summaryrefslogtreecommitdiff
path: root/src/serv.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/serv.c')
-rw-r--r--src/serv.c996
1 files changed, 498 insertions, 498 deletions
diff --git a/src/serv.c b/src/serv.c
index 7834139d6d..3d348d2cd2 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -126,11 +126,11 @@ static int wrap_db_delete (void *dbf, gnutls_datum_t key);
#define HTTP_STATE_CLOSING 3
LIST_TYPE_DECLARE (listener_item, char *http_request; char *http_response;
- int request_length; int response_length;
- int response_written; int http_state;
- int listen_socket; int fd;
- gnutls_session_t tls_session;
- int handshake_ok;
+ int request_length; int response_length;
+ int response_written; int http_state;
+ int listen_socket; int fd;
+ gnutls_session_t tls_session;
+ int handshake_ok;
);
static const char *
@@ -259,7 +259,7 @@ static_dh_params (void)
}
ret = gnutls_dh_params_import_pkcs3 (dh_params, &params,
- GNUTLS_X509_FMT_PEM);
+ GNUTLS_X509_FMT_PEM);
if (ret < 0)
{
@@ -274,19 +274,19 @@ static_dh_params (void)
static int
get_params (gnutls_session_t session, gnutls_params_type_t type,
- gnutls_params_st * st)
+ gnutls_params_st * st)
{
if (type == GNUTLS_PARAMS_RSA_EXPORT)
{
if (rsa_params == NULL)
- return -1;
+ return -1;
st->params.rsa_export = rsa_params;
}
else if (type == GNUTLS_PARAMS_DH)
{
if (dh_params == NULL)
- return -1;
+ return -1;
st->params.dh = dh_params;
}
else
@@ -392,9 +392,9 @@ initialize_session (void)
else
{
if (require_cert)
- gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE);
+ gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE);
else
- gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
+ gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
}
return session;
@@ -412,7 +412,7 @@ static const char DEFAULT_DATA[] =
#define tmp2 &http_buffer[strlen(http_buffer)], len-strlen(http_buffer)
static char *
peer_print_info (gnutls_session_t session, int *ret_length,
- const char *header)
+ const char *header)
{
const char *tmp;
unsigned char sesid[32];
@@ -427,14 +427,14 @@ peer_print_info (gnutls_session_t session, int *ret_length,
{
http_buffer = malloc (len);
if (http_buffer == NULL)
- return NULL;
+ return NULL;
strcpy (http_buffer, HTTP_BEGIN);
strcpy (&http_buffer[sizeof (HTTP_BEGIN) - 1], DEFAULT_DATA);
strcpy (&http_buffer[sizeof (HTTP_BEGIN) + sizeof (DEFAULT_DATA) - 2],
- HTTP_END);
+ HTTP_END);
*ret_length =
- sizeof (DEFAULT_DATA) + sizeof (HTTP_BEGIN) + sizeof (HTTP_END) - 3;
+ sizeof (DEFAULT_DATA) + sizeof (HTTP_BEGIN) + sizeof (HTTP_END) - 3;
return http_buffer;
}
@@ -447,29 +447,29 @@ peer_print_info (gnutls_session_t session, int *ret_length,
cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
for (i = 0; i < cert_list_size; i++)
- {
- gnutls_x509_crt_t cert;
- gnutls_datum_t info;
-
- if (gnutls_x509_crt_init (&cert) == 0 &&
- gnutls_x509_crt_import (cert, &cert_list[i],
- GNUTLS_X509_FMT_DER) == 0 &&
- gnutls_x509_crt_print (cert, GNUTLS_CRT_PRINT_FULL, &info) == 0)
- {
- const char *post = "</PRE><P><PRE>";
-
- crtinfo = realloc (crtinfo, ncrtinfo + info.size +
- strlen (post) + 1);
- if (crtinfo == NULL)
- return NULL;
- memcpy (crtinfo + ncrtinfo, info.data, info.size);
- ncrtinfo += info.size;
- memcpy (crtinfo + ncrtinfo, post, strlen (post));
- ncrtinfo += strlen (post);
- crtinfo[ncrtinfo] = '\0';
- gnutls_free (info.data);
- }
- }
+ {
+ gnutls_x509_crt_t cert;
+ gnutls_datum_t info;
+
+ if (gnutls_x509_crt_init (&cert) == 0 &&
+ gnutls_x509_crt_import (cert, &cert_list[i],
+ GNUTLS_X509_FMT_DER) == 0 &&
+ gnutls_x509_crt_print (cert, GNUTLS_CRT_PRINT_FULL, &info) == 0)
+ {
+ const char *post = "</PRE><P><PRE>";
+
+ crtinfo = realloc (crtinfo, ncrtinfo + info.size +
+ strlen (post) + 1);
+ if (crtinfo == NULL)
+ return NULL;
+ memcpy (crtinfo + ncrtinfo, info.data, info.size);
+ ncrtinfo += info.size;
+ memcpy (crtinfo + ncrtinfo, post, strlen (post));
+ ncrtinfo += strlen (post);
+ crtinfo[ncrtinfo] = '\0';
+ gnutls_free (info.data);
+ }
+ }
}
http_buffer = malloc (len);
@@ -488,8 +488,8 @@ peer_print_info (gnutls_session_t session, int *ret_length,
snprintf (tmp2, "%.2X", sesid[i]);
snprintf (tmp2, "</i></p>\n");
snprintf (tmp2,
- "<h5>If your browser supports session resuming, then you should see the "
- "same session ID, when you press the <b>reload</b> button.</h5>\n");
+ "<h5>If your browser supports session resuming, then you should see the "
+ "same session ID, when you press the <b>reload</b> button.</h5>\n");
/* Here unlike print_info() we use the kx algorithm to distinguish
* the functions to call.
@@ -501,7 +501,7 @@ peer_print_info (gnutls_session_t session, int *ret_length,
if (gnutls_server_name_get (session, dns, &dns_size, &type, 0) == 0)
{
- snprintf (tmp2, "\n<p>Server Name: %s</p>\n", dns);
+ snprintf (tmp2, "\n<p>Server Name: %s</p>\n", dns);
}
}
@@ -513,7 +513,7 @@ peer_print_info (gnutls_session_t session, int *ret_length,
if (kx_alg == GNUTLS_KX_SRP)
{
snprintf (tmp2, "<p>Connected as user '%s'.</p>\n",
- gnutls_srp_server_get_username (session));
+ gnutls_srp_server_get_username (session));
}
#endif
@@ -521,7 +521,7 @@ peer_print_info (gnutls_session_t session, int *ret_length,
if (kx_alg == GNUTLS_KX_PSK)
{
snprintf (tmp2, "<p>Connected as user '%s'.</p>\n",
- gnutls_psk_server_get_username (session));
+ gnutls_psk_server_get_username (session));
}
#endif
@@ -529,16 +529,16 @@ peer_print_info (gnutls_session_t session, int *ret_length,
if (kx_alg == GNUTLS_KX_ANON_DH)
{
snprintf (tmp2,
- "<p> Connect using anonymous DH (prime of %d bits)</p>\n",
- gnutls_dh_get_prime_bits (session));
+ "<p> Connect using anonymous DH (prime of %d bits)</p>\n",
+ gnutls_dh_get_prime_bits (session));
}
#endif
if (kx_alg == GNUTLS_KX_DHE_RSA || kx_alg == GNUTLS_KX_DHE_DSS)
{
snprintf (tmp2,
- "Ephemeral DH using prime of <b>%d</b> bits.<br>\n",
- gnutls_dh_get_prime_bits (session));
+ "Ephemeral DH using prime of <b>%d</b> bits.<br>\n",
+ gnutls_dh_get_prime_bits (session));
}
/* print session information */
@@ -548,18 +548,18 @@ peer_print_info (gnutls_session_t session, int *ret_length,
if (tmp == NULL)
tmp = str_unknown;
snprintf (tmp2,
- "<TABLE border=1><TR><TD>Protocol version:</TD><TD>%s</TD></TR>\n",
- tmp);
+ "<TABLE border=1><TR><TD>Protocol version:</TD><TD>%s</TD></TR>\n",
+ tmp);
if (gnutls_auth_get_type (session) == GNUTLS_CRD_CERTIFICATE)
{
tmp =
- gnutls_certificate_type_get_name (gnutls_certificate_type_get
- (session));
+ gnutls_certificate_type_get_name (gnutls_certificate_type_get
+ (session));
if (tmp == NULL)
- tmp = str_unknown;
+ tmp = str_unknown;
snprintf (tmp2, "<TR><TD>Certificate Type:</TD><TD>%s</TD></TR>\n",
- tmp);
+ tmp);
}
tmp = gnutls_kx_get_name (kx_alg);
@@ -583,12 +583,12 @@ peer_print_info (gnutls_session_t session, int *ret_length,
snprintf (tmp2, "<TR><TD>MAC</TD><TD>%s</TD></TR>\n", tmp);
tmp = gnutls_cipher_suite_get_name (kx_alg,
- gnutls_cipher_get (session),
- gnutls_mac_get (session));
+ gnutls_cipher_get (session),
+ gnutls_mac_get (session));
if (tmp == NULL)
tmp = str_unknown;
snprintf (tmp2, "<TR><TD>Ciphersuite</TD><TD>%s</TD></TR></p></TABLE>\n",
- tmp);
+ tmp);
if (crtinfo)
{
@@ -597,7 +597,7 @@ peer_print_info (gnutls_session_t session, int *ret_length,
}
snprintf (tmp2, "<hr><P>Your HTTP header was:<PRE>%s</PRE></P>\n" HTTP_END,
- header);
+ header);
*ret_length = strlen (http_buffer);
@@ -606,7 +606,7 @@ peer_print_info (gnutls_session_t session, int *ret_length,
static const char *
human_addr (const struct sockaddr *sa, socklen_t salen,
- char *buf, size_t buflen)
+ char *buf, size_t buflen)
{
const char *save_buf = buf;
size_t l;
@@ -676,41 +676,41 @@ listen_socket (const char *name, int listen_port)
{
/* Print what we are doing. */
{
- char topbuf[512];
+ char topbuf[512];
- fprintf (stderr, "%s listening on %s...",
- name, human_addr (ptr->ai_addr, ptr->ai_addrlen,
- topbuf, sizeof (topbuf)));
+ fprintf (stderr, "%s listening on %s...",
+ name, human_addr (ptr->ai_addr, ptr->ai_addrlen,
+ topbuf, sizeof (topbuf)));
}
if ((s = socket (ptr->ai_family, ptr->ai_socktype,
- ptr->ai_protocol)) < 0)
- {
- perror ("socket() failed");
- continue;
- }
+ ptr->ai_protocol)) < 0)
+ {
+ perror ("socket() failed");
+ continue;
+ }
yes = 1;
if (setsockopt (s, SOL_SOCKET, SO_REUSEADDR,
- (const void *) &yes, sizeof (yes)) < 0)
- {
- perror ("setsockopt() failed");
- failed:
- close (s);
- continue;
- }
+ (const void *) &yes, sizeof (yes)) < 0)
+ {
+ perror ("setsockopt() failed");
+ failed:
+ close (s);
+ continue;
+ }
if (bind (s, ptr->ai_addr, ptr->ai_addrlen) < 0)
- {
- perror ("bind() failed");
- goto failed;
- }
+ {
+ perror ("bind() failed");
+ goto failed;
+ }
if (listen (s, 10) < 0)
- {
- perror ("listen() failed");
- goto failed;
- }
+ {
+ perror ("listen() failed");
+ goto failed;
+ }
/* new list entry for the connection */
lappend (listener_list);
@@ -742,34 +742,34 @@ strip (char *data)
for (i = 0; i < len; i++)
{
if (data[i] == '\r' && data[i + 1] == '\n' && data[i + 1] == 0)
- {
- data[i] = '\n';
- data[i + 1] = 0;
- break;
- }
+ {
+ data[i] = '\n';
+ data[i + 1] = 0;
+ break;
+ }
}
}
static void
get_response (gnutls_session_t session, char *request,
- char **response, int *response_length)
+ char **response, int *response_length)
{
char *p, *h;
if (http != 0)
{
if (strncmp (request, "GET ", 4))
- goto unimplemented;
+ goto unimplemented;
if (!(h = strchr (request, '\n')))
- goto unimplemented;
+ goto unimplemented;
*h++ = '\0';
while (*h == '\r' || *h == '\n')
- h++;
+ h++;
if (!(p = strchr (request + 4, ' ')))
- goto unimplemented;
+ goto unimplemented;
*p = '\0';
}
/* *response = peer_print_info(session, request+4, h, response_length); */
@@ -782,18 +782,18 @@ get_response (gnutls_session_t session, char *request,
strip (request);
fprintf (stderr, "received: %s\n", request);
if (request[0] == request[1] && request[0] == '*')
- {
- if (strncmp
- (request, "**REHANDSHAKE**",
- sizeof ("**REHANDSHAKE**") - 1) == 0)
- {
- fprintf (stderr, "*** Sending rehandshake request\n");
- gnutls_rehandshake (session);
- }
- *response = NULL;
- *response_length = 0;
- return;
- }
+ {
+ if (strncmp
+ (request, "**REHANDSHAKE**",
+ sizeof ("**REHANDSHAKE**") - 1) == 0)
+ {
+ fprintf (stderr, "*** Sending rehandshake request\n");
+ gnutls_rehandshake (session);
+ }
+ *response = NULL;
+ *response_length = 0;
+ return;
+ }
*response = strdup (request);
*response_length = ((*response) ? strlen (*response) : 0);
}
@@ -823,12 +823,12 @@ check_alert (gnutls_session_t session, int ret)
{
int last_alert = gnutls_alert_get (session);
if (last_alert == GNUTLS_A_NO_RENEGOTIATION &&
- ret == GNUTLS_E_WARNING_ALERT_RECEIVED)
- printf
- ("* Received NO_RENEGOTIATION alert. Client does not support renegotiation.\n");
+ ret == GNUTLS_E_WARNING_ALERT_RECEIVED)
+ printf
+ ("* Received NO_RENEGOTIATION alert. Client does not support renegotiation.\n");
else
- printf ("* Received alert '%d': %s.\n", last_alert,
- gnutls_alert_get_name (last_alert));
+ printf ("* Received alert '%d': %s.\n", last_alert,
+ gnutls_alert_get_name (last_alert));
}
}
@@ -857,7 +857,7 @@ main (int argc, char **argv)
signal (SIGHUP, SIG_IGN);
signal (SIGTERM, terminate);
if (signal (SIGINT, terminate) == SIG_IGN)
- signal (SIGINT, SIG_IGN); /* e.g. background process */
+ signal (SIGINT, SIG_IGN); /* e.g. background process */
#endif
sockets_init ();
@@ -919,31 +919,31 @@ main (int argc, char **argv)
if (x509_cafile != NULL)
{
if ((ret = gnutls_certificate_set_x509_trust_file
- (cert_cred, x509_cafile, x509ctype)) < 0)
- {
- fprintf (stderr, "Error reading '%s'\n", x509_cafile);
- GERR (ret);
- exit (1);
- }
+ (cert_cred, x509_cafile, x509ctype)) < 0)
+ {
+ fprintf (stderr, "Error reading '%s'\n", x509_cafile);
+ GERR (ret);
+ exit (1);
+ }
else
- {
- printf ("Processed %d CA certificate(s).\n", ret);
- }
+ {
+ printf ("Processed %d CA certificate(s).\n", ret);
+ }
}
#ifdef ENABLE_PKI
if (x509_crlfile != NULL)
{
if ((ret = gnutls_certificate_set_x509_crl_file
- (cert_cred, x509_crlfile, x509ctype)) < 0)
- {
- fprintf (stderr, "Error reading '%s'\n", x509_crlfile);
- GERR (ret);
- exit (1);
- }
+ (cert_cred, x509_crlfile, x509ctype)) < 0)
+ {
+ fprintf (stderr, "Error reading '%s'\n", x509_crlfile);
+ GERR (ret);
+ exit (1);
+ }
else
- {
- printf ("Processed %d CRL(s).\n", ret);
- }
+ {
+ printf ("Processed %d CRL(s).\n", ret);
+ }
}
#endif
@@ -951,53 +951,53 @@ main (int argc, char **argv)
if (pgp_keyring != NULL)
{
ret =
- gnutls_certificate_set_openpgp_keyring_file (cert_cred, pgp_keyring,
- GNUTLS_OPENPGP_FMT_BASE64);
+ gnutls_certificate_set_openpgp_keyring_file (cert_cred, pgp_keyring,
+ GNUTLS_OPENPGP_FMT_BASE64);
if (ret < 0)
- {
- fprintf (stderr, "Error setting the OpenPGP keyring file\n");
- GERR (ret);
- }
+ {
+ fprintf (stderr, "Error setting the OpenPGP keyring file\n");
+ GERR (ret);
+ }
}
if (pgp_certfile != NULL)
{
if (info.pgp_subkey != NULL)
- ret = gnutls_certificate_set_openpgp_key_file2
- (cert_cred, pgp_certfile, pgp_keyfile, info.pgp_subkey,
- GNUTLS_OPENPGP_FMT_BASE64);
+ ret = gnutls_certificate_set_openpgp_key_file2
+ (cert_cred, pgp_certfile, pgp_keyfile, info.pgp_subkey,
+ GNUTLS_OPENPGP_FMT_BASE64);
else
- ret = gnutls_certificate_set_openpgp_key_file
- (cert_cred, pgp_certfile, pgp_keyfile, GNUTLS_OPENPGP_FMT_BASE64);
+ ret = gnutls_certificate_set_openpgp_key_file
+ (cert_cred, pgp_certfile, pgp_keyfile, GNUTLS_OPENPGP_FMT_BASE64);
if (ret < 0)
- {
- fprintf (stderr,
- "Error[%d] while reading the OpenPGP key pair ('%s', '%s')\n",
- ret, pgp_certfile, pgp_keyfile);
- GERR (ret);
- }
+ {
+ fprintf (stderr,
+ "Error[%d] while reading the OpenPGP key pair ('%s', '%s')\n",
+ ret, pgp_certfile, pgp_keyfile);
+ GERR (ret);
+ }
}
#endif
if (x509_certfile != NULL)
if ((ret = gnutls_certificate_set_x509_key_file
- (cert_cred, x509_certfile, x509_keyfile, x509ctype)) < 0)
+ (cert_cred, x509_certfile, x509_keyfile, x509ctype)) < 0)
{
- fprintf (stderr,
- "Error reading '%s' or '%s'\n", x509_certfile, x509_keyfile);
- GERR (ret);
- exit (1);
+ fprintf (stderr,
+ "Error reading '%s' or '%s'\n", x509_certfile, x509_keyfile);
+ GERR (ret);
+ exit (1);
}
if (x509_dsacertfile != NULL)
if ((ret = gnutls_certificate_set_x509_key_file
- (cert_cred, x509_dsacertfile, x509_dsakeyfile, x509ctype)) < 0)
+ (cert_cred, x509_dsacertfile, x509_dsakeyfile, x509ctype)) < 0)
{
- fprintf (stderr, "Error reading '%s' or '%s'\n",
- x509_dsacertfile, x509_dsakeyfile);
- GERR (ret);
- exit (1);
+ fprintf (stderr, "Error reading '%s' or '%s'\n",
+ x509_dsacertfile, x509_dsakeyfile);
+ GERR (ret);
+ exit (1);
}
gnutls_certificate_set_params_function (cert_cred, get_params);
@@ -1014,14 +1014,14 @@ main (int argc, char **argv)
gnutls_srp_allocate_server_credentials (&srp_cred);
if ((ret =
- gnutls_srp_set_server_credentials_file (srp_cred, srp_passwd,
- srp_passwd_conf)) < 0)
- {
- /* only exit is this function is not disabled
- */
- fprintf (stderr, "Error while setting SRP parameters\n");
- GERR (ret);
- }
+ gnutls_srp_set_server_credentials_file (srp_cred, srp_passwd,
+ srp_passwd_conf)) < 0)
+ {
+ /* only exit is this function is not disabled
+ */
+ fprintf (stderr, "Error while setting SRP parameters\n");
+ GERR (ret);
+ }
}
#endif
@@ -1033,24 +1033,24 @@ main (int argc, char **argv)
gnutls_psk_allocate_server_credentials (&psk_cred);
if ((ret =
- gnutls_psk_set_server_credentials_file (psk_cred, psk_passwd)) < 0)
- {
- /* only exit is this function is not disabled
- */
- fprintf (stderr, "Error while setting PSK parameters\n");
- GERR (ret);
- }
+ gnutls_psk_set_server_credentials_file (psk_cred, psk_passwd)) < 0)
+ {
+ /* only exit is this function is not disabled
+ */
+ fprintf (stderr, "Error while setting PSK parameters\n");
+ GERR (ret);
+ }
if (info.psk_hint)
- {
- ret = gnutls_psk_set_server_credentials_hint (psk_cred,
- info.psk_hint);
- if (ret)
- {
- fprintf (stderr, "Error setting PSK identity hint.\n");
- GERR (ret);
- }
- }
+ {
+ ret = gnutls_psk_set_server_credentials_hint (psk_cred,
+ info.psk_hint);
+ if (ret)
+ {
+ fprintf (stderr, "Error setting PSK identity hint.\n");
+ GERR (ret);
+ }
+ }
gnutls_psk_set_server_params_function (psk_cred, get_params);
}
@@ -1086,333 +1086,333 @@ main (int argc, char **argv)
{
#ifndef _WIN32
- val = fcntl (j->fd, F_GETFL, 0);
- if ((val == -1) || (fcntl (j->fd, F_SETFL, val | O_NONBLOCK) < 0))
- {
- perror ("fcntl()");
- exit (1);
- }
+ val = fcntl (j->fd, F_GETFL, 0);
+ if ((val == -1) || (fcntl (j->fd, F_SETFL, val | O_NONBLOCK) < 0))
+ {
+ perror ("fcntl()");
+ exit (1);
+ }
#endif
- if (j->listen_socket)
- {
- FD_SET (j->fd, &rd);
- n = MAX (n, j->fd);
- }
- if (j->http_state == HTTP_STATE_REQUEST)
- {
- FD_SET (j->fd, &rd);
- n = MAX (n, j->fd);
- }
- if (j->http_state == HTTP_STATE_RESPONSE)
- {
- FD_SET (j->fd, &wr);
- n = MAX (n, j->fd);
- }
+ if (j->listen_socket)
+ {
+ FD_SET (j->fd, &rd);
+ n = MAX (n, j->fd);
+ }
+ if (j->http_state == HTTP_STATE_REQUEST)
+ {
+ FD_SET (j->fd, &rd);
+ n = MAX (n, j->fd);
+ }
+ if (j->http_state == HTTP_STATE_RESPONSE)
+ {
+ FD_SET (j->fd, &wr);
+ n = MAX (n, j->fd);
+ }
}
lloopend (listener_list, j);
/* core operation */
n = select (n + 1, &rd, &wr, NULL, NULL);
if (n == -1 && errno == EINTR)
- continue;
+ continue;
if (n < 0)
- {
- perror ("select()");
- exit (1);
- }
+ {
+ perror ("select()");
+ exit (1);
+ }
/* read or write to each connection as indicated by select()'s return argument */
lloopstart (listener_list, j)
{
- /* a new connection has arrived */
- if (FD_ISSET (j->fd, &rd) && j->listen_socket)
- {
- gnutls_session_t tls_session;
-
- tls_session = initialize_session ();
-
- calen = sizeof (client_address);
- memset (&client_address, 0, calen);
- accept_fd = accept (j->fd, (struct sockaddr *) &client_address,
- &calen);
-
- if (accept_fd < 0)
- {
- perror ("accept()");
- }
- else
- {
- time_t tt;
- char *ctt;
-
- /* new list entry for the connection */
- lappend (listener_list);
- j = listener_list.tail;
- j->http_request = (char *) strdup ("");
- j->http_state = HTTP_STATE_REQUEST;
- j->fd = accept_fd;
-
- j->tls_session = tls_session;
- gnutls_transport_set_ptr (tls_session,
- (gnutls_transport_ptr_t)
- gl_fd_to_handle (accept_fd));
- j->handshake_ok = 0;
-
- if (verbose == 0)
- {
- tt = time (0);
- ctt = ctime (&tt);
- ctt[strlen (ctt) - 1] = 0;
-
- printf ("\n* Accepted connection from %s on %s\n",
- human_addr ((struct sockaddr *)
- &client_address, calen, topbuf,
- sizeof (topbuf)), ctt);
- }
- }
- }
-
- if (FD_ISSET (j->fd, &rd) && !j->listen_socket)
- {
+ /* a new connection has arrived */
+ if (FD_ISSET (j->fd, &rd) && j->listen_socket)
+ {
+ gnutls_session_t tls_session;
+
+ tls_session = initialize_session ();
+
+ calen = sizeof (client_address);
+ memset (&client_address, 0, calen);
+ accept_fd = accept (j->fd, (struct sockaddr *) &client_address,
+ &calen);
+
+ if (accept_fd < 0)
+ {
+ perror ("accept()");
+ }
+ else
+ {
+ time_t tt;
+ char *ctt;
+
+ /* new list entry for the connection */
+ lappend (listener_list);
+ j = listener_list.tail;
+ j->http_request = (char *) strdup ("");
+ j->http_state = HTTP_STATE_REQUEST;
+ j->fd = accept_fd;
+
+ j->tls_session = tls_session;
+ gnutls_transport_set_ptr (tls_session,
+ (gnutls_transport_ptr_t)
+ gl_fd_to_handle (accept_fd));
+ j->handshake_ok = 0;
+
+ if (verbose == 0)
+ {
+ tt = time (0);
+ ctt = ctime (&tt);
+ ctt[strlen (ctt) - 1] = 0;
+
+ printf ("\n* Accepted connection from %s on %s\n",
+ human_addr ((struct sockaddr *)
+ &client_address, calen, topbuf,
+ sizeof (topbuf)), ctt);
+ }
+ }
+ }
+
+ if (FD_ISSET (j->fd, &rd) && !j->listen_socket)
+ {
/* read partial GET request */
- char buf[1024];
- int r, ret;
-
- if (j->handshake_ok == 0)
- {
- r = gnutls_handshake (j->tls_session);
- if (r < 0 && gnutls_error_is_fatal (r) == 0)
- {
- check_alert (j->tls_session, r);
- /* nothing */
- }
- else if (r < 0 && gnutls_error_is_fatal (r) == 1)
- {
- check_alert (j->tls_session, r);
- fprintf (stderr, "Error in handshake\n");
- GERR (r);
-
- do
- {
- ret =
- gnutls_alert_send_appropriate (j->tls_session, r);
- }
- while (ret == GNUTLS_E_AGAIN
- || ret == GNUTLS_E_INTERRUPTED);
- j->http_state = HTTP_STATE_CLOSING;
- }
- else if (r == 0)
- {
- if (gnutls_session_is_resumed (j->tls_session) != 0
- && verbose == 0)
- printf ("*** This is a resumed session\n");
-
- if (verbose == 0)
- {
- printf ("\n* Successful handshake from %s\n",
- human_addr ((struct sockaddr *)
- &client_address, calen, topbuf,
- sizeof (topbuf)));
- print_info (j->tls_session, NULL, 1);
- }
- j->handshake_ok = 1;
- }
- }
-
- if (j->handshake_ok == 1)
- {
- r = gnutls_record_recv (j->tls_session, buf,
- MIN (1024, SMALL_READ_TEST));
- if (r == GNUTLS_E_INTERRUPTED || r == GNUTLS_E_AGAIN)
- {
- /* do nothing */
- }
- else if (r <= 0)
- {
- if (r == GNUTLS_E_REHANDSHAKE)
- {
- fprintf (stderr, "*** Received hello message\n");
- do
- {
- r = gnutls_handshake (j->tls_session);
- }
- while (r == GNUTLS_E_INTERRUPTED
- || r == GNUTLS_E_AGAIN);
-
- if (r < 0)
- {
- do
- {
- ret = gnutls_alert_send_appropriate
- (j->tls_session, r);
- }
- while (ret == GNUTLS_E_AGAIN
- || ret == GNUTLS_E_INTERRUPTED);
-
- GERR (r);
- j->http_state = HTTP_STATE_CLOSING;
- }
- }
- else
- {
- j->http_state = HTTP_STATE_CLOSING;
- if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH)
- {
- check_alert (j->tls_session, r);
- fprintf (stderr, "Error while receiving data\n");
- GERR (r);
- }
- }
- }
- else
- {
- j->http_request =
- realloc (j->http_request, j->request_length + r + 1);
- if (j->http_request != NULL)
- {
- memcpy (j->http_request + j->request_length, buf, r);
- j->request_length += r;
- j->http_request[j->request_length] = '\0';
- }
- else
- j->http_state = HTTP_STATE_CLOSING;
-
- }
+ char buf[1024];
+ int r, ret;
+
+ if (j->handshake_ok == 0)
+ {
+ r = gnutls_handshake (j->tls_session);
+ if (r < 0 && gnutls_error_is_fatal (r) == 0)
+ {
+ check_alert (j->tls_session, r);
+ /* nothing */
+ }
+ else if (r < 0 && gnutls_error_is_fatal (r) == 1)
+ {
+ check_alert (j->tls_session, r);
+ fprintf (stderr, "Error in handshake\n");
+ GERR (r);
+
+ do
+ {
+ ret =
+ gnutls_alert_send_appropriate (j->tls_session, r);
+ }
+ while (ret == GNUTLS_E_AGAIN
+ || ret == GNUTLS_E_INTERRUPTED);
+ j->http_state = HTTP_STATE_CLOSING;
+ }
+ else if (r == 0)
+ {
+ if (gnutls_session_is_resumed (j->tls_session) != 0
+ && verbose == 0)
+ printf ("*** This is a resumed session\n");
+
+ if (verbose == 0)
+ {
+ printf ("\n* Successful handshake from %s\n",
+ human_addr ((struct sockaddr *)
+ &client_address, calen, topbuf,
+ sizeof (topbuf)));
+ print_info (j->tls_session, NULL, 1);
+ }
+ j->handshake_ok = 1;
+ }
+ }
+
+ if (j->handshake_ok == 1)
+ {
+ r = gnutls_record_recv (j->tls_session, buf,
+ MIN (1024, SMALL_READ_TEST));
+ if (r == GNUTLS_E_INTERRUPTED || r == GNUTLS_E_AGAIN)
+ {
+ /* do nothing */
+ }
+ else if (r <= 0)
+ {
+ if (r == GNUTLS_E_REHANDSHAKE)
+ {
+ fprintf (stderr, "*** Received hello message\n");
+ do
+ {
+ r = gnutls_handshake (j->tls_session);
+ }
+ while (r == GNUTLS_E_INTERRUPTED
+ || r == GNUTLS_E_AGAIN);
+
+ if (r < 0)
+ {
+ do
+ {
+ ret = gnutls_alert_send_appropriate
+ (j->tls_session, r);
+ }
+ while (ret == GNUTLS_E_AGAIN
+ || ret == GNUTLS_E_INTERRUPTED);
+
+ GERR (r);
+ j->http_state = HTTP_STATE_CLOSING;
+ }
+ }
+ else
+ {
+ j->http_state = HTTP_STATE_CLOSING;
+ if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH)
+ {
+ check_alert (j->tls_session, r);
+ fprintf (stderr, "Error while receiving data\n");
+ GERR (r);
+ }
+ }
+ }
+ else
+ {
+ j->http_request =
+ realloc (j->http_request, j->request_length + r + 1);
+ if (j->http_request != NULL)
+ {
+ memcpy (j->http_request + j->request_length, buf, r);
+ j->request_length += r;
+ j->http_request[j->request_length] = '\0';
+ }
+ else
+ j->http_state = HTTP_STATE_CLOSING;
+
+ }
/* check if we have a full HTTP header */
- j->http_response = NULL;
- if (j->http_request != NULL)
- {
- if ((http == 0 && strchr (j->http_request, '\n'))
- || strstr (j->http_request, "\r\n\r\n")
- || strstr (j->http_request, "\n\n"))
- {
- get_response (j->tls_session, j->http_request,
- &j->http_response, &j->response_length);
- j->http_state = HTTP_STATE_RESPONSE;
- j->response_written = 0;
- }
- }
- }
- }
- if (FD_ISSET (j->fd, &wr))
- {
+ j->http_response = NULL;
+ if (j->http_request != NULL)
+ {
+ if ((http == 0 && strchr (j->http_request, '\n'))
+ || strstr (j->http_request, "\r\n\r\n")
+ || strstr (j->http_request, "\n\n"))
+ {
+ get_response (j->tls_session, j->http_request,
+ &j->http_response, &j->response_length);
+ j->http_state = HTTP_STATE_RESPONSE;
+ j->response_written = 0;
+ }
+ }
+ }
+ }
+ if (FD_ISSET (j->fd, &wr))
+ {
/* write partial response request */
- int r;
-
- if (j->handshake_ok == 0)
- {
- r = gnutls_handshake (j->tls_session);
- if (r < 0 && gnutls_error_is_fatal (r) == 0)
- {
- check_alert (j->tls_session, r);
- /* nothing */
- }
- else if (r < 0 && gnutls_error_is_fatal (r) == 1)
- {
- int ret;
-
- j->http_state = HTTP_STATE_CLOSING;
- check_alert (j->tls_session, r);
- fprintf (stderr, "Error in handshake\n");
- GERR (r);
-
- do
- {
- ret =
- gnutls_alert_send_appropriate (j->tls_session, r);
- }
- while (ret == GNUTLS_E_AGAIN);
- }
- else if (r == 0)
- {
- if (gnutls_session_is_resumed (j->tls_session) != 0
- && verbose == 0)
- printf ("*** This is a resumed session\n");
- if (verbose == 0)
- {
- printf ("- connection from %s\n",
- human_addr ((struct sockaddr *)
- &client_address, calen, topbuf,
- sizeof (topbuf)));
-
- print_info (j->tls_session, NULL, 1);
- }
- j->handshake_ok = 1;
- }
- }
-
- if (j->handshake_ok == 1 && j->http_response != NULL)
- {
- /* FIXME if j->http_response == NULL? */
- r = gnutls_record_send (j->tls_session,
- j->http_response +
- j->response_written,
- MIN (j->response_length -
- j->response_written,
- SMALL_READ_TEST));
- if (r == GNUTLS_E_INTERRUPTED || r == GNUTLS_E_AGAIN)
- {
- /* do nothing */
- }
- else if (r <= 0)
- {
- if (http != 0)
- j->http_state = HTTP_STATE_CLOSING;
- else
- {
- j->http_state = HTTP_STATE_REQUEST;
- free (j->http_response);
- j->response_length = 0;
- j->request_length = 0;
- j->http_request[0] = 0;
- }
-
- if (r < 0)
- {
- fprintf (stderr, "Error while sending data\n");
- GERR (r);
- }
- check_alert (j->tls_session, r);
- }
- else
- {
- j->response_written += r;
+ int r;
+
+ if (j->handshake_ok == 0)
+ {
+ r = gnutls_handshake (j->tls_session);
+ if (r < 0 && gnutls_error_is_fatal (r) == 0)
+ {
+ check_alert (j->tls_session, r);
+ /* nothing */
+ }
+ else if (r < 0 && gnutls_error_is_fatal (r) == 1)
+ {
+ int ret;
+
+ j->http_state = HTTP_STATE_CLOSING;
+ check_alert (j->tls_session, r);
+ fprintf (stderr, "Error in handshake\n");
+ GERR (r);
+
+ do
+ {
+ ret =
+ gnutls_alert_send_appropriate (j->tls_session, r);
+ }
+ while (ret == GNUTLS_E_AGAIN);
+ }
+ else if (r == 0)
+ {
+ if (gnutls_session_is_resumed (j->tls_session) != 0
+ && verbose == 0)
+ printf ("*** This is a resumed session\n");
+ if (verbose == 0)
+ {
+ printf ("- connection from %s\n",
+ human_addr ((struct sockaddr *)
+ &client_address, calen, topbuf,
+ sizeof (topbuf)));
+
+ print_info (j->tls_session, NULL, 1);
+ }
+ j->handshake_ok = 1;
+ }
+ }
+
+ if (j->handshake_ok == 1 && j->http_response != NULL)
+ {
+ /* FIXME if j->http_response == NULL? */
+ r = gnutls_record_send (j->tls_session,
+ j->http_response +
+ j->response_written,
+ MIN (j->response_length -
+ j->response_written,
+ SMALL_READ_TEST));
+ if (r == GNUTLS_E_INTERRUPTED || r == GNUTLS_E_AGAIN)
+ {
+ /* do nothing */
+ }
+ else if (r <= 0)
+ {
+ if (http != 0)
+ j->http_state = HTTP_STATE_CLOSING;
+ else
+ {
+ j->http_state = HTTP_STATE_REQUEST;
+ free (j->http_response);
+ j->response_length = 0;
+ j->request_length = 0;
+ j->http_request[0] = 0;
+ }
+
+ if (r < 0)
+ {
+ fprintf (stderr, "Error while sending data\n");
+ GERR (r);
+ }
+ check_alert (j->tls_session, r);
+ }
+ else
+ {
+ j->response_written += r;
/* check if we have written a complete response */
- if (j->response_written == j->response_length)
- {
- if (http != 0)
- j->http_state = HTTP_STATE_CLOSING;
- else
- {
- j->http_state = HTTP_STATE_REQUEST;
- free (j->http_response);
- j->response_length = 0;
- j->request_length = 0;
- j->http_request[0] = 0;
- }
- }
- }
- }
- else
- {
- j->request_length = 0;
- j->http_request[0] = 0;
- j->http_state = HTTP_STATE_REQUEST;
- }
- }
+ if (j->response_written == j->response_length)
+ {
+ if (http != 0)
+ j->http_state = HTTP_STATE_CLOSING;
+ else
+ {
+ j->http_state = HTTP_STATE_REQUEST;
+ free (j->http_response);
+ j->response_length = 0;
+ j->request_length = 0;
+ j->http_request[0] = 0;
+ }
+ }
+ }
+ }
+ else
+ {
+ j->request_length = 0;
+ j->http_request[0] = 0;
+ j->http_state = HTTP_STATE_REQUEST;
+ }
+ }
}
lloopend (listener_list, j);
/* loop through all connections, closing those that are in error */
lloopstart (listener_list, j)
{
- if (j->http_state == HTTP_STATE_CLOSING)
- {
- ldeleteinc (listener_list, j);
- }
+ if (j->http_state == HTTP_STATE_CLOSING)
+ {
+ ldeleteinc (listener_list, j);
+ }
}
lloopend (listener_list, j);
}
@@ -1453,7 +1453,7 @@ gaa_parser (int argc, char **argv)
if (gaa (argc, argv, &info) != -1)
{
fprintf (stderr,
- "Error in the arguments. Use the --help or -h parameters to get more information.\n");
+ "Error in the arguments. Use the --help or -h parameters to get more information.\n");
exit (1);
}
@@ -1515,7 +1515,7 @@ serv_version (void)
if (strcmp (gnutls_check_version (NULL), PACKAGE_VERSION) != 0)
p = PACKAGE_STRING;
version_etc (stdout, program_name, p, gnutls_check_version (NULL),
- "Nikos Mavrogiannopoulos", (char *) NULL);
+ "Nikos Mavrogiannopoulos", (char *) NULL);
}
/* session resuming support */
@@ -1583,18 +1583,18 @@ wrap_db_fetch (void *dbf, gnutls_datum_t key)
for (i = 0; i < ssl_session_cache; i++)
{
if (key.size == cache_db[i].session_id_size &&
- memcmp (key.data, cache_db[i].session_id, key.size) == 0)
- {
- res.size = cache_db[i].session_data_size;
+ memcmp (key.data, cache_db[i].session_id, key.size) == 0)
+ {
+ res.size = cache_db[i].session_data_size;
- res.data = gnutls_malloc (res.size);
- if (res.data == NULL)
- return res;
+ res.data = gnutls_malloc (res.size);
+ if (res.data == NULL)
+ return res;
- memcpy (res.data, cache_db[i].session_data, res.size);
+ memcpy (res.data, cache_db[i].session_data, res.size);
- return res;
- }
+ return res;
+ }
}
return res;
}
@@ -1610,14 +1610,14 @@ wrap_db_delete (void *dbf, gnutls_datum_t key)
for (i = 0; i < ssl_session_cache; i++)
{
if (key.size == (unsigned int) cache_db[i].session_id_size &&
- memcmp (key.data, cache_db[i].session_id, key.size) == 0)
- {
+ memcmp (key.data, cache_db[i].session_id, key.size) == 0)
+ {
- cache_db[i].session_id_size = 0;
- cache_db[i].session_data_size = 0;
+ cache_db[i].session_id_size = 0;
+ cache_db[i].session_data_size = 0;
- return 0;
- }
+ return 0;
+ }
}
return -1;
View Lorry Controller Status