diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/transport/plugin_transport_http_client.c | 2 | ||||
-rw-r--r-- | src/transport/plugin_transport_http_server.c | 249 | ||||
-rw-r--r-- | src/transport/transport.conf.in | 6 |
3 files changed, 152 insertions, 105 deletions
diff --git a/src/transport/plugin_transport_http_client.c b/src/transport/plugin_transport_http_client.c index 16676bc2d..d6f8afdfd 100644 --- a/src/transport/plugin_transport_http_client.c +++ b/src/transport/plugin_transport_http_client.c | |||
@@ -1487,6 +1487,8 @@ open_tcp_stealth_socket_cb (void *clientp, | |||
1487 | &s->address->peer, | 1487 | &s->address->peer, |
1488 | sizeof (struct GNUNET_PeerIdentity))) ) | 1488 | sizeof (struct GNUNET_PeerIdentity))) ) |
1489 | { | 1489 | { |
1490 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1491 | _("TCP_STEALTH not supported on this platform.\n")); | ||
1490 | (void) close (ret); | 1492 | (void) close (ret); |
1491 | return CURL_SOCKET_BAD; | 1493 | return CURL_SOCKET_BAD; |
1492 | } | 1494 | } |
diff --git a/src/transport/plugin_transport_http_server.c b/src/transport/plugin_transport_http_server.c index 47b0bda7f..abc3bcbb0 100644 --- a/src/transport/plugin_transport_http_server.c +++ b/src/transport/plugin_transport_http_server.c | |||
@@ -2141,8 +2141,10 @@ server_load_certificate (struct HTTP_Server_Plugin *plugin) | |||
2141 | NULL, NULL, NULL, | 2141 | NULL, NULL, NULL, |
2142 | "gnunet-transport-certificate-creation", | 2142 | "gnunet-transport-certificate-creation", |
2143 | "gnunet-transport-certificate-creation", | 2143 | "gnunet-transport-certificate-creation", |
2144 | key_file, cert_file, NULL); | 2144 | key_file, |
2145 | if (cert_creation == NULL) | 2145 | cert_file, |
2146 | NULL); | ||
2147 | if (NULL == cert_creation) | ||
2146 | { | 2148 | { |
2147 | LOG (GNUNET_ERROR_TYPE_ERROR, | 2149 | LOG (GNUNET_ERROR_TYPE_ERROR, |
2148 | _("Could not create a new TLS certificate, program `gnunet-transport-certificate-creation' could not be started!\n")); | 2150 | _("Could not create a new TLS certificate, program `gnunet-transport-certificate-creation' could not be started!\n")); |
@@ -2184,34 +2186,27 @@ server_load_certificate (struct HTTP_Server_Plugin *plugin) | |||
2184 | } | 2186 | } |
2185 | GNUNET_free (key_file); | 2187 | GNUNET_free (key_file); |
2186 | GNUNET_free (cert_file); | 2188 | GNUNET_free (cert_file); |
2187 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "TLS certificate loaded\n"); | 2189 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2190 | "TLS certificate loaded\n"); | ||
2188 | return res; | 2191 | return res; |
2189 | } | 2192 | } |
2190 | #endif | 2193 | #endif |
2191 | 2194 | ||
2192 | 2195 | ||
2193 | /** | 2196 | /** |
2194 | * Start the HTTP server | 2197 | * Invoke `MHD_start_daemon` with the various options we need to |
2198 | * setup the HTTP server with the given listen address. | ||
2195 | * | 2199 | * |
2196 | * @param plugin the plugin handle | 2200 | * @param plugin our plugin |
2197 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure | 2201 | * @param addr listen address to use |
2202 | * @return NULL on error | ||
2198 | */ | 2203 | */ |
2199 | static int | 2204 | static struct MHD_Daemon * |
2200 | server_start (struct HTTP_Server_Plugin *plugin) | 2205 | run_mhd_start_daemon (struct HTTP_Server_Plugin *plugin, |
2206 | const struct sockaddr_in *addr) | ||
2201 | { | 2207 | { |
2208 | struct MHD_Daemon *server; | ||
2202 | unsigned int timeout; | 2209 | unsigned int timeout; |
2203 | char *msg; | ||
2204 | GNUNET_assert (NULL != plugin); | ||
2205 | |||
2206 | #if BUILD_HTTPS | ||
2207 | if (GNUNET_SYSERR == server_load_certificate (plugin)) | ||
2208 | { | ||
2209 | LOG (GNUNET_ERROR_TYPE_ERROR, | ||
2210 | "Could not load or create server certificate! Loading plugin failed!\n"); | ||
2211 | return GNUNET_SYSERR; | ||
2212 | } | ||
2213 | #endif | ||
2214 | |||
2215 | 2210 | ||
2216 | #if MHD_VERSION >= 0x00090E00 | 2211 | #if MHD_VERSION >= 0x00090E00 |
2217 | timeout = HTTP_SERVER_NOT_VALIDATED_TIMEOUT.rel_value_us / 1000LL / 1000LL; | 2212 | timeout = HTTP_SERVER_NOT_VALIDATED_TIMEOUT.rel_value_us / 1000LL / 1000LL; |
@@ -2224,49 +2219,99 @@ server_start (struct HTTP_Server_Plugin *plugin) | |||
2224 | "MHD cannot set timeout per connection! Default time out %u sec.\n", | 2219 | "MHD cannot set timeout per connection! Default time out %u sec.\n", |
2225 | timeout); | 2220 | timeout); |
2226 | #endif | 2221 | #endif |
2227 | 2222 | server = MHD_start_daemon ( | |
2228 | plugin->server_v4 = NULL; | ||
2229 | if (plugin->use_ipv4 == GNUNET_YES) | ||
2230 | { | ||
2231 | plugin->server_v4 = MHD_start_daemon ( | ||
2232 | #if VERBOSE_SERVER | 2223 | #if VERBOSE_SERVER |
2233 | MHD_USE_DEBUG | | 2224 | MHD_USE_DEBUG | |
2225 | #endif | ||
2226 | #if BUILD_HTTPS | ||
2227 | MHD_USE_SSL | | ||
2234 | #endif | 2228 | #endif |
2229 | MHD_USE_SUSPEND_RESUME, | ||
2230 | plugin->port, | ||
2231 | &server_accept_cb, plugin, | ||
2232 | &server_access_cb, plugin, | ||
2233 | MHD_OPTION_SOCK_ADDR, | ||
2234 | addr, | ||
2235 | MHD_OPTION_CONNECTION_LIMIT, | ||
2236 | (unsigned int) plugin->max_request, | ||
2235 | #if BUILD_HTTPS | 2237 | #if BUILD_HTTPS |
2236 | MHD_USE_SSL | | 2238 | MHD_OPTION_HTTPS_PRIORITIES, |
2239 | plugin->crypto_init, | ||
2240 | MHD_OPTION_HTTPS_MEM_KEY, | ||
2241 | plugin->key, | ||
2242 | MHD_OPTION_HTTPS_MEM_CERT, | ||
2243 | plugin->cert, | ||
2237 | #endif | 2244 | #endif |
2238 | MHD_USE_SUSPEND_RESUME, | 2245 | MHD_OPTION_CONNECTION_TIMEOUT, |
2239 | plugin->port, | 2246 | timeout, |
2240 | &server_accept_cb, plugin, | 2247 | MHD_OPTION_CONNECTION_MEMORY_LIMIT, |
2241 | &server_access_cb, plugin, | 2248 | (size_t) (2 * |
2242 | MHD_OPTION_SOCK_ADDR, | 2249 | GNUNET_SERVER_MAX_MESSAGE_SIZE), |
2243 | (struct sockaddr_in *) | 2250 | MHD_OPTION_NOTIFY_COMPLETED, |
2244 | plugin->server_addr_v4, | 2251 | &server_disconnect_cb, plugin, |
2245 | MHD_OPTION_CONNECTION_LIMIT, | 2252 | MHD_OPTION_EXTERNAL_LOGGER, |
2246 | (unsigned int) | 2253 | &server_log, NULL, |
2247 | plugin->max_request, | 2254 | MHD_OPTION_END); |
2255 | #ifdef SO_TCPSTEALTH | ||
2256 | if ( (NULL != server) && | ||
2257 | (0 != (plugin->options & HTTP_OPTIONS_TCP_STEALTH)) ) | ||
2258 | { | ||
2259 | union MHD_DaemonInfo *di = MHD_get_daemon_info (server, | ||
2260 | MHD_DAEMON_INFO_LISTEN_FD, | ||
2261 | NULL); | ||
2262 | if ( (0 != setsockopt ((int) di->listen_fd, | ||
2263 | IPPROTO_TCP, | ||
2264 | SO_TCPSTEALTH, | ||
2265 | plugin->env->my_identity, | ||
2266 | sizeof (struct GNUNET_PeerIdentity))) ) | ||
2267 | { | ||
2268 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2269 | _("TCP_STEALTH not supported on this platform.\n")); | ||
2270 | MHD_stop_daemon (server); | ||
2271 | server = NULL; | ||
2272 | } | ||
2273 | } | ||
2274 | #endif | ||
2275 | return server; | ||
2276 | } | ||
2277 | |||
2278 | |||
2279 | /** | ||
2280 | * Start the HTTP server | ||
2281 | * | ||
2282 | * @param plugin the plugin handle | ||
2283 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure | ||
2284 | */ | ||
2285 | static int | ||
2286 | server_start (struct HTTP_Server_Plugin *plugin) | ||
2287 | { | ||
2288 | const char *msg; | ||
2289 | |||
2290 | GNUNET_assert (NULL != plugin); | ||
2248 | #if BUILD_HTTPS | 2291 | #if BUILD_HTTPS |
2249 | MHD_OPTION_HTTPS_PRIORITIES, | 2292 | if (GNUNET_SYSERR == server_load_certificate (plugin)) |
2250 | plugin->crypto_init, | 2293 | { |
2251 | MHD_OPTION_HTTPS_MEM_KEY, | 2294 | LOG (GNUNET_ERROR_TYPE_ERROR, |
2252 | plugin->key, | 2295 | _("Could not load or create server certificate! Loading plugin failed!\n")); |
2253 | MHD_OPTION_HTTPS_MEM_CERT, | 2296 | return GNUNET_SYSERR; |
2254 | plugin->cert, | 2297 | } |
2255 | #endif | 2298 | #endif |
2256 | MHD_OPTION_CONNECTION_TIMEOUT, | 2299 | |
2257 | timeout, | 2300 | |
2258 | MHD_OPTION_CONNECTION_MEMORY_LIMIT, | 2301 | |
2259 | (size_t) (2 * | 2302 | plugin->server_v4 = NULL; |
2260 | GNUNET_SERVER_MAX_MESSAGE_SIZE), | 2303 | if (GNUNET_YES == plugin->use_ipv4) |
2261 | MHD_OPTION_NOTIFY_COMPLETED, | 2304 | { |
2262 | &server_disconnect_cb, plugin, | 2305 | plugin->server_v4 |
2263 | MHD_OPTION_EXTERNAL_LOGGER, | 2306 | = run_mhd_start_daemon (plugin, |
2264 | &server_log, NULL, MHD_OPTION_END); | 2307 | (const struct sockaddr_in *) plugin->server_addr_v4); |
2265 | if (plugin->server_v4 == NULL) | 2308 | |
2309 | if (NULL == plugin->server_v4) | ||
2266 | { | 2310 | { |
2267 | LOG (GNUNET_ERROR_TYPE_ERROR, | 2311 | LOG (GNUNET_ERROR_TYPE_ERROR, |
2268 | "Failed to start %s IPv4 server component on port %u\n", | 2312 | "Failed to start %s IPv4 server component on port %u\n", |
2269 | plugin->name, plugin->port); | 2313 | plugin->name, |
2314 | plugin->port); | ||
2270 | } | 2315 | } |
2271 | else | 2316 | else |
2272 | server_reschedule (plugin, | 2317 | server_reschedule (plugin, |
@@ -2276,70 +2321,48 @@ server_start (struct HTTP_Server_Plugin *plugin) | |||
2276 | 2321 | ||
2277 | 2322 | ||
2278 | plugin->server_v6 = NULL; | 2323 | plugin->server_v6 = NULL; |
2279 | if (plugin->use_ipv6 == GNUNET_YES) | 2324 | if (GNUNET_YES == plugin->use_ipv6) |
2280 | { | 2325 | { |
2281 | plugin->server_v6 = MHD_start_daemon ( | 2326 | plugin->server_v6 |
2282 | #if VERBOSE_SERVER | 2327 | = run_mhd_start_daemon (plugin, |
2283 | MHD_USE_DEBUG | | 2328 | (const struct sockaddr_in *) plugin->server_addr_v6); |
2284 | #endif | 2329 | if (NULL == plugin->server_v6) |
2285 | #if BUILD_HTTPS | ||
2286 | MHD_USE_SSL | | ||
2287 | #endif | ||
2288 | MHD_USE_SUSPEND_RESUME | MHD_USE_IPv6, | ||
2289 | plugin->port, | ||
2290 | &server_accept_cb, plugin, | ||
2291 | &server_access_cb, plugin, | ||
2292 | MHD_OPTION_SOCK_ADDR, | ||
2293 | (struct sockaddr_in6 *) | ||
2294 | plugin->server_addr_v6, | ||
2295 | MHD_OPTION_CONNECTION_LIMIT, | ||
2296 | (unsigned int) | ||
2297 | plugin->max_request, | ||
2298 | #if BUILD_HTTPS | ||
2299 | MHD_OPTION_HTTPS_PRIORITIES, | ||
2300 | plugin->crypto_init, | ||
2301 | MHD_OPTION_HTTPS_MEM_KEY, | ||
2302 | plugin->key, | ||
2303 | MHD_OPTION_HTTPS_MEM_CERT, | ||
2304 | plugin->cert, | ||
2305 | #endif | ||
2306 | MHD_OPTION_CONNECTION_TIMEOUT, | ||
2307 | timeout, | ||
2308 | MHD_OPTION_CONNECTION_MEMORY_LIMIT, | ||
2309 | (size_t) (2 * | ||
2310 | GNUNET_SERVER_MAX_MESSAGE_SIZE), | ||
2311 | MHD_OPTION_NOTIFY_COMPLETED, | ||
2312 | &server_disconnect_cb, plugin, | ||
2313 | MHD_OPTION_EXTERNAL_LOGGER, | ||
2314 | &server_log, NULL, MHD_OPTION_END); | ||
2315 | if (plugin->server_v6 == NULL) | ||
2316 | { | 2330 | { |
2317 | LOG (GNUNET_ERROR_TYPE_ERROR, | 2331 | LOG (GNUNET_ERROR_TYPE_ERROR, |
2318 | "Failed to start %s IPv6 server component on port %u\n", | 2332 | "Failed to start %s IPv6 server component on port %u\n", |
2319 | plugin->name, plugin->port); | 2333 | plugin->name, |
2334 | plugin->port); | ||
2320 | } | 2335 | } |
2321 | else | 2336 | else |
2322 | server_reschedule (plugin, plugin->server_v6, GNUNET_NO); | 2337 | { |
2338 | server_reschedule (plugin, | ||
2339 | plugin->server_v6, | ||
2340 | GNUNET_NO); | ||
2341 | } | ||
2323 | } | 2342 | } |
2324 | 2343 | msg = "No"; | |
2325 | msg = "No"; | 2344 | if ( (NULL == plugin->server_v6) && |
2326 | if ((plugin->server_v6 == NULL) && (plugin->server_v4 == NULL)) | 2345 | (NULL == plugin->server_v4) ) |
2327 | { | 2346 | { |
2328 | LOG (GNUNET_ERROR_TYPE_ERROR, | 2347 | LOG (GNUNET_ERROR_TYPE_ERROR, |
2329 | "%s %s server component started on port %u\n", | 2348 | "%s %s server component started on port %u\n", |
2330 | msg, plugin->name, plugin->port); | 2349 | msg, |
2331 | sleep (10); | 2350 | plugin->name, |
2351 | plugin->port); | ||
2332 | return GNUNET_SYSERR; | 2352 | return GNUNET_SYSERR; |
2333 | } | 2353 | } |
2334 | else if ((plugin->server_v6 != NULL) && (plugin->server_v4 != NULL)) | 2354 | if ((NULL != plugin->server_v6) && |
2335 | msg = "IPv4 and IPv6"; | 2355 | (NULL != plugin->server_v4)) |
2336 | else if (plugin->server_v6 != NULL) | 2356 | msg = "IPv4 and IPv6"; |
2337 | msg = "IPv6"; | 2357 | else if (NULL != plugin->server_v6) |
2338 | else if (plugin->server_v4 != NULL) | 2358 | msg = "IPv6"; |
2339 | msg = "IPv4"; | 2359 | else if (NULL != plugin->server_v4) |
2360 | msg = "IPv4"; | ||
2340 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 2361 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2341 | "%s %s server component started on port %u\n", | 2362 | "%s %s server component started on port %u\n", |
2342 | msg, plugin->name, plugin->port); | 2363 | msg, |
2364 | plugin->name, | ||
2365 | plugin->port); | ||
2343 | return GNUNET_OK; | 2366 | return GNUNET_OK; |
2344 | } | 2367 | } |
2345 | 2368 | ||
@@ -2862,7 +2885,7 @@ server_notify_external_hostname (void *cls, | |||
2862 | 2885 | ||
2863 | urlen = strlen (url) + 1; | 2886 | urlen = strlen (url) + 1; |
2864 | ext_addr = GNUNET_malloc (sizeof (struct HttpAddress) + urlen); | 2887 | ext_addr = GNUNET_malloc (sizeof (struct HttpAddress) + urlen); |
2865 | ext_addr->options = htonl(plugin->options); | 2888 | ext_addr->options = htonl (plugin->options); |
2866 | ext_addr->urlen = htonl (urlen); | 2889 | ext_addr->urlen = htonl (urlen); |
2867 | ext_addr_len = sizeof (struct HttpAddress) + urlen; | 2890 | ext_addr_len = sizeof (struct HttpAddress) + urlen; |
2868 | memcpy (&ext_addr[1], url, urlen); | 2891 | memcpy (&ext_addr[1], url, urlen); |
@@ -3374,6 +3397,7 @@ LIBGNUNET_PLUGIN_TRANSPORT_INIT (void *cls) | |||
3374 | plugin->env = env; | 3397 | plugin->env = env; |
3375 | plugin->sessions = GNUNET_CONTAINER_multipeermap_create (128, | 3398 | plugin->sessions = GNUNET_CONTAINER_multipeermap_create (128, |
3376 | GNUNET_YES); | 3399 | GNUNET_YES); |
3400 | |||
3377 | api = GNUNET_new (struct GNUNET_TRANSPORT_PluginFunctions); | 3401 | api = GNUNET_new (struct GNUNET_TRANSPORT_PluginFunctions); |
3378 | api->cls = plugin; | 3402 | api->cls = plugin; |
3379 | api->send = &http_server_plugin_send; | 3403 | api->send = &http_server_plugin_send; |
@@ -3398,6 +3422,21 @@ LIBGNUNET_PLUGIN_TRANSPORT_INIT (void *cls) | |||
3398 | plugin->protocol = "http"; | 3422 | plugin->protocol = "http"; |
3399 | #endif | 3423 | #endif |
3400 | 3424 | ||
3425 | if (GNUNET_YES == | ||
3426 | GNUNET_CONFIGURATION_get_value_yesno (env->cfg, | ||
3427 | plugin->name, | ||
3428 | "TCP_STEALTH")) | ||
3429 | { | ||
3430 | #ifdef SO_TCPSTEALTH | ||
3431 | plugin->options |= HTTP_OPTIONS_TCP_STEALTH; | ||
3432 | #else | ||
3433 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
3434 | _("TCP_STEALTH not supported on this platform.\n")); | ||
3435 | LIBGNUNET_PLUGIN_TRANSPORT_DONE (api); | ||
3436 | return NULL; | ||
3437 | #endif | ||
3438 | } | ||
3439 | |||
3401 | /* Compile URL regex */ | 3440 | /* Compile URL regex */ |
3402 | if (regcomp(&plugin->url_regex, | 3441 | if (regcomp(&plugin->url_regex, |
3403 | URL_REGEX, | 3442 | URL_REGEX, |
diff --git a/src/transport/transport.conf.in b/src/transport/transport.conf.in index 478c342cd..82effb235 100644 --- a/src/transport/transport.conf.in +++ b/src/transport/transport.conf.in | |||
@@ -91,6 +91,9 @@ ADVERTISED_PORT = 1080 | |||
91 | MAX_CONNECTIONS = 128 | 91 | MAX_CONNECTIONS = 128 |
92 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | 92 | TESTING_IGNORE_KEYS = ACCEPT_FROM; |
93 | 93 | ||
94 | # Enable TCP stealth? | ||
95 | TCP_STEALTH = NO | ||
96 | |||
94 | [transport-https_client] | 97 | [transport-https_client] |
95 | MAX_CONNECTIONS = 128 | 98 | MAX_CONNECTIONS = 128 |
96 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | 99 | TESTING_IGNORE_KEYS = ACCEPT_FROM; |
@@ -129,6 +132,9 @@ CERT_FILE = $GNUNET_DATA_HOME/transport/https.cert | |||
129 | MAX_CONNECTIONS = 128 | 132 | MAX_CONNECTIONS = 128 |
130 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | 133 | TESTING_IGNORE_KEYS = ACCEPT_FROM; |
131 | 134 | ||
135 | # Enable TCP stealth? | ||
136 | TCP_STEALTH = NO | ||
137 | |||
132 | [transport-wlan] | 138 | [transport-wlan] |
133 | # Name of the interface in monitor mode (typically monX) | 139 | # Name of the interface in monitor mode (typically monX) |
134 | INTERFACE = mon0 | 140 | INTERFACE = mon0 |