aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/transport/plugin_transport_http_client.c2
-rw-r--r--src/transport/plugin_transport_http_server.c249
-rw-r--r--src/transport/transport.conf.in6
3 files changed, 152 insertions, 105 deletions
diff --git a/src/transport/plugin_transport_http_client.c b/src/transport/plugin_transport_http_client.c
index 16676bc2d..d6f8afdfd 100644
--- a/src/transport/plugin_transport_http_client.c
+++ b/src/transport/plugin_transport_http_client.c
@@ -1487,6 +1487,8 @@ open_tcp_stealth_socket_cb (void *clientp,
1487 &s->address->peer, 1487 &s->address->peer,
1488 sizeof (struct GNUNET_PeerIdentity))) ) 1488 sizeof (struct GNUNET_PeerIdentity))) )
1489 { 1489 {
1490 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1491 _("TCP_STEALTH not supported on this platform.\n"));
1490 (void) close (ret); 1492 (void) close (ret);
1491 return CURL_SOCKET_BAD; 1493 return CURL_SOCKET_BAD;
1492 } 1494 }
diff --git a/src/transport/plugin_transport_http_server.c b/src/transport/plugin_transport_http_server.c
index 47b0bda7f..abc3bcbb0 100644
--- a/src/transport/plugin_transport_http_server.c
+++ b/src/transport/plugin_transport_http_server.c
@@ -2141,8 +2141,10 @@ server_load_certificate (struct HTTP_Server_Plugin *plugin)
2141 NULL, NULL, NULL, 2141 NULL, NULL, NULL,
2142 "gnunet-transport-certificate-creation", 2142 "gnunet-transport-certificate-creation",
2143 "gnunet-transport-certificate-creation", 2143 "gnunet-transport-certificate-creation",
2144 key_file, cert_file, NULL); 2144 key_file,
2145 if (cert_creation == NULL) 2145 cert_file,
2146 NULL);
2147 if (NULL == cert_creation)
2146 { 2148 {
2147 LOG (GNUNET_ERROR_TYPE_ERROR, 2149 LOG (GNUNET_ERROR_TYPE_ERROR,
2148 _("Could not create a new TLS certificate, program `gnunet-transport-certificate-creation' could not be started!\n")); 2150 _("Could not create a new TLS certificate, program `gnunet-transport-certificate-creation' could not be started!\n"));
@@ -2184,34 +2186,27 @@ server_load_certificate (struct HTTP_Server_Plugin *plugin)
2184 } 2186 }
2185 GNUNET_free (key_file); 2187 GNUNET_free (key_file);
2186 GNUNET_free (cert_file); 2188 GNUNET_free (cert_file);
2187 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "TLS certificate loaded\n"); 2189 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2190 "TLS certificate loaded\n");
2188 return res; 2191 return res;
2189} 2192}
2190#endif 2193#endif
2191 2194
2192 2195
2193/** 2196/**
2194 * Start the HTTP server 2197 * Invoke `MHD_start_daemon` with the various options we need to
2198 * setup the HTTP server with the given listen address.
2195 * 2199 *
2196 * @param plugin the plugin handle 2200 * @param plugin our plugin
2197 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure 2201 * @param addr listen address to use
2202 * @return NULL on error
2198 */ 2203 */
2199static int 2204static struct MHD_Daemon *
2200server_start (struct HTTP_Server_Plugin *plugin) 2205run_mhd_start_daemon (struct HTTP_Server_Plugin *plugin,
2206 const struct sockaddr_in *addr)
2201{ 2207{
2208 struct MHD_Daemon *server;
2202 unsigned int timeout; 2209 unsigned int timeout;
2203 char *msg;
2204 GNUNET_assert (NULL != plugin);
2205
2206#if BUILD_HTTPS
2207 if (GNUNET_SYSERR == server_load_certificate (plugin))
2208 {
2209 LOG (GNUNET_ERROR_TYPE_ERROR,
2210 "Could not load or create server certificate! Loading plugin failed!\n");
2211 return GNUNET_SYSERR;
2212 }
2213#endif
2214
2215 2210
2216#if MHD_VERSION >= 0x00090E00 2211#if MHD_VERSION >= 0x00090E00
2217 timeout = HTTP_SERVER_NOT_VALIDATED_TIMEOUT.rel_value_us / 1000LL / 1000LL; 2212 timeout = HTTP_SERVER_NOT_VALIDATED_TIMEOUT.rel_value_us / 1000LL / 1000LL;
@@ -2224,49 +2219,99 @@ server_start (struct HTTP_Server_Plugin *plugin)
2224 "MHD cannot set timeout per connection! Default time out %u sec.\n", 2219 "MHD cannot set timeout per connection! Default time out %u sec.\n",
2225 timeout); 2220 timeout);
2226#endif 2221#endif
2227 2222 server = MHD_start_daemon (
2228 plugin->server_v4 = NULL;
2229 if (plugin->use_ipv4 == GNUNET_YES)
2230 {
2231 plugin->server_v4 = MHD_start_daemon (
2232#if VERBOSE_SERVER 2223#if VERBOSE_SERVER
2233 MHD_USE_DEBUG | 2224 MHD_USE_DEBUG |
2225#endif
2226#if BUILD_HTTPS
2227 MHD_USE_SSL |
2234#endif 2228#endif
2229 MHD_USE_SUSPEND_RESUME,
2230 plugin->port,
2231 &server_accept_cb, plugin,
2232 &server_access_cb, plugin,
2233 MHD_OPTION_SOCK_ADDR,
2234 addr,
2235 MHD_OPTION_CONNECTION_LIMIT,
2236 (unsigned int) plugin->max_request,
2235#if BUILD_HTTPS 2237#if BUILD_HTTPS
2236 MHD_USE_SSL | 2238 MHD_OPTION_HTTPS_PRIORITIES,
2239 plugin->crypto_init,
2240 MHD_OPTION_HTTPS_MEM_KEY,
2241 plugin->key,
2242 MHD_OPTION_HTTPS_MEM_CERT,
2243 plugin->cert,
2237#endif 2244#endif
2238 MHD_USE_SUSPEND_RESUME, 2245 MHD_OPTION_CONNECTION_TIMEOUT,
2239 plugin->port, 2246 timeout,
2240 &server_accept_cb, plugin, 2247 MHD_OPTION_CONNECTION_MEMORY_LIMIT,
2241 &server_access_cb, plugin, 2248 (size_t) (2 *
2242 MHD_OPTION_SOCK_ADDR, 2249 GNUNET_SERVER_MAX_MESSAGE_SIZE),
2243 (struct sockaddr_in *) 2250 MHD_OPTION_NOTIFY_COMPLETED,
2244 plugin->server_addr_v4, 2251 &server_disconnect_cb, plugin,
2245 MHD_OPTION_CONNECTION_LIMIT, 2252 MHD_OPTION_EXTERNAL_LOGGER,
2246 (unsigned int) 2253 &server_log, NULL,
2247 plugin->max_request, 2254 MHD_OPTION_END);
2255#ifdef SO_TCPSTEALTH
2256 if ( (NULL != server) &&
2257 (0 != (plugin->options & HTTP_OPTIONS_TCP_STEALTH)) )
2258 {
2259 union MHD_DaemonInfo *di = MHD_get_daemon_info (server,
2260 MHD_DAEMON_INFO_LISTEN_FD,
2261 NULL);
2262 if ( (0 != setsockopt ((int) di->listen_fd,
2263 IPPROTO_TCP,
2264 SO_TCPSTEALTH,
2265 plugin->env->my_identity,
2266 sizeof (struct GNUNET_PeerIdentity))) )
2267 {
2268 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2269 _("TCP_STEALTH not supported on this platform.\n"));
2270 MHD_stop_daemon (server);
2271 server = NULL;
2272 }
2273 }
2274#endif
2275 return server;
2276}
2277
2278
2279/**
2280 * Start the HTTP server
2281 *
2282 * @param plugin the plugin handle
2283 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
2284 */
2285static int
2286server_start (struct HTTP_Server_Plugin *plugin)
2287{
2288 const char *msg;
2289
2290 GNUNET_assert (NULL != plugin);
2248#if BUILD_HTTPS 2291#if BUILD_HTTPS
2249 MHD_OPTION_HTTPS_PRIORITIES, 2292 if (GNUNET_SYSERR == server_load_certificate (plugin))
2250 plugin->crypto_init, 2293 {
2251 MHD_OPTION_HTTPS_MEM_KEY, 2294 LOG (GNUNET_ERROR_TYPE_ERROR,
2252 plugin->key, 2295 _("Could not load or create server certificate! Loading plugin failed!\n"));
2253 MHD_OPTION_HTTPS_MEM_CERT, 2296 return GNUNET_SYSERR;
2254 plugin->cert, 2297 }
2255#endif 2298#endif
2256 MHD_OPTION_CONNECTION_TIMEOUT, 2299
2257 timeout, 2300
2258 MHD_OPTION_CONNECTION_MEMORY_LIMIT, 2301
2259 (size_t) (2 * 2302 plugin->server_v4 = NULL;
2260 GNUNET_SERVER_MAX_MESSAGE_SIZE), 2303 if (GNUNET_YES == plugin->use_ipv4)
2261 MHD_OPTION_NOTIFY_COMPLETED, 2304 {
2262 &server_disconnect_cb, plugin, 2305 plugin->server_v4
2263 MHD_OPTION_EXTERNAL_LOGGER, 2306 = run_mhd_start_daemon (plugin,
2264 &server_log, NULL, MHD_OPTION_END); 2307 (const struct sockaddr_in *) plugin->server_addr_v4);
2265 if (plugin->server_v4 == NULL) 2308
2309 if (NULL == plugin->server_v4)
2266 { 2310 {
2267 LOG (GNUNET_ERROR_TYPE_ERROR, 2311 LOG (GNUNET_ERROR_TYPE_ERROR,
2268 "Failed to start %s IPv4 server component on port %u\n", 2312 "Failed to start %s IPv4 server component on port %u\n",
2269 plugin->name, plugin->port); 2313 plugin->name,
2314 plugin->port);
2270 } 2315 }
2271 else 2316 else
2272 server_reschedule (plugin, 2317 server_reschedule (plugin,
@@ -2276,70 +2321,48 @@ server_start (struct HTTP_Server_Plugin *plugin)
2276 2321
2277 2322
2278 plugin->server_v6 = NULL; 2323 plugin->server_v6 = NULL;
2279 if (plugin->use_ipv6 == GNUNET_YES) 2324 if (GNUNET_YES == plugin->use_ipv6)
2280 { 2325 {
2281 plugin->server_v6 = MHD_start_daemon ( 2326 plugin->server_v6
2282#if VERBOSE_SERVER 2327 = run_mhd_start_daemon (plugin,
2283 MHD_USE_DEBUG | 2328 (const struct sockaddr_in *) plugin->server_addr_v6);
2284#endif 2329 if (NULL == plugin->server_v6)
2285#if BUILD_HTTPS
2286 MHD_USE_SSL |
2287#endif
2288 MHD_USE_SUSPEND_RESUME | MHD_USE_IPv6,
2289 plugin->port,
2290 &server_accept_cb, plugin,
2291 &server_access_cb, plugin,
2292 MHD_OPTION_SOCK_ADDR,
2293 (struct sockaddr_in6 *)
2294 plugin->server_addr_v6,
2295 MHD_OPTION_CONNECTION_LIMIT,
2296 (unsigned int)
2297 plugin->max_request,
2298#if BUILD_HTTPS
2299 MHD_OPTION_HTTPS_PRIORITIES,
2300 plugin->crypto_init,
2301 MHD_OPTION_HTTPS_MEM_KEY,
2302 plugin->key,
2303 MHD_OPTION_HTTPS_MEM_CERT,
2304 plugin->cert,
2305#endif
2306 MHD_OPTION_CONNECTION_TIMEOUT,
2307 timeout,
2308 MHD_OPTION_CONNECTION_MEMORY_LIMIT,
2309 (size_t) (2 *
2310 GNUNET_SERVER_MAX_MESSAGE_SIZE),
2311 MHD_OPTION_NOTIFY_COMPLETED,
2312 &server_disconnect_cb, plugin,
2313 MHD_OPTION_EXTERNAL_LOGGER,
2314 &server_log, NULL, MHD_OPTION_END);
2315 if (plugin->server_v6 == NULL)
2316 { 2330 {
2317 LOG (GNUNET_ERROR_TYPE_ERROR, 2331 LOG (GNUNET_ERROR_TYPE_ERROR,
2318 "Failed to start %s IPv6 server component on port %u\n", 2332 "Failed to start %s IPv6 server component on port %u\n",
2319 plugin->name, plugin->port); 2333 plugin->name,
2334 plugin->port);
2320 } 2335 }
2321 else 2336 else
2322 server_reschedule (plugin, plugin->server_v6, GNUNET_NO); 2337 {
2338 server_reschedule (plugin,
2339 plugin->server_v6,
2340 GNUNET_NO);
2341 }
2323 } 2342 }
2324 2343 msg = "No";
2325 msg = "No"; 2344 if ( (NULL == plugin->server_v6) &&
2326 if ((plugin->server_v6 == NULL) && (plugin->server_v4 == NULL)) 2345 (NULL == plugin->server_v4) )
2327 { 2346 {
2328 LOG (GNUNET_ERROR_TYPE_ERROR, 2347 LOG (GNUNET_ERROR_TYPE_ERROR,
2329 "%s %s server component started on port %u\n", 2348 "%s %s server component started on port %u\n",
2330 msg, plugin->name, plugin->port); 2349 msg,
2331 sleep (10); 2350 plugin->name,
2351 plugin->port);
2332 return GNUNET_SYSERR; 2352 return GNUNET_SYSERR;
2333 } 2353 }
2334 else if ((plugin->server_v6 != NULL) && (plugin->server_v4 != NULL)) 2354 if ((NULL != plugin->server_v6) &&
2335 msg = "IPv4 and IPv6"; 2355 (NULL != plugin->server_v4))
2336 else if (plugin->server_v6 != NULL) 2356 msg = "IPv4 and IPv6";
2337 msg = "IPv6"; 2357 else if (NULL != plugin->server_v6)
2338 else if (plugin->server_v4 != NULL) 2358 msg = "IPv6";
2339 msg = "IPv4"; 2359 else if (NULL != plugin->server_v4)
2360 msg = "IPv4";
2340 LOG (GNUNET_ERROR_TYPE_DEBUG, 2361 LOG (GNUNET_ERROR_TYPE_DEBUG,
2341 "%s %s server component started on port %u\n", 2362 "%s %s server component started on port %u\n",
2342 msg, plugin->name, plugin->port); 2363 msg,
2364 plugin->name,
2365 plugin->port);
2343 return GNUNET_OK; 2366 return GNUNET_OK;
2344} 2367}
2345 2368
@@ -2862,7 +2885,7 @@ server_notify_external_hostname (void *cls,
2862 2885
2863 urlen = strlen (url) + 1; 2886 urlen = strlen (url) + 1;
2864 ext_addr = GNUNET_malloc (sizeof (struct HttpAddress) + urlen); 2887 ext_addr = GNUNET_malloc (sizeof (struct HttpAddress) + urlen);
2865 ext_addr->options = htonl(plugin->options); 2888 ext_addr->options = htonl (plugin->options);
2866 ext_addr->urlen = htonl (urlen); 2889 ext_addr->urlen = htonl (urlen);
2867 ext_addr_len = sizeof (struct HttpAddress) + urlen; 2890 ext_addr_len = sizeof (struct HttpAddress) + urlen;
2868 memcpy (&ext_addr[1], url, urlen); 2891 memcpy (&ext_addr[1], url, urlen);
@@ -3374,6 +3397,7 @@ LIBGNUNET_PLUGIN_TRANSPORT_INIT (void *cls)
3374 plugin->env = env; 3397 plugin->env = env;
3375 plugin->sessions = GNUNET_CONTAINER_multipeermap_create (128, 3398 plugin->sessions = GNUNET_CONTAINER_multipeermap_create (128,
3376 GNUNET_YES); 3399 GNUNET_YES);
3400
3377 api = GNUNET_new (struct GNUNET_TRANSPORT_PluginFunctions); 3401 api = GNUNET_new (struct GNUNET_TRANSPORT_PluginFunctions);
3378 api->cls = plugin; 3402 api->cls = plugin;
3379 api->send = &http_server_plugin_send; 3403 api->send = &http_server_plugin_send;
@@ -3398,6 +3422,21 @@ LIBGNUNET_PLUGIN_TRANSPORT_INIT (void *cls)
3398 plugin->protocol = "http"; 3422 plugin->protocol = "http";
3399#endif 3423#endif
3400 3424
3425 if (GNUNET_YES ==
3426 GNUNET_CONFIGURATION_get_value_yesno (env->cfg,
3427 plugin->name,
3428 "TCP_STEALTH"))
3429 {
3430#ifdef SO_TCPSTEALTH
3431 plugin->options |= HTTP_OPTIONS_TCP_STEALTH;
3432#else
3433 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3434 _("TCP_STEALTH not supported on this platform.\n"));
3435 LIBGNUNET_PLUGIN_TRANSPORT_DONE (api);
3436 return NULL;
3437#endif
3438 }
3439
3401 /* Compile URL regex */ 3440 /* Compile URL regex */
3402 if (regcomp(&plugin->url_regex, 3441 if (regcomp(&plugin->url_regex,
3403 URL_REGEX, 3442 URL_REGEX,
diff --git a/src/transport/transport.conf.in b/src/transport/transport.conf.in
index 478c342cd..82effb235 100644
--- a/src/transport/transport.conf.in
+++ b/src/transport/transport.conf.in
@@ -91,6 +91,9 @@ ADVERTISED_PORT = 1080
91MAX_CONNECTIONS = 128 91MAX_CONNECTIONS = 128
92TESTING_IGNORE_KEYS = ACCEPT_FROM; 92TESTING_IGNORE_KEYS = ACCEPT_FROM;
93 93
94# Enable TCP stealth?
95TCP_STEALTH = NO
96
94[transport-https_client] 97[transport-https_client]
95MAX_CONNECTIONS = 128 98MAX_CONNECTIONS = 128
96TESTING_IGNORE_KEYS = ACCEPT_FROM; 99TESTING_IGNORE_KEYS = ACCEPT_FROM;
@@ -129,6 +132,9 @@ CERT_FILE = $GNUNET_DATA_HOME/transport/https.cert
129MAX_CONNECTIONS = 128 132MAX_CONNECTIONS = 128
130TESTING_IGNORE_KEYS = ACCEPT_FROM; 133TESTING_IGNORE_KEYS = ACCEPT_FROM;
131 134
135# Enable TCP stealth?
136TCP_STEALTH = NO
137
132[transport-wlan] 138[transport-wlan]
133# Name of the interface in monitor mode (typically monX) 139# Name of the interface in monitor mode (typically monX)
134INTERFACE = mon0 140INTERFACE = mon0