd_task)
1947 GNUNET_SCHEDULER_cancel (hd->httpd_task); 2045 GNUNET_SCHEDULER_cancel (hd->httpd_task);
1948 hd->httpd_task = GNUNET_SCHEDULER_add_now (&do_httpd, 2046 hd->httpd_task = GNUNET_SCHEDULER_add_now (&do_httpd,
1949 hd); 2047 hd);
1950} 2048}
1951 2049
1952 2050
@@ -1959,14 +2057,14 @@ run_mhd_now (struct MhdHttpList *hd)
1959 */ 2057 */
1960static void* 2058static void*
1961load_file (const char* filename, 2059load_file (const char* filename,
1962 unsigned int* size) 2060 unsigned int* size)
1963{ 2061{
1964 void *buffer; 2062 void *buffer;
1965 uint64_t fsize; 2063 uint64_t fsize;
1966 2064
1967 if (GNUNET_OK != 2065 if (GNUNET_OK !=
1968 GNUNET_DISK_file_size (filename, &fsize, 2066 GNUNET_DISK_file_size (filename, &fsize,
1969 GNUNET_YES, GNUNET_YES)) 2067 GNUNET_YES, GNUNET_YES))
1970 return NULL; 2068 return NULL;
1971 if (fsize > MAX_PEM_SIZE) 2069 if (fsize > MAX_PEM_SIZE)
1972 return NULL; 2070 return NULL;
@@ -1990,7 +2088,7 @@ load_file (const char* filename,
1990 */ 2088 */
1991static int 2089static int
1992load_key_from_file (gnutls_x509_privkey_t key, 2090load_key_from_file (gnutls_x509_privkey_t key,
1993 const char* keyfile) 2091 const char* keyfile)
1994{ 2092{
1995 gnutls_datum_t key_data; 2093 gnutls_datum_t key_data;
1996 int ret; 2094 int ret;
@@ -2004,7 +2102,7 @@ load_key_from_file (gnutls_x509_privkey_t key,
2004 { 2102 {
2005 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2103 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2006 _("Unable to import private key from file `%s'\n"), 2104 _("Unable to import private key from file `%s'\n"),
2007 keyfile); 2105 keyfile);
2008 } 2106 }
2009 GNUNET_free_non_null (key_data.data); 2107 GNUNET_free_non_null (key_data.data);
2010 return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK; 2108 return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK;
@@ -2020,7 +2118,7 @@ load_key_from_file (gnutls_x509_privkey_t key,
2020 */ 2118 */
2021static int 2119static int
2022load_cert_from_file (gnutls_x509_crt_t crt, 2120load_cert_from_file (gnutls_x509_crt_t crt,
2023 const char* certfile) 2121 const char* certfile)
2024{ 2122{
2025 gnutls_datum_t cert_data; 2123 gnutls_datum_t cert_data;
2026 int ret; 2124 int ret;
@@ -2033,7 +2131,7 @@ load_cert_from_file (gnutls_x509_crt_t crt,
2033 if (GNUTLS_E_SUCCESS != ret) 2131 if (GNUTLS_E_SUCCESS != ret)
2034 { 2132 {
2035 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2133 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2036 _("Unable to import certificate %s\n"), certfile); 2134 _("Unable to import certificate %s\n"), certfile);
2037 } 2135 }
2038 GNUNET_free_non_null (cert_data.data); 2136 GNUNET_free_non_null (cert_data.data);
2039 return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK; 2137 return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK;
@@ -2058,8 +2156,8 @@ generate_gns_certificate (const char *name)
2058 struct ProxyGNSCertificate *pgc; 2156 struct ProxyGNSCertificate *pgc;
2059 2157
2060 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2158 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2061 "Generating TLS/SSL certificate for `%s'\n", 2159 "Generating TLS/SSL certificate for `%s'\n",
2062 name); 2160 name);
2063 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&request)); 2161 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&request));
2064 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_key (request, proxy_ca.key)); 2162 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_key (request, proxy_ca.key));
2065 pgc = GNUNET_new (struct ProxyGNSCertificate); 2163 pgc = GNUNET_new (struct ProxyGNSCertificate);
@@ -2072,25 +2170,25 @@ generate_gns_certificate (const char *name)
2072 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_version (request, 3)); 2170 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_version (request, 3));
2073 gnutls_rnd (GNUTLS_RND_NONCE, &serial, sizeof (serial)); 2171 gnutls_rnd (GNUTLS_RND_NONCE, &serial, sizeof (serial));
2074 gnutls_x509_crt_set_serial (request, 2172 gnutls_x509_crt_set_serial (request,
2075 &serial, 2173 &serial,
2076 sizeof (serial)); 2174 sizeof (serial));
2077 etime = time (NULL); 2175 etime = time (NULL);
2078 tm_data = localtime (&etime); 2176 tm_data = localtime (&etime);
2079 gnutls_x509_crt_set_activation_time (request, 2177 gnutls_x509_crt_set_activation_time (request,
2080 etime); 2178 etime);
2081 tm_data->tm_year++; 2179 tm_data->tm_year++;
2082 etime = mktime (tm_data); 2180 etime = mktime (tm_data);
2083 gnutls_x509_crt_set_expiration_time (request, 2181 gnutls_x509_crt_set_expiration_time (request,
2084 etime); 2182 etime);
2085 gnutls_x509_crt_sign (request, 2183 gnutls_x509_crt_sign (request,
2086 proxy_ca.cert, 2184 proxy_ca.cert,
2087 proxy_ca.key); 2185 proxy_ca.key);
2088 key_buf_size = sizeof (pgc->key); 2186 key_buf_size = sizeof (pgc->key);
2089 cert_buf_size = sizeof (pgc->cert); 2187 cert_buf_size = sizeof (pgc->cert);
2090 gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM, 2188 gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM,
2091 pgc->cert, &cert_buf_size); 2189 pgc->cert, &cert_buf_size);
2092 gnutls_x509_privkey_export (proxy_ca.key, GNUTLS_X509_FMT_PEM, 2190 gnutls_x509_privkey_export (proxy_ca.key, GNUTLS_X509_FMT_PEM,
2093 pgc->key, &key_buf_size); 2191 pgc->key, &key_buf_size);
2094 gnutls_x509_crt_deinit (request); 2192 gnutls_x509_crt_deinit (request);
2095 return pgc; 2193 return pgc;
2096} 2194}
@@ -2131,27 +2229,27 @@ lookup_ssl_httpd (const char* domain)
2131 } 2229 }
2132 for (hd = mhd_httpd_head; NULL != hd; hd = hd->next) 2230 for (hd = mhd_httpd_head; NULL != hd; hd = hd->next)
2133 if ( (NULL != hd->domain) && 2231 if ( (NULL != hd->domain) &&
2134 (0 == strcmp (hd->domain, domain)) ) 2232 (0 == strcmp (hd->domain, domain)) )
2135 return hd; 2233 return hd;
2136 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2234 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2137 "Starting fresh MHD HTTPS instance for domain `%s'\n", 2235 "Starting fresh MHD HTTPS instance for domain `%s'\n",
2138 domain); 2236 domain);
2139 pgc = generate_gns_certificate (domain); 2237 pgc = generate_gns_certificate (domain);
2140 hd = GNUNET_new (struct MhdHttpList); 2238 hd = GNUNET_new (struct MhdHttpList);
2141 hd->is_ssl = GNUNET_YES; 2239 hd->is_ssl = GNUNET_YES;
2142 hd->domain = GNUNET_strdup (domain); 2240 hd->domain = GNUNET_strdup (domain);
2143 hd->proxy_cert = pgc; 2241 hd->proxy_cert = pgc;
2144 hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL | MHD_USE_NO_LISTEN_SOCKET, 2242 hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL | MHD_USE_NO_LISTEN_SOCKET,
2145 0, 2243 0,
2146 NULL, NULL, 2244 NULL, NULL,
2147 &create_response, hd, 2245 &create_response, hd,
2148 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16, 2246 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16,
2149 MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL, 2247 MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL,
2150 MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL, 2248 MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL,
2151 MHD_OPTION_EXTERNAL_LOGGER, &mhd_error_log_callback, NULL, 2249 MHD_OPTION_EXTERNAL_LOGGER, &mhd_error_log_callback, NULL,
2152 MHD_OPTION_HTTPS_MEM_KEY, pgc->key, 2250 MHD_OPTION_HTTPS_MEM_KEY, pgc->key,
2153 MHD_OPTION_HTTPS_MEM_CERT, pgc->cert, 2251 MHD_OPTION_HTTPS_MEM_CERT, pgc->cert,
2154 MHD_OPTION_END); 2252 MHD_OPTION_END);
2155 if (NULL == hd->daemon) 2253 if (NULL == hd->daemon)
2156 { 2254 {
2157 GNUNET_free (pgc); 2255 GNUNET_free (pgc);
@@ -2159,8 +2257,8 @@ lookup_ssl_httpd (const char* domain)
2159 return NULL; 2257 return NULL;
2160 } 2258 }
2161 GNUNET_CONTAINER_DLL_insert (mhd_httpd_head, 2259 GNUNET_CONTAINER_DLL_insert (mhd_httpd_head,
2162 mhd_httpd_tail, 2260 mhd_httpd_tail,
2163 hd); 2261 hd);
2164 return hd; 2262 return hd;
2165} 2263}
2166 2264
@@ -2175,7 +2273,7 @@ lookup_ssl_httpd (const char* domain)
2175 */ 2273 */
2176static void 2274static void
2177timeout_s5r_handshake (void *cls, 2275timeout_s5r_handshake (void *cls,
2178 const struct GNUNET_SCHEDULER_TaskContext *tc) 2276 const struct GNUNET_SCHEDULER_TaskContext *tc)
2179{ 2277{
2180 struct Socks5Request *s5r = cls; 2278 struct Socks5Request *s5r = cls;
2181 2279
@@ -2202,22 +2300,22 @@ setup_data_transfer (struct Socks5Request *s5r)
2202 2300
2203 switch (s5r->port) 2301 switch (s5r->port)
2204 { 2302 {
2205 case HTTPS_PORT: 2303 case HTTPS_PORT:
2206 hd = lookup_ssl_httpd (s5r->domain); 2304 hd = lookup_ssl_httpd (s5r->domain);
2207 if (NULL == hd) 2305 if (NULL == hd)
2208 { 2306 {
2209 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2307 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2210 _("Failed to start HTTPS server for `%s'\n"), 2308 _("Failed to start HTTPS server for `%s'\n"),
2211 s5r->domain); 2309 s5r->domain);
2212 cleanup_s5r (s5r); 2310 cleanup_s5r (s5r);
2213 return; 2311 return;
2214 } 2312 }
2215 break; 2313 break;
2216 case HTTP_PORT: 2314 case HTTP_PORT:
2217 default: 2315 default:
2218 GNUNET_assert (NULL != httpd); 2316 GNUNET_assert (NULL != httpd);
2219 hd = httpd; 2317 hd = httpd;
2220 break; 2318 break;
2221 } 2319 }
2222 fd = GNUNET_NETWORK_get_fd (s5r->sock); 2320 fd = GNUNET_NETWORK_get_fd (s5r->sock);
2223 addr = GNUNET_NETWORK_get_addr (s5r->sock); 2321 addr = GNUNET_NETWORK_get_addr (s5r->sock);
@@ -2226,15 +2324,15 @@ setup_data_transfer (struct Socks5Request *s5r)
2226 if (MHD_YES != MHD_add_connection (hd->daemon, fd, addr, len)) 2324 if (MHD_YES != MHD_add_connection (hd->daemon, fd, addr, len))
2227 { 2325 {
2228 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 2326 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2229 _("Failed to pass client to MHD\n")); 2327 _("Failed to pass client to MHD\n"));
2230 cleanup_s5r (s5r); 2328 cleanup_s5r (s5r);
2231 return; 2329 return;
2232 } 2330 }
2233 s5r->hd = hd; 2331 s5r->hd = hd;
2234 schedule_httpd (hd); 2332 schedule_httpd (hd);
2235 s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT, 2333 s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT,
2236 &timeout_s5r_handshake, 2334 &timeout_s5r_handshake,
2237 s5r); 2335 s5r);
2238} 2336}
2239 2337
2240 2338
@@ -2249,15 +2347,15 @@ setup_data_transfer (struct Socks5Request *s5r)
2249 */ 2347 */
2250static void 2348static void
2251do_write (void *cls, 2349do_write (void *cls,
2252 const struct GNUNET_SCHEDULER_TaskContext *tc) 2350 const struct GNUNET_SCHEDULER_TaskContext *tc)
2253{ 2351{
2254 struct Socks5Request *s5r = cls; 2352 struct Socks5Request *s5r = cls;
2255 ssize_t len; 2353 ssize_t len;
2256 2354
2257 s5r->wtask = NULL; 2355 s5r->wtask = NULL;
2258 len = GNUNET_NETWORK_socket_send (s5r->sock, 2356 len = GNUNET_NETWORK_socket_send (s5r->sock,
2259 s5r->wbuf, 2357 s5r->wbuf,
2260 s5r->wbuf_len); 2358 s5r->wbuf_len);
2261 if (len <= 0) 2359 if (len <= 0)
2262 { 2360 {
2263 /* write error: connection closed, shutdown, etc.; just clean up */ 2361 /* write error: connection closed, shutdown, etc.; just clean up */
@@ -2265,16 +2363,16 @@ do_write (void *cls,
2265 return; 2363 return;
2266 } 2364 }
2267 memmove (s5r->wbuf, 2365 memmove (s5r->wbuf,
2268 &s5r->wbuf[len], 2366 &s5r->wbuf[len],
2269 s5r->wbuf_len - len); 2367 s5r->wbuf_len - len);
2270 s5r->wbuf_len -= len; 2368 s5r->wbuf_len -= len;
2271 if (s5r->wbuf_len > 0) 2369 if (s5r->wbuf_len > 0)
2272 { 2370 {
2273 /* not done writing */ 2371 /* not done writing */
2274 s5r->wtask = 2372 s5r->wtask =
2275 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, 2373 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2276 s5r->sock, 2374 s5r->sock,
2277 &do_write, s5r); 2375 &do_write, s5r);
2278 return; 2376 return;
2279 } 2377 }
2280 2378
@@ -2282,21 +2380,21 @@ do_write (void *cls,
2282 2380
2283 switch (s5r->state) 2381 switch (s5r->state)
2284 { 2382 {
2285 case SOCKS5_INIT: 2383 case SOCKS5_INIT:
2286 GNUNET_assert (0); 2384 GNUNET_assert (0);
2287 break; 2385 break;
2288 case SOCKS5_REQUEST: 2386 case SOCKS5_REQUEST:
2289 GNUNET_assert (NULL != s5r->rtask); 2387 GNUNET_assert (NULL != s5r->rtask);
2290 break; 2388 break;
2291 case SOCKS5_DATA_TRANSFER: 2389 case SOCKS5_DATA_TRANSFER:
2292 setup_data_transfer (s5r); 2390 setup_data_transfer (s5r);
2293 return; 2391 return;
2294 case SOCKS5_WRITE_THEN_CLEANUP: 2392 case SOCKS5_WRITE_THEN_CLEANUP:
2295 cleanup_s5r (s5r); 2393 cleanup_s5r (s5r);
2296 return; 2394 return;
2297 default: 2395 default:
2298 GNUNET_break (0); 2396 GNUNET_break (0);
2299 break; 2397 break;
2300 } 2398 }
2301} 2399}
2302 2400
@@ -2309,7 +2407,7 @@ do_write (void *cls,
2309 */ 2407 */
2310static void 2408static void
2311signal_socks_failure (struct Socks5Request *s5r, 2409signal_socks_failure (struct Socks5Request *s5r,
2312 enum Socks5StatusCode sc) 2410 enum Socks5StatusCode sc)
2313{ 2411{
2314 struct Socks5ServerResponseMessage *s_resp; 2412 struct Socks5ServerResponseMessage *s_resp;
2315 2413
@@ -2321,8 +2419,8 @@ signal_socks_failure (struct Socks5Request *s5r,
2321 if (NULL != s5r->wtask) 2419 if (NULL != s5r->wtask)
2322 s5r->wtask = 2420 s5r->wtask =
2323 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, 2421 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2324 s5r->sock, 2422 s5r->sock,
2325 &do_write, s5r); 2423 &do_write, s5r);
2326} 2424}
2327 2425
2328 2426
@@ -2343,15 +2441,15 @@ signal_socks_success (struct Socks5Request *s5r)
2343 s_resp->addr_type = SOCKS5_AT_IPV4; 2441 s_resp->addr_type = SOCKS5_AT_IPV4;
2344 /* zero out IPv4 address and port */ 2442 /* zero out IPv4 address and port */
2345 memset (&s_resp[1], 2443 memset (&s_resp[1],
2346 0, 2444 0,
2347 sizeof (struct in_addr) + sizeof (uint16_t)); 2445 sizeof (struct in_addr) + sizeof (uint16_t));
2348 s5r->wbuf_len += sizeof (struct Socks5ServerResponseMessage) + 2446 s5r->wbuf_len += sizeof (struct Socks5ServerResponseMessage) +
2349 sizeof (struct in_addr) + sizeof (uint16_t); 2447 sizeof (struct in_addr) + sizeof (uint16_t);
2350 if (NULL == s5r->wtask) 2448 if (NULL == s5r->wtask)
2351 s5r->wtask = 2449 s5r->wtask =
2352 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, 2450 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2353 s5r->sock, 2451 s5r->sock,
2354 &do_write, s5r); 2452 &do_write, s5r);
2355} 2453}
2356 2454
2357 2455
@@ -2364,8 +2462,8 @@ signal_socks_success (struct Socks5Request *s5r)
2364 */ 2462 */
2365static void 2463static void
2366handle_gns_result (void *cls, 2464handle_gns_result (void *cls,
2367 uint32_t rd_count, 2465 uint32_t rd_count,
2368 const struct GNUNET_GNSRECORD_Data *rd) 2466 const struct GNUNET_GNSRECORD_Data *rd)
2369{ 2467{
2370 struct Socks5Request *s5r = cls; 2468 struct Socks5Request *s5r = cls;
2371 uint32_t i; 2469 uint32_t i;
@@ -2379,100 +2477,100 @@ handle_gns_result (void *cls,
2379 r = &rd[i]; 2477 r = &rd[i];
2380 switch (r->record_type) 2478 switch (r->record_type)
2381 { 2479 {
2382 case GNUNET_DNSPARSER_TYPE_A: 2480 case GNUNET_DNSPARSER_TYPE_A:
2383 { 2481 {
2384 struct sockaddr_in *in; 2482 struct sockaddr_in *in;
2385 2483
2386 if (sizeof (struct in_addr) != r->data_size) 2484 if (sizeof (struct in_addr) != r->data_size)
2387 { 2485 {
2388 GNUNET_break_op (0); 2486 GNUNET_break_op (0);
2389 break; 2487 break;
2390 } 2488 }
2391 if (GNUNET_YES == got_ip) 2489 if (GNUNET_YES == got_ip)
2392 break; 2490 break;
2393 if (GNUNET_OK != 2491 if (GNUNET_OK !=
2394 GNUNET_NETWORK_test_pf (PF_INET)) 2492 GNUNET_NETWORK_test_pf (PF_INET))
2395 break; 2493 break;
2396 got_ip = GNUNET_YES; 2494 got_ip = GNUNET_YES;
2397 in = (struct sockaddr_in *) &s5r->destination_address; 2495 in = (struct sockaddr_in *) &s5r->destination_address;
2398 in->sin_family = AF_INET; 2496 in->sin_family = AF_INET;
2399 memcpy (&in->sin_addr, 2497 memcpy (&in->sin_addr,
2400 r->data, 2498 r->data,
2401 r->data_size); 2499 r->data_size);
2402 in->sin_port = htons (s5r->port); 2500 in->sin_port = htons (s5r->port);
2403#if HAVE_SOCKADDR_IN_SIN_LEN 2501#if HAVE_SOCKADDR_IN_SIN_LEN
2404 in->sin_len = sizeof (*in); 2502 in->sin_len = sizeof (*in);
2405#endif 2503#endif
2406 } 2504 }
2407 break; 2505 break;
2408 case GNUNET_DNSPARSER_TYPE_AAAA: 2506 case GNUNET_DNSPARSER_TYPE_AAAA:
2409 { 2507 {
2410 struct sockaddr_in6 *in; 2508 struct sockaddr_in6 *in;
2411 2509
2412 if (sizeof (struct in6_addr) != r->data_size) 2510 if (sizeof (struct in6_addr) != r->data_size)
2413 { 2511 {
2414 GNUNET_break_op (0); 2512 GNUNET_break_op (0);
2415 break; 2513 break;
2416 } 2514 }
2417 if (GNUNET_YES == got_ip) 2515 if (GNUNET_YES == got_ip)
2418 break; 2516 break;
2419 if (GNUNET_OK != 2517 if (GNUNET_OK !=
2420 GNUNET_NETWORK_test_pf (PF_INET)) 2518 GNUNET_NETWORK_test_pf (PF_INET))
2421 break; 2519 break;
2422 /* FIXME: allow user to disable IPv6 per configuration option... */ 2520 /* FIXME: allow user to disable IPv6 per configuration option... */
2423 got_ip = GNUNET_YES; 2521 got_ip = GNUNET_YES;
2424 in = (struct sockaddr_in6 *) &s5r->destination_address; 2522 in = (struct sockaddr_in6 *) &s5r->destination_address;
2425 in->sin6_family = AF_INET6; 2523 in->sin6_family = AF_INET6;
2426 memcpy (&in->sin6_addr, 2524 memcpy (&in->sin6_addr,
2427 r->data, 2525 r->data,
2428 r->data_size); 2526 r->data_size);
2429 in->sin6_port = htons (s5r->port); 2527 in->sin6_port = htons (s5r->port);
2430#if HAVE_SOCKADDR_IN_SIN_LEN 2528#if HAVE_SOCKADDR_IN_SIN_LEN
2431 in->sin6_len = sizeof (*in); 2529 in->sin6_len = sizeof (*in);
2432#endif 2530#endif
2433 } 2531 }
2434 break; 2532 break;
2435 case GNUNET_GNSRECORD_TYPE_VPN: 2533 case GNUNET_GNSRECORD_TYPE_VPN:
2436 GNUNET_break (0); /* should have been translated within GNS */ 2534 GNUNET_break (0); /* should have been translated within GNS */
2437 break; 2535 break;
2438 case GNUNET_GNSRECORD_TYPE_LEHO: 2536 case GNUNET_GNSRECORD_TYPE_LEHO:
2439 GNUNET_free_non_null (s5r->leho); 2537 GNUNET_free_non_null (s5r->leho);
2440 s5r->leho = GNUNET_strndup (r->data, 2538 s5r->leho = GNUNET_strndup (r->data,
2441 r->data_size); 2539 r->data_size);
2442 break; 2540 break;
2443 case GNUNET_GNSRECORD_TYPE_BOX: 2541 case GNUNET_GNSRECORD_TYPE_BOX:
2444 {
2445 const struct GNUNET_GNSRECORD_BoxRecord *box;
2446
2447 if (r->data_size < sizeof (struct GNUNET_GNSRECORD_BoxRecord))
2448 { 2542 {
2449 GNUNET_break_op (0); 2543 const struct GNUNET_GNSRECORD_BoxRecord *box;
2544
2545 if (r->data_size < sizeof (struct GNUNET_GNSRECORD_BoxRecord))
2546 {
2547 GNUNET_break_op (0);
2548 break;
2549 }
2550 box = r->data;
2551 if ( (ntohl (box->record_type) != GNUNET_DNSPARSER_TYPE_TLSA) ||
2552 (ntohs (box->protocol) != IPPROTO_TCP) ||
2553 (ntohs (box->service) != s5r->port) )
2554 break; /* BOX record does not apply */
2555 GNUNET_free_non_null (s5r->dane_data);
2556 s5r->dane_data_len = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord);
2557 s5r->dane_data = GNUNET_malloc (s5r->dane_data_len);
2558 memcpy (s5r->dane_data,
2559 &box[1],
2560 s5r->dane_data_len);
2450 break; 2561 break;
2451 } 2562 }
2452 box = r->data; 2563 default:
2453 if ( (ntohl (box->record_type) != GNUNET_DNSPARSER_TYPE_TLSA) || 2564 /* don't care */
2454 (ntohs (box->protocol) != IPPROTO_TCP) ||
2455 (ntohs (box->service) != s5r->port) )
2456 break; /* BOX record does not apply */
2457 GNUNET_free_non_null (s5r->dane_data);
2458 s5r->dane_data_len = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord);
2459 s5r->dane_data = GNUNET_malloc (s5r->dane_data_len);
2460 memcpy (s5r->dane_data,
2461 &box[1],
2462 s5r->dane_data_len);
2463 break; 2565 break;
2464 }
2465 default:
2466 /* don't care */
2467 break;
2468 } 2566 }
2469 } 2567 }
2470 if (GNUNET_YES != got_ip) 2568 if (GNUNET_YES != got_ip)
2471 { 2569 {
2472 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2570 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2473 "Name resolution failed to yield useful IP address.\n"); 2571 "Name resolution failed to yield useful IP address.\n");
2474 signal_socks_failure (s5r, 2572 signal_socks_failure (s5r,
2475 SOCKS5_STATUS_GENERAL_FAILURE); 2573 SOCKS5_STATUS_GENERAL_FAILURE);
2476 return; 2574 return;
2477 } 2575 }
2478 s5r->state = SOCKS5_DATA_TRANSFER; 2576 s5r->state = SOCKS5_DATA_TRANSFER;
@@ -2488,12 +2586,12 @@ handle_gns_result (void *cls,
2488 */ 2586 */
2489static void 2587static void
2490clear_from_s5r_rbuf (struct Socks5Request *s5r, 2588clear_from_s5r_rbuf (struct Socks5Request *s5r,
2491 size_t len) 2589 size_t len)
2492{ 2590{
2493 GNUNET_assert (len <= s5r->rbuf_len); 2591 GNUNET_assert (len <= s5r->rbuf_len);
2494 memmove (s5r->rbuf, 2592 memmove (s5r->rbuf,
2495 &s5r->rbuf[len], 2593 &s5r->rbuf[len],
2496 s5r->rbuf_len - len); 2594 s5r->rbuf_len - len);
2497 s5r->rbuf_len -= len; 2595 s5r->rbuf_len -= len;
2498} 2596}
2499 2597
@@ -2506,7 +2604,7 @@ clear_from_s5r_rbuf (struct Socks5Request *s5r,
2506 */ 2604 */
2507static void 2605static void
2508do_s5r_read (void *cls, 2606do_s5r_read (void *cls,
2509 const struct GNUNET_SCHEDULER_TaskContext *tc) 2607 const struct GNUNET_SCHEDULER_TaskContext *tc)
2510{ 2608{
2511 struct Socks5Request *s5r = cls; 2609 struct Socks5Request *s5r = cls;
2512 const struct Socks5ClientHelloMessage *c_hello; 2610 const struct Socks5ClientHelloMessage *c_hello;
@@ -2520,196 +2618,196 @@ do_s5r_read (void *cls,
2520 (GNUNET_NETWORK_fdset_isset (tc->read_ready, s5r->sock)) ) 2618 (GNUNET_NETWORK_fdset_isset (tc->read_ready, s5r->sock)) )
2521 { 2619 {
2522 rlen = GNUNET_NETWORK_socket_recv (s5r->sock, 2620 rlen = GNUNET_NETWORK_socket_recv (s5r->sock,
2523 &s5r->rbuf[s5r->rbuf_len], 2621 &s5r->rbuf[s5r->rbuf_len],
2524 sizeof (s5r->rbuf) - s5r->rbuf_len); 2622 sizeof (s5r->rbuf) - s5r->rbuf_len);
2525 if (rlen <= 0) 2623 if (rlen <= 0)
2526 { 2624 {
2527 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2625 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2528 "socks5 client disconnected.\n"); 2626 "socks5 client disconnected.\n");
2529 cleanup_s5r (s5r); 2627 cleanup_s5r (s5r);
2530 return; 2628 return;
2531 } 2629 }
2532 s5r->rbuf_len += rlen; 2630 s5r->rbuf_len += rlen;
2533 } 2631 }
2534 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, 2632 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2535 s5r->sock, 2633 s5r->sock,
2536 &do_s5r_read, s5r); 2634 &do_s5r_read, s5r);
2537 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2635 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2538 "Processing %u bytes of socks data in state %d\n", 2636 "Processing %u bytes of socks data in state %d\n",
2539 s5r->rbuf_len, 2637 s5r->rbuf_len,
2540 s5r->state); 2638 s5r->state);
2541 switch (s5r->state) 2639 switch (s5r->state)
2542 { 2640 {
2543 case SOCKS5_INIT: 2641 case SOCKS5_INIT:
2544 c_hello = (const struct Socks5ClientHelloMessage*) &s5r->rbuf; 2642 c_hello = (const struct Socks5ClientHelloMessage*) &s5r->rbuf;
2545 if ( (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage)) || 2643 if ( (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage)) ||
2546 (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods) ) 2644 (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods) )
2547 return; /* need more data */ 2645 return; /* need more data */
2548 if (SOCKS_VERSION_5 != c_hello->version) 2646 if (SOCKS_VERSION_5 != c_hello->version)
2549 { 2647 {
2550 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2648 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2551 _("Unsupported socks version %d\n"), 2649 _("Unsupported socks version %d\n"),
2552 (int) c_hello->version); 2650 (int) c_hello->version);
2553 cleanup_s5r (s5r); 2651 cleanup_s5r (s5r);
2554 return; 2652 return;
2555 } 2653 }
2556 clear_from_s5r_rbuf (s5r, 2654 clear_from_s5r_rbuf (s5r,
2557 sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods); 2655 sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods);
2558 GNUNET_assert (0 == s5r->wbuf_len); 2656 GNUNET_assert (0 == s5r->wbuf_len);
2559 s_hello = (struct Socks5ServerHelloMessage *) &s5r->wbuf; 2657 s_hello = (struct Socks5ServerHelloMessage *) &s5r->wbuf;
2560 s5r->wbuf_len = sizeof (struct Socks5ServerHelloMessage); 2658 s5r->wbuf_len = sizeof (struct Socks5ServerHelloMessage);
2561 s_hello->version = SOCKS_VERSION_5; 2659 s_hello->version = SOCKS_VERSION_5;
2562 s_hello->auth_method = SOCKS_AUTH_NONE; 2660 s_hello->auth_method = SOCKS_AUTH_NONE;
2563 GNUNET_assert (NULL == s5r->wtask); 2661 GNUNET_assert (NULL == s5r->wtask);
2564 s5r->wtask = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, 2662 s5r->wtask = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2565 s5r->sock, 2663 s5r->sock,
2566 &do_write, s5r); 2664 &do_write, s5r);
2567 s5r->state = SOCKS5_REQUEST; 2665 s5r->state = SOCKS5_REQUEST;
2568 return;
2569 case SOCKS5_REQUEST:
2570 c_req = (const struct Socks5ClientRequestMessage *) &s5r->rbuf;
2571 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage))
2572 return;
2573 switch (c_req->command)
2574 {
2575 case SOCKS5_CMD_TCP_STREAM:
2576 /* handled below */
2577 break;
2578 default:
2579 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2580 _("Unsupported socks command %d\n"),
2581 (int) c_req->command);
2582 signal_socks_failure (s5r,
2583 SOCKS5_STATUS_COMMAND_NOT_SUPPORTED);
2584 return; 2666 return;
2585 } 2667 case SOCKS5_REQUEST:
2586 switch (c_req->addr_type) 2668 c_req = (const struct Socks5ClientRequestMessage *) &s5r->rbuf;
2587 { 2669 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage))
2588 case SOCKS5_AT_IPV4: 2670 return;
2671 switch (c_req->command)
2589 { 2672 {
2590 const struct in_addr *v4 = (const struct in_addr *) &c_req[1]; 2673 case SOCKS5_CMD_TCP_STREAM:
2591 const uint16_t *port = (const uint16_t *) &v4[1]; 2674 /* handled below */
2592 struct sockaddr_in *in; 2675 break;
2593 2676 default:
2594 s5r->port = ntohs (*port);
2595 if (HTTPS_PORT == s5r->port)
2596 {
2597 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2677 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2598 _("SSL connection to plain IPv4 address requested\n")); 2678 _("Unsupported socks command %d\n"),
2679 (int) c_req->command);
2599 signal_socks_failure (s5r, 2680 signal_socks_failure (s5r,
2600 SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE); 2681 SOCKS5_STATUS_COMMAND_NOT_SUPPORTED);
2601 return; 2682 return;
2602 }
2603 alen = sizeof (struct in_addr);
2604 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
2605 alen + sizeof (uint16_t))
2606 return; /* need more data */
2607 in = (struct sockaddr_in *) &s5r->destination_address;
2608 in->sin_family = AF_INET;
2609 in->sin_addr = *v4;
2610 in->sin_port = *port;
2611#if HAVE_SOCKADDR_IN_SIN_LEN
2612 in->sin_len = sizeof (*in);
2613#endif
2614 s5r->state = SOCKS5_DATA_TRANSFER;
2615 } 2683 }
2616 break; 2684 switch (c_req->addr_type)
2617 case SOCKS5_AT_IPV6:
2618 { 2685 {
2619 const struct in6_addr *v6 = (const struct in6_addr *) &c_req[1]; 2686 case SOCKS5_AT_IPV4:
2620 const uint16_t *port = (const uint16_t *) &v6[1]; 2687 {
2621 struct sockaddr_in6 *in; 2688 const struct in_addr *v4 = (const struct in_addr *) &c_req[1];
2622 2689 const uint16_t *port = (const uint16_t *) &v4[1];
2623 s5r->port = ntohs (*port); 2690 struct sockaddr_in *in;
2624 if (HTTPS_PORT == s5r->port) 2691
2625 { 2692 s5r->port = ntohs (*port);
2693 if (HTTPS_PORT == s5r->port)
2694 {
2695 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2696 _("SSL connection to plain IPv4 address requested\n"));
2697 signal_socks_failure (s5r,
2698 SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE);
2699 return;
2700 }
2701 alen = sizeof (struct in_addr);
2702 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
2703 alen + sizeof (uint16_t))
2704 return; /* need more data */
2705 in = (struct sockaddr_in *) &s5r->destination_address;
2706 in->sin_family = AF_INET;
2707 in->sin_addr = *v4;
2708 in->sin_port = *port;
2709#if HAVE_SOCKADDR_IN_SIN_LEN
2710 in->sin_len = sizeof (*in);
2711#endif
2712 s5r->state = SOCKS5_DATA_TRANSFER;
2713 }
2714 break;
2715 case SOCKS5_AT_IPV6:
2716 {
2717 const struct in6_addr *v6 = (const struct in6_addr *) &c_req[1];
2718 const uint16_t *port = (const uint16_t *) &v6[1];
2719 struct sockaddr_in6 *in;
2720
2721 s5r->port = ntohs (*port);
2722 if (HTTPS_PORT == s5r->port)
2723 {
2724 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2725 _("SSL connection to plain IPv4 address requested\n"));
2726 signal_socks_failure (s5r,
2727 SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE);
2728 return;
2729 }
2730 alen = sizeof (struct in6_addr);
2731 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
2732 alen + sizeof (uint16_t))
2733 return; /* need more data */
2734 in = (struct sockaddr_in6 *) &s5r->destination_address;
2735 in->sin6_family = AF_INET6;
2736 in->sin6_addr = *v6;
2737 in->sin6_port = *port;
2738#if HAVE_SOCKADDR_IN_SIN_LEN
2739 in->sin6_len = sizeof (*in);
2740#endif
2741 s5r->state = SOCKS5_DATA_TRANSFER;
2742 }
2743 break;
2744 case SOCKS5_AT_DOMAINNAME:
2745 {
2746 const uint8_t *dom_len;
2747 const char *dom_name;
2748 const uint16_t *port;
2749
2750 dom_len = (const uint8_t *) &c_req[1];
2751 alen = *dom_len + 1;
2752 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
2753 alen + sizeof (uint16_t))
2754 return; /* need more data */
2755 dom_name = (const char *) &dom_len[1];
2756 port = (const uint16_t*) &dom_name[*dom_len];
2757 s5r->domain = GNUNET_strndup (dom_name, *dom_len);
2758 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2759 "Requested connection is to %s:%d\n",
2760 s5r->domain,
2761 ntohs (*port));
2762 s5r->state = SOCKS5_RESOLVING;
2763 s5r->port = ntohs (*port);
2764 s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
2765 s5r->domain,
2766 &local_gns_zone,
2767 GNUNET_DNSPARSER_TYPE_A,
2768 GNUNET_NO /* only cached */,
2769 (GNUNET_YES == do_shorten) ? &local_shorten_zone : NULL,
2770 &handle_gns_result,
2771 s5r);
2772 break;
2773 }
2774 default:
2626 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2775 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2627 _("SSL connection to plain IPv4 address requested\n")); 2776 _("Unsupported socks address type %d\n"),
2777 (int) c_req->addr_type);
2628 signal_socks_failure (s5r, 2778 signal_socks_failure (s5r,
2629 SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE); 2779 SOCKS5_STATUS_ADDRESS_TYPE_NOT_SUPPORTED);
2630 return; 2780 return;
2631 }
2632 alen = sizeof (struct in6_addr);
2633 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
2634 alen + sizeof (uint16_t))
2635 return; /* need more data */
2636 in = (struct sockaddr_in6 *) &s5r->destination_address;
2637 in->sin6_family = AF_INET6;
2638 in->sin6_addr = *v6;
2639 in->sin6_port = *port;
2640#if HAVE_SOCKADDR_IN_SIN_LEN
2641 in->sin6_len = sizeof (*in);
2642#endif
2643 s5r->state = SOCKS5_DATA_TRANSFER;
2644 } 2781 }
2645 break; 2782 clear_from_s5r_rbuf (s5r,
2646 case SOCKS5_AT_DOMAINNAME: 2783 sizeof (struct Socks5ClientRequestMessage) +
2784 alen + sizeof (uint16_t));
2785 if (0 != s5r->rbuf_len)
2647 { 2786 {
2648 const uint8_t *dom_len; 2787 /* read more bytes than healthy, why did the client send more!? */
2649 const char *dom_name; 2788 GNUNET_break_op (0);
2650 const uint16_t *port; 2789 signal_socks_failure (s5r,
2651 2790 SOCKS5_STATUS_GENERAL_FAILURE);
2652 dom_len = (const uint8_t *) &c_req[1]; 2791 return;
2653 alen = *dom_len + 1;
2654 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
2655 alen + sizeof (uint16_t))
2656 return; /* need more data */
2657 dom_name = (const char *) &dom_len[1];
2658 port = (const uint16_t*) &dom_name[*dom_len];
2659 s5r->domain = GNUNET_strndup (dom_name, *dom_len);
2660 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2661 "Requested connection is to %s:%d\n",
2662 s5r->domain,
2663 ntohs (*port));
2664 s5r->state = SOCKS5_RESOLVING;
2665 s5r->port = ntohs (*port);
2666 s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
2667 s5r->domain,
2668 &local_gns_zone,
2669 GNUNET_DNSPARSER_TYPE_A,
2670 GNUNET_NO /* only cached */,
2671 (GNUNET_YES == do_shorten) ? &local_shorten_zone : NULL,
2672 &handle_gns_result,
2673 s5r);
2674 break;
2675 } 2792 }
2676 default: 2793 if (SOCKS5_DATA_TRANSFER == s5r->state)
2677 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2794 {
2678 _("Unsupported socks address type %d\n"), 2795 /* if we are not waiting for GNS resolution, signal success */
2679 (int) c_req->addr_type); 2796 signal_socks_success (s5r);
2680 signal_socks_failure (s5r, 2797 }
2681 SOCKS5_STATUS_ADDRESS_TYPE_NOT_SUPPORTED); 2798 /* We are done reading right now */
2799 GNUNET_SCHEDULER_cancel (s5r->rtask);
2800 s5r->rtask = NULL;
2682 return; 2801 return;
2683 } 2802 case SOCKS5_RESOLVING:
2684 clear_from_s5r_rbuf (s5r, 2803 GNUNET_assert (0);
2685 sizeof (struct Socks5ClientRequestMessage) + 2804 return;
2686 alen + sizeof (uint16_t)); 2805 case SOCKS5_DATA_TRANSFER:
2687 if (0 != s5r->rbuf_len) 2806 GNUNET_assert (0);
2688 { 2807 return;
2689 /* read more bytes than healthy, why did the client send more!? */ 2808 default:
2690 GNUNET_break_op (0); 2809 GNUNET_assert (0);
2691 signal_socks_failure (s5r,
2692 SOCKS5_STATUS_GENERAL_FAILURE);
2693 return; 2810 return;
2694 }
2695 if (SOCKS5_DATA_TRANSFER == s5r->state)
2696 {
2697 /* if we are not waiting for GNS resolution, signal success */
2698 signal_socks_success (s5r);
2699 }
2700 /* We are done reading right now */
2701 GNUNET_SCHEDULER_cancel (s5r->rtask);
2702 s5r->rtask = NULL;
2703 return;
2704 case SOCKS5_RESOLVING:
2705 GNUNET_assert (0);
2706 return;
2707 case SOCKS5_DATA_TRANSFER:
2708 GNUNET_assert (0);
2709 return;
2710 default:
2711 GNUNET_assert (0);
2712 return;
2713 } 2811 }
2714} 2812}
2715 2813
@@ -2722,7 +2820,7 @@ do_s5r_read (void *cls,
2722 */ 2820 */
2723static void 2821static void
2724do_accept (void *cls, 2822do_accept (void *cls,
2725 const struct GNUNET_SCHEDULER_TaskContext *tc) 2823 const struct GNUNET_SCHEDULER_TaskContext *tc)
2726{ 2824{
2727 struct GNUNET_NETWORK_Handle *lsock = cls; 2825 struct GNUNET_NETWORK_Handle *lsock = cls;
2728 struct GNUNET_NETWORK_Handle *s; 2826 struct GNUNET_NETWORK_Handle *s;
@@ -2752,8 +2850,8 @@ do_accept (void *cls,
2752 "Got an inbound connection, waiting for data\n"); 2850 "Got an inbound connection, waiting for data\n");
2753 s5r = GNUNET_new (struct Socks5Request); 2851 s5r = GNUNET_new (struct Socks5Request);
2754 GNUNET_CONTAINER_DLL_insert (s5r_head, 2852 GNUNET_CONTAINER_DLL_insert (s5r_head,
2755 s5r_tail, 2853 s5r_tail,
2756 s5r); 2854 s5r);
2757 s5r->sock = s; 2855 s5r->sock = s;
2758 s5r->state = SOCKS5_INIT; 2856 s5r->state = SOCKS5_INIT;
2759 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, 2857 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
@@ -2857,7 +2955,7 @@ bind_v4 ()
2857 return NULL; 2955 return NULL;
2858 if (GNUNET_OK != 2956 if (GNUNET_OK !=
2859 GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa4, 2957 GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa4,
2860 sizeof (sa4))) 2958 sizeof (sa4)))
2861 { 2959 {
2862 eno = errno; 2960 eno = errno;
2863 GNUNET_NETWORK_socket_close (ls); 2961 GNUNET_NETWORK_socket_close (ls);
@@ -2893,7 +2991,7 @@ bind_v6 ()
2893 return NULL; 2991 return NULL;
2894 if (GNUNET_OK != 2992 if (GNUNET_OK !=
2895 GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa6, 2993 GNUNET_NETWORK_socket_bind (ls, (const struct sockaddr *) &sa6,
2896 sizeof (sa6))) 2994 sizeof (sa6)))
2897 { 2995 {
2898 eno = errno; 2996 eno = errno;
2899 GNUNET_NETWORK_socket_close (ls); 2997 GNUNET_NETWORK_socket_close (ls);
@@ -2967,13 +3065,13 @@ run_cont ()
2967 /* start MHD daemon for HTTP */ 3065 /* start MHD daemon for HTTP */
2968 hd = GNUNET_new (struct MhdHttpList); 3066 hd = GNUNET_new (struct MhdHttpList);
2969 hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_NO_LISTEN_SOCKET, 3067 hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_NO_LISTEN_SOCKET,
2970 0, 3068 0,
2971 NULL, NULL, 3069 NULL, NULL,
2972 &create_response, hd, 3070 &create_response, hd,
2973 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16, 3071 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16,
2974 MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL, 3072 MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL,
2975 MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL, 3073 MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL,
2976 MHD_OPTION_END); 3074 MHD_OPTION_END);
2977 if (NULL == hd->daemon) 3075 if (NULL == hd->daemon)
2978 { 3076 {
2979 GNUNET_free (hd); 3077 GNUNET_free (hd);
@@ -3006,15 +3104,15 @@ run_cont ()
3006 */ 3104 */
3007static void 3105static void
3008identity_shorten_cb (void *cls, 3106identity_shorten_cb (void *cls,
3009 struct GNUNET_IDENTITY_Ego *ego, 3107 struct GNUNET_IDENTITY_Ego *ego,
3010 void **ctx, 3108 void **ctx,
3011 const char *name) 3109 const char *name)
3012{ 3110{
3013 id_op = NULL; 3111 id_op = NULL;
3014 if (NULL == ego) 3112 if (NULL == ego)
3015 { 3113 {
3016 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 3114 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3017 _("No ego configured for `shorten-zone`\n")); 3115 _("No ego configured for `shorten-zone`\n"));
3018 } 3116 }
3019 else 3117 else
3020 { 3118 {
@@ -3046,25 +3144,25 @@ identity_shorten_cb (void *cls,
3046 */ 3144 */
3047static void 3145static void
3048identity_master_cb (void *cls, 3146identity_master_cb (void *cls,
3049 struct GNUNET_IDENTITY_Ego *ego, 3147 struct GNUNET_IDENTITY_Ego *ego,
3050 void **ctx, 3148 void **ctx,
3051 const char *name) 3149 const char *name)
3052{ 3150{
3053 id_op = NULL; 3151 id_op = NULL;
3054 if (NULL == ego) 3152 if (NULL == ego)
3055 { 3153 {
3056 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 3154 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3057 _("No ego configured for `%s`\n"), 3155 _("No ego configured for `%s`\n"),
3058 "gns-proxy"); 3156 "gns-proxy");
3059 GNUNET_SCHEDULER_shutdown (); 3157 GNUNET_SCHEDULER_shutdown ();
3060 return; 3158 return;
3061 } 3159 }
3062 GNUNET_IDENTITY_ego_get_public_key (ego, 3160 GNUNET_IDENTITY_ego_get_public_key (ego,
3063 &local_gns_zone); 3161 &local_gns_zone);
3064 id_op = GNUNET_IDENTITY_get (identity, 3162 id_op = GNUNET_IDENTITY_get (identity,
3065 "gns-short", 3163 "gns-short",
3066 &identity_shorten_cb, 3164 &identity_shorten_cb,
3067 NULL); 3165 NULL);
3068} 3166}
3069 3167
3070 3168
@@ -3095,12 +3193,12 @@ run (void *cls, char *const *args, const char *cfgfile,
3095 if (NULL == cafile) 3193 if (NULL == cafile)
3096 { 3194 {
3097 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns-proxy", 3195 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns-proxy",
3098 "PROXY_CACERT", 3196 "PROXY_CACERT",
3099 &cafile_cfg)) 3197 &cafile_cfg))
3100 { 3198 {
3101 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, 3199 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3102 "gns-proxy", 3200 "gns-proxy",
3103 "PROXY_CACERT"); 3201 "PROXY_CACERT");
3104 return; 3202 return;
3105 } 3203 }
3106 cafile = cafile_cfg; 3204 cafile = cafile_cfg;
@@ -3116,8 +3214,8 @@ run (void *cls, char *const *args, const char *cfgfile,
3116 (GNUNET_OK != load_key_from_file (proxy_ca.key, cafile)) ) 3214 (GNUNET_OK != load_key_from_file (proxy_ca.key, cafile)) )
3117 { 3215 {
3118 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 3216 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3119 _("Failed to load SSL/TLS key and certificate from `%s'\n"), 3217 _("Failed to load SSL/TLS key and certificate from `%s'\n"),
3120 cafile); 3218 cafile);
3121 gnutls_x509_crt_deinit (proxy_ca.cert); 3219 gnutls_x509_crt_deinit (proxy_ca.cert);
3122 gnutls_x509_privkey_deinit (proxy_ca.key); 3220 gnutls_x509_privkey_deinit (proxy_ca.key);
3123 gnutls_global_deinit (); 3221 gnutls_global_deinit ();
@@ -3135,11 +3233,11 @@ run (void *cls, char *const *args, const char *cfgfile,
3135 return; 3233 return;
3136 } 3234 }
3137 identity = GNUNET_IDENTITY_connect (cfg, 3235 identity = GNUNET_IDENTITY_connect (cfg,
3138 NULL, NULL); 3236 NULL, NULL);
3139 id_op = GNUNET_IDENTITY_get (identity, 3237 id_op = GNUNET_IDENTITY_get (identity,
3140 "gns-proxy", 3238 "gns-proxy",
3141 &identity_master_cb, 3239 &identity_master_cb,
3142 NULL); 3240 NULL);
3143 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, 3241 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
3144 &do_shutdown, NULL); 3242 &do_shutdown, NULL);
3145} 3243}
@@ -3157,8 +3255,8 @@ main (int argc, char *const *argv)
3157{ 3255{
3158 static const struct GNUNET_GETOPT_CommandLineOption options[] = { 3256 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
3159 {'p', "port", NULL, 3257 {'p', "port", NULL,
3160 gettext_noop ("listen on specified port (default: 7777)"), 1, 3258 gettext_noop ("listen on specified port (default: 7777)"), 1,
3161 &GNUNET_GETOPT_set_ulong, &port}, 3259 &GNUNET_GETOPT_set_ulong, &port},
3162 {'a', "authority", NULL, 3260 {'a', "authority", NULL,
3163 gettext_noop ("pem file to use as CA"), 1, 3261 gettext_noop ("pem file to use as CA"), 1,
3164 &GNUNET_GETOPT_set_string, &cafile_opt}, 3262 &GNUNET_GETOPT_set_string, &cafile_opt},
@@ -3173,15 +3271,15 @@ main (int argc, char *const *argv)
3173 return 2; 3271 return 2;
3174 GNUNET_log_setup ("gnunet-gns-proxy", "WARNING", NULL); 3272 GNUNET_log_setup ("gnunet-gns-proxy", "WARNING", NULL);
3175 curl_failure_response = MHD_create_response_from_buffer (strlen (page), 3273 curl_failure_response = MHD_create_response_from_buffer (strlen (page),
3176 (void*)page, 3274 (void*)page,
3177 MHD_RESPMEM_PERSISTENT); 3275 MHD_RESPMEM_PERSISTENT);
3178 3276
3179 ret = 3277 ret =
3180 (GNUNET_OK == 3278 (GNUNET_OK ==
3181 GNUNET_PROGRAM_run (argc, argv, "gnunet-gns-proxy", 3279 GNUNET_PROGRAM_run (argc, argv, "gnunet-gns-proxy",
3182 _("GNUnet GNS proxy"), 3280 _("GNUnet GNS proxy"),
3183 options, 3281 options,
3184 &run, NULL)) ? 0 : 1; 3282 &run, NULL)) ? 0 : 1;
3185 MHD_destroy_response (curl_failure_response); 3283 MHD_destroy_response (curl_failure_response);
3186 GNUNET_free_non_null ((char *) argv); 3284 GNUNET_free_non_null ((char *) argv);
3187 GNUNET_CRYPTO_ecdsa_key_clear (&local_shorten_zone); 3285 GNUNET_CRYPTO_ecdsa_key_clear (&local_shorten_zone);
diff --git a/src/identity/Makefile.am b/src/identity/Makefile.am
index 5bdc9b73a..af4ad5821 100644
--- a/src/identity/Makefile.am
+++ b/src/identity/Makefile.am
@@ -27,6 +27,19 @@ endif
27lib_LTLIBRARIES = \ 27lib_LTLIBRARIES = \
28 libgnunetidentity.la 28 libgnunetidentity.la
29 29
30if HAVE_REST
31plugin_LTLIBRARIES += \
32 libgnunet_plugin_gnsrecord_identity.la
33
34
35libgnunet_plugin_gnsrecord_identity_la_SOURCES = \
36 plugin_gnsrecord_identity.c
37libgnunet_plugin_gnsrecord_identity_la_LIBADD = \
38 $(top_builddir)/src/util/libgnunetutil.la \
39 $(LTLIBINTL)
40libgnunet_plugin_gnsrecord_identity_la_LDFLAGS = \
41 $(GN_PLUGIN_LDFLAGS)
42endif
30 43
31libgnunet_plugin_rest_identity_la_SOURCES = \ 44libgnunet_plugin_rest_identity_la_SOURCES = \
32 plugin_rest_identity.c 45 plugin_rest_identity.c
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h
index a2c97a826..d52054909 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -85,6 +85,18 @@ extern "C"
85 */ 85 */
86#define GNUNET_GNSRECORD_TYPE_PHONE 65543 86#define GNUNET_GNSRECORD_TYPE_PHONE 65543
87 87
88/**
89 * Record type for identity attributes (of IDENTITY).
90 */
91#define GNUNET_GNSRECORD_TYPE_ID_ATTR 65544
92
93/**
94 * Record type for an identity token (of IDENTITY).
95 */
96#define GNUNET_GNSRECORD_TYPE_ID_TOKEN 65545
97
98
99
88 100
89/** 101/**
90 * Flags that can be set for a record. 102 * Flags that can be set for a record.
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-17 14:36:35 +0000