2 This file is part of GNUnet.
3 (C) 2012-2013 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
21 * @author Martin Schanzenbach
22 * @author Christian Grothoff
23 * @file src/gns/gnunet-gns-proxy.c
24 * @brief HTTP(S) proxy that rewrites URIs and fakes certificats to make GNS work
25 * with legacy browsers
28 * - make DNS lookup asynchronous
29 * - simplify POST/PUT processing
30 * - double-check queueing logic
31 * - figure out what to do with the 'authority' issue
35 #include <microhttpd.h>
36 #include <curl/curl.h>
37 #include <gnutls/gnutls.h>
38 #include <gnutls/x509.h>
39 #include <gnutls/abstract.h>
40 #include <gnutls/crypto.h>
42 #include "gnunet_util_lib.h"
43 #include "gnunet_gns_service.h"
44 #include "gnunet_identity_service.h"
49 * Default Socks5 listen port.
51 #define GNUNET_GNS_PROXY_PORT 7777
54 * Maximum supported length for a URI.
55 * Should die. @deprecated
57 #define MAX_HTTP_URI_LENGTH 2048
60 * Some buffer size. @deprecated
62 #define POSTBUFFERSIZE 4096
66 * Size of the read/write buffers for Socks. Uses
67 * 256 bytes for the hostname (at most), plus a few
68 * bytes overhead for the messages.
70 #define SOCKS_BUFFERSIZE (256 + 32)
73 * Port for plaintext HTTP.
80 #define HTTPS_PORT 443
83 * Largest allowed size for a PEM certificate.
85 #define MAX_PEM_SIZE (10 * 1024)
88 * After how long do we clean up unused MHD SSL/TLS instances?
90 #define MHD_CACHE_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
93 * After how long do we clean up Socks5 handles that failed to show any activity
94 * with their respective MHD instance?
96 #define HTTP_HANDSHAKE_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 15)
102 * @param level log level
103 * @param fun name of curl_easy-function that gave the error
104 * @param rc return code from curl
106 #define LOG_CURL_EASY(level,fun,rc) GNUNET_log(level, _("%s failed at %s:%d: `%s'\n"), fun, __FILE__, __LINE__, curl_easy_strerror (rc))
109 /* *************** Socks protocol definitions (move to TUN?) ****************** */
112 * Which SOCKS version do we speak?
114 #define SOCKS_VERSION_5 0x05
117 * Flag to set for 'no authentication'.
119 #define SOCKS_AUTH_NONE 0
123 * Commands in Socks5.
128 * Establish TCP/IP stream.
130 SOCKS5_CMD_TCP_STREAM = 1,
133 * Establish TCP port binding.
135 SOCKS5_CMD_TCP_PORT = 2,
138 * Establish UDP port binding.
140 SOCKS5_CMD_UDP_PORT = 3
145 * Address types in Socks5.
147 enum Socks5AddressType
157 SOCKS5_AT_DOMAINNAME = 3,
168 * Status codes in Socks5 response.
170 enum Socks5StatusCode
172 SOCKS5_STATUS_REQUEST_GRANTED = 0,
173 SOCKS5_STATUS_GENERAL_FAILURE = 1,
174 SOCKS5_STATUS_CONNECTION_NOT_ALLOWED_BY_RULE = 2,
175 SOCKS5_STATUS_NETWORK_UNREACHABLE = 3,
176 SOCKS5_STATUS_HOST_UNREACHABLE = 4,
177 SOCKS5_STATUS_CONNECTION_REFUSED_BY_HOST = 5,
178 SOCKS5_STATUS_TTL_EXPIRED = 6,
179 SOCKS5_STATUS_COMMAND_NOT_SUPPORTED = 7,
180 SOCKS5_STATUS_ADDRESS_TYPE_NOT_SUPPORTED = 8
185 * Client hello in Socks5 protocol.
187 struct Socks5ClientHelloMessage
190 * Should be #SOCKS_VERSION_5.
195 * How many authentication methods does the client support.
197 uint8_t num_auth_methods;
199 /* followed by supported authentication methods, 1 byte per method */
205 * Server hello in Socks5 protocol.
207 struct Socks5ServerHelloMessage
210 * Should be #SOCKS_VERSION_5.
215 * Chosen authentication method, for us always #SOCKS_AUTH_NONE,
216 * which skips the authentication step.
223 * Client socks request in Socks5 protocol.
225 struct Socks5ClientRequestMessage
228 * Should be #SOCKS_VERSION_5.
233 * Command code, we only uspport #SOCKS5_CMD_TCP_STREAM.
238 * Reserved, always zero.
243 * Address type, an `enum Socks5AddressType`.
248 * Followed by either an ip4/ipv6 address or a domain name with a
249 * length field (uint8_t) in front (depending on @e addr_type).
250 * followed by port number in network byte order (uint16_t).
256 * Server response to client requests in Socks5 protocol.
258 struct Socks5ServerResponseMessage
261 * Should be #SOCKS_VERSION_5.
266 * Status code, an `enum Socks5StatusCode`
276 * Address type, an `enum Socks5AddressType`.
281 * Followed by either an ip4/ipv6 address or a domain name with a
282 * length field (uint8_t) in front (depending on @e addr_type).
283 * followed by port number in network byte order (uint16_t).
289 /* ***************** Datastructures for Socks handling **************** */
298 * We're waiting to get the client hello.
303 * We're waiting to get the initial request.
308 * We are currently resolving the destination.
313 * We're in transfer mode.
315 SOCKS5_DATA_TRANSFER,
318 * Finish writing the write buffer, then clean up.
320 SOCKS5_WRITE_THEN_CLEANUP,
323 * Socket has been passed to MHD, do not close it anymore.
325 SOCKS5_SOCKET_WITH_MHD
331 * A structure for socks requests
339 struct Socks5Request *next;
344 struct Socks5Request *prev;
349 struct GNUNET_NETWORK_Handle *sock;
352 * Handle to GNS lookup, during #SOCKS5_RESOLVING phase.
354 struct GNUNET_GNS_LookupRequest *gns_lookup;
357 * Client socket read task
359 GNUNET_SCHEDULER_TaskIdentifier rtask;
362 * Client socket write task
364 GNUNET_SCHEDULER_TaskIdentifier wtask;
369 GNUNET_SCHEDULER_TaskIdentifier timeout_task;
374 char rbuf[SOCKS_BUFFERSIZE];
379 char wbuf[SOCKS_BUFFERSIZE];
382 * the domain name to server (only important for SSL)
387 * DNS Legacy Host Name as given by GNS, NULL if not given.
397 * Number of bytes already in read buffer
402 * Number of bytes already in write buffer
407 * Once known, what's the target address for the connection?
409 struct sockaddr_storage destination_address;
414 enum SocksPhase state;
417 * Desired destination port.
424 /* *********************** Datastructures for HTTP handling ****************** */
427 * A structure for CA cert/key
434 gnutls_x509_crt_t cert;
439 gnutls_x509_privkey_t key;
444 * Structure for GNS certificates
446 struct ProxyGNSCertificate
449 * The certificate as PEM
451 char cert[MAX_PEM_SIZE];
454 * The private key as PEM
456 char key[MAX_PEM_SIZE];
462 * A structure for all running Httpds
469 struct MhdHttpList *prev;
474 struct MhdHttpList *next;
477 * the domain name to server (only important for SSL)
484 struct MHD_Daemon *daemon;
487 * Optional proxy certificate used
489 struct ProxyGNSCertificate *proxy_cert;
494 GNUNET_SCHEDULER_TaskIdentifier httpd_task;
497 * is this an ssl daemon?
504 /* ***************** possibly deprecated data structures ****************** */
508 * State machine for the IO buffer.
518 * A structure for MHD<->cURL streams
525 struct ProxyCurlTask *prev;
530 struct ProxyCurlTask *next;
538 * Optional header replacements for curl (LEHO)
540 struct curl_slist *headers;
543 * Optional resolver replacements for curl (LEHO)
545 struct curl_slist *resolver;
550 long curl_response_code;
553 * The cURL write buffer / MHD read buffer
555 char buffer[CURL_MAX_WRITE_SIZE];
558 * Should die. @deprecated
560 char url[MAX_HTTP_URI_LENGTH];
563 * Read pos of the data in the buffer
565 char *buffer_read_ptr;
568 * Write pos in the buffer
570 char *buffer_write_ptr;
575 struct MHD_Connection *connection;
580 size_t put_read_offset;
581 size_t put_read_size;
586 struct MHD_PostProcessor *post_handler;
589 struct ProxyUploadData *upload_data_head;
590 struct ProxyUploadData *upload_data_tail;
593 * the type of POST encoding
597 struct curl_httppost *httppost;
599 struct curl_httppost *httppost_last;
602 * Number of bytes in buffer
604 unsigned int bytes_in_buffer;
607 GNUNET_SCHEDULER_TaskIdentifier pp_task;
609 /* The associated daemon list entry */
610 struct MhdHttpList *mhd;
612 /* The associated response */
613 struct MHD_Response *response;
616 struct ProxySetCookieHeader *set_cookies_head;
619 struct ProxySetCookieHeader *set_cookies_tail;
622 * The authority of the corresponding host (site of origin)
627 * The hostname (Host header field)
632 * The LEgacy HOstname (can be empty)
642 * The buffer status (BUF_WAIT_FOR_CURL or BUF_WAIT_FOR_MHD)
644 enum BufferStatus buf_status;
667 * Indicates wheather the download is in progress
669 int download_in_progress;
672 * Indicates wheather the download was successful
674 int download_is_finished;
677 * Indicates wheather the download failed
689 * Struct for set-cookies
691 struct ProxySetCookieHeader
696 struct ProxySetCookieHeader *next;
701 struct ProxySetCookieHeader *prev;
711 * Post data structure
713 struct ProxyUploadData
718 struct ProxyUploadData *next;
723 struct ProxyUploadData *prev;
731 size_t content_length;
750 /* *********************** Globals **************************** */
754 * The port the proxy is running on (default 7777)
756 static unsigned long port = GNUNET_GNS_PROXY_PORT;
759 * The CA file (pem) to use for the proxy CA
761 static char *cafile_opt;
764 * The listen socket of the proxy
766 static struct GNUNET_NETWORK_Handle *lsock;
771 static GNUNET_SCHEDULER_TaskIdentifier ltask;
774 * The cURL download task (curl multi API).
776 static GNUNET_SCHEDULER_TaskIdentifier curl_download_task;
779 * The cURL multi handle
781 static CURLM *curl_multi;
784 * Handle to the GNS service
786 static struct GNUNET_GNS_Handle *gns_handle;
789 * DLL for ProxyCurlTasks
791 static struct ProxyCurlTask *ctasks_head;
794 * DLL for ProxyCurlTasks
796 static struct ProxyCurlTask *ctasks_tail;
799 * DLL for http/https daemons
801 static struct MhdHttpList *mhd_httpd_head;
804 * DLL for http/https daemons
806 static struct MhdHttpList *mhd_httpd_tail;
809 * Daemon for HTTP (we have one per SSL certificate, and then one for
810 * all HTTP connections; this is the one for HTTP, not HTTPS).
812 static struct MhdHttpList *httpd;
815 * DLL of active socks requests.
817 static struct Socks5Request *s5r_head;
820 * DLL of active socks requests.
822 static struct Socks5Request *s5r_tail;
825 * The users local GNS master zone
827 static struct GNUNET_CRYPTO_EccPublicSignKey local_gns_zone;
830 * The users local shorten zone
832 static struct GNUNET_CRYPTO_EccPrivateKey local_shorten_zone;
835 * Is shortening enabled?
837 static int do_shorten;
840 * The CA for SSL certificate generation
842 static struct ProxyCA proxy_ca;
845 * Response we return on cURL failures.
847 static struct MHD_Response *curl_failure_response;
850 * Connection to identity service.
852 static struct GNUNET_IDENTITY_Handle *identity;
855 * Request for our ego.
857 static struct GNUNET_IDENTITY_Operation *id_op;
862 static const struct GNUNET_CONFIGURATION_Handle *cfg;
865 /* ************************* Global helpers ********************* */
869 * Clean up s5r handles.
871 * @param s5r the handle to destroy
874 cleanup_s5r (struct Socks5Request *s5r)
876 if (GNUNET_SCHEDULER_NO_TASK != s5r->rtask)
877 GNUNET_SCHEDULER_cancel (s5r->rtask);
878 if (GNUNET_SCHEDULER_NO_TASK != s5r->timeout_task)
879 GNUNET_SCHEDULER_cancel (s5r->timeout_task);
880 if (GNUNET_SCHEDULER_NO_TASK != s5r->wtask)
881 GNUNET_SCHEDULER_cancel (s5r->wtask);
882 if (NULL != s5r->gns_lookup)
883 GNUNET_GNS_lookup_cancel (s5r->gns_lookup);
884 if (NULL != s5r->sock)
886 if (SOCKS5_SOCKET_WITH_MHD == s5r->state)
887 GNUNET_NETWORK_socket_free_memory_only_ (s5r->sock);
889 GNUNET_NETWORK_socket_close (s5r->sock);
891 GNUNET_CONTAINER_DLL_remove (s5r_head,
894 GNUNET_free_non_null (s5r->domain);
895 GNUNET_free_non_null (s5r->leho);
896 GNUNET_free_non_null (s5r->url);
902 * Run MHD now, we have extra data ready for the callback.
904 * @param hd the daemon to run now.
907 run_mhd_now (struct MhdHttpList *hd);
910 /* *************************** netcat mode *********************** */
918 * Given a TCP stream and a destination address, forward the stream
919 * in both directions.
925 forward_socket_like_ncat (void *cls,
926 const struct GNUNET_SCHEDULER_TaskContext *tc)
928 struct hostent *phost;
930 struct sockaddr_in remote_addr;
931 struct in_addr *r_sin_addr;
933 s5r->remote_sock = GNUNET_NETWORK_socket_create (AF_INET,
936 r_sin_addr = (struct in_addr*)(phost->h_addr);
937 remote_ip = r_sin_addr->s_addr;
938 memset(&remote_addr, 0, sizeof(remote_addr));
939 remote_addr.sin_family = AF_INET;
940 #if HAVE_SOCKADDR_IN_SIN_LEN
941 remote_addr.sin_len = sizeof (remote_addr);
943 remote_addr.sin_addr.s_addr = remote_ip;
944 remote_addr.sin_port = *port;
946 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
947 "target server: %s:%u\n",
948 inet_ntoa(remote_addr.sin_addr),
952 GNUNET_NETWORK_socket_connect ( s5r->remote_sock,
953 (const struct sockaddr*)&remote_addr,
954 sizeof (remote_addr)))
955 && (errno != EINPROGRESS))
957 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "connect");
958 signal_socks_failure (s5r,
959 SOCKS5_STATUS_NETWORK_UNREACHABLE);
966 /* ************************* HTTP handling with cURL *********************** */
969 con_post_data_iter (void *cls,
970 enum MHD_ValueKind kind,
972 const char *filename,
973 const char *content_type,
974 const char *transfer_encoding,
979 struct ProxyCurlTask* ctask = cls;
980 struct ProxyUploadData* pdata;
984 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
985 "Got POST data (file: %s, content type: %s): '%s=%.*s' at offset %llu size %llu\n",
986 filename, content_type,
987 key, (int) size, data,
988 (unsigned long long) off,
989 (unsigned long long) size);
990 GNUNET_assert (NULL != ctask->post_type);
992 if (0 == strcasecmp (MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA,
995 ctask->is_httppost = GNUNET_YES;
999 pdata = GNUNET_new (struct ProxyUploadData);
1000 pdata->key = GNUNET_strdup (key);
1002 if (NULL != filename)
1003 pdata->filename = GNUNET_strdup (filename);
1004 if (NULL != content_type)
1005 pdata->content_type = GNUNET_strdup (content_type);
1006 pdata->value = GNUNET_malloc (size);
1007 pdata->total_bytes = size;
1008 memcpy (pdata->value, data, size);
1009 GNUNET_CONTAINER_DLL_insert_tail (ctask->upload_data_head,
1010 ctask->upload_data_tail,
1013 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1014 "Copied %llu bytes of POST Data\n",
1015 (unsigned long long) size);
1019 pdata = ctask->upload_data_tail;
1020 new_value = GNUNET_malloc (size + pdata->total_bytes);
1021 memcpy (new_value, pdata->value, pdata->total_bytes);
1022 memcpy (new_value+off, data, size);
1023 GNUNET_free (pdata->value);
1024 pdata->value = new_value;
1025 pdata->total_bytes += size;
1030 if (0 != strcasecmp (MHD_HTTP_POST_ENCODING_FORM_URLENCODED,
1036 ctask->is_httppost = GNUNET_NO;
1038 if (NULL != ctask->curl)
1039 curl_easy_pause (ctask->curl, CURLPAUSE_CONT);
1043 enc = curl_easy_escape (ctask->curl, key, 0);
1050 pdata = GNUNET_new (struct ProxyUploadData);
1051 pdata->value = GNUNET_malloc (strlen (enc) + 3);
1052 if (NULL != ctask->upload_data_head)
1054 pdata->value[0] = '&';
1055 memcpy (pdata->value+1, enc, strlen (enc));
1058 memcpy (pdata->value, enc, strlen (enc));
1059 pdata->value[strlen (pdata->value)] = '=';
1060 pdata->bytes_left = strlen (pdata->value);
1061 pdata->total_bytes = pdata->bytes_left;
1064 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1065 "Escaped POST key: '%s'\n",
1068 GNUNET_CONTAINER_DLL_insert_tail (ctask->upload_data_head,
1069 ctask->upload_data_tail,
1074 enc = curl_easy_escape (ctask->curl, data, 0);
1080 pdata = GNUNET_new (struct ProxyUploadData);
1081 pdata->value = GNUNET_malloc (strlen (enc) + 1);
1082 memcpy (pdata->value, enc, strlen (enc));
1083 pdata->bytes_left = strlen (pdata->value);
1084 pdata->total_bytes = pdata->bytes_left;
1087 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1088 "Escaped POST value: '%s'\n",
1091 GNUNET_CONTAINER_DLL_insert_tail (ctask->upload_data_head,
1092 ctask->upload_data_tail,
1099 * Read HTTP request header field 'Host'
1101 * @param cls buffer to write to
1102 * @param kind value kind
1103 * @param key field key
1104 * @param value field value
1105 * @return #MHD_NO when Host found
1108 con_val_iter (void *cls,
1109 enum MHD_ValueKind kind,
1113 struct ProxyCurlTask *ctask = cls;
1114 char* buf = ctask->host;
1117 const char* hdr_val;
1120 if (0 == strcmp ("Host", key))
1122 port = strchr (value, ':');
1125 strncpy (buf, value, port-value);
1127 if ((1 != sscanf (port, "%u", &uport)) ||
1128 (uport > UINT16_MAX) ||
1130 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1131 "Unable to parse port!\n");
1133 ctask->port = (uint16_t) uport;
1136 strcpy (buf, value);
1140 if (0 == strcmp (MHD_HTTP_HEADER_ACCEPT_ENCODING, key))
1145 if (0 == strcasecmp (MHD_HTTP_HEADER_CONTENT_TYPE,
1148 if (0 == strncasecmp (value,
1149 MHD_HTTP_POST_ENCODING_FORM_URLENCODED,
1150 strlen (MHD_HTTP_POST_ENCODING_FORM_URLENCODED)))
1151 ctask->post_type = MHD_HTTP_POST_ENCODING_FORM_URLENCODED;
1152 else if (0 == strncasecmp (value,
1153 MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA,
1154 strlen (MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA)))
1155 ctask->post_type = MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA;
1157 ctask->post_type = NULL;
1161 cstr = GNUNET_malloc (strlen (key) + strlen (hdr_val) + 3);
1162 GNUNET_snprintf (cstr, strlen (key) + strlen (hdr_val) + 3,
1163 "%s: %s", key, hdr_val);
1165 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1166 "Client Header: %s\n", cstr);
1168 ctask->headers = curl_slist_append (ctask->headers, cstr);
1176 * Callback for MHD response
1178 * @param cls closure
1179 * @param pos in buffer
1181 * @param max space in buffer
1182 * @return number of bytes written
1185 mhd_content_cb (void *cls,
1192 * Check HTTP response header for mime
1194 * @param buffer curl buffer
1195 * @param size curl blocksize
1196 * @param nmemb curl blocknumber
1198 * @return size of read bytes
1201 curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls)
1203 size_t bytes = size * nmemb;
1204 struct ProxyCurlTask *ctask = cls;
1205 int cookie_hdr_len = strlen (MHD_HTTP_HEADER_SET_COOKIE);
1206 char hdr_generic[bytes+1];
1207 char new_cookie_hdr[bytes+strlen (ctask->leho)+1];
1208 char new_location[MAX_HTTP_URI_LENGTH+500];
1209 char real_host[264];
1210 char leho_host[264];
1213 char* cookie_domain;
1218 char cors_hdr[strlen (ctask->leho) + strlen ("https://")];
1220 if (NULL == ctask->response)
1222 /* FIXME: get total size from curl (if available) */
1223 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1224 "Creating response for %s\n", ctask->url);
1225 ctask->response = MHD_create_response_from_callback (MHD_SIZE_UNKNOWN,
1226 sizeof (ctask->buffer),
1231 /* if we have a leho add a CORS header */
1232 if (0 != strcmp ("", ctask->leho))
1234 /* We could also allow ssl and http here */
1235 if (ctask->mhd->is_ssl)
1236 sprintf (cors_hdr, "https://%s", ctask->leho);
1238 sprintf (cors_hdr, "http://%s", ctask->leho);
1240 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1241 "MHD: Adding CORS header field %s\n",
1244 if (GNUNET_NO == MHD_add_response_header (ctask->response,
1245 "Access-Control-Allow-Origin",
1248 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1249 "MHD: Error adding CORS header field %s\n",
1253 ctask->ready_to_queue = GNUNET_YES;
1255 if (cookie_hdr_len > bytes)
1258 memcpy (hdr_generic, buffer, bytes);
1259 hdr_generic[bytes] = '\0';
1261 if ('\n' == hdr_generic[bytes-1])
1262 hdr_generic[bytes-1] = '\0';
1264 if (hdr_generic[bytes-2] == '\r')
1265 hdr_generic[bytes-2] = '\0';
1267 if (0 == memcmp (hdr_generic,
1268 MHD_HTTP_HEADER_SET_COOKIE,
1271 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1272 "Looking for cookie in: `%s'\n", hdr_generic);
1273 ndup = GNUNET_strdup (hdr_generic+cookie_hdr_len+1);
1274 memset (new_cookie_hdr, 0, sizeof (new_cookie_hdr));
1275 for (tok = strtok (ndup, ";"); tok != NULL; tok = strtok (NULL, ";"))
1277 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1278 "Got Cookie token: %s\n", tok);
1279 //memcpy (new_cookie_hdr+offset, tok, strlen (tok));
1280 if (0 == memcmp (tok, " domain", strlen (" domain")))
1282 cookie_domain = tok + strlen (" domain") + 1;
1284 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1285 "Got Set-Cookie Domain: %s\n", cookie_domain);
1287 if (strlen (cookie_domain) < strlen (ctask->leho))
1289 delta_cdomain = strlen (ctask->leho) - strlen (cookie_domain);
1290 if (0 == strcmp (cookie_domain, ctask->leho + (delta_cdomain)))
1292 GNUNET_snprintf (new_cookie_hdr+offset,
1293 sizeof (new_cookie_hdr),
1294 " domain=%s", ctask->authority);
1295 offset += strlen (" domain=") + strlen (ctask->authority);
1296 new_cookie_hdr[offset] = ';';
1301 else if (strlen (cookie_domain) == strlen (ctask->leho))
1303 if (0 == strcmp (cookie_domain, ctask->leho))
1305 GNUNET_snprintf (new_cookie_hdr+offset,
1306 sizeof (new_cookie_hdr),
1307 " domain=%s", ctask->host);
1308 offset += strlen (" domain=") + strlen (ctask->host);
1309 new_cookie_hdr[offset] = ';';
1314 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1315 "Cookie domain invalid\n");
1319 memcpy (new_cookie_hdr+offset, tok, strlen (tok));
1320 offset += strlen (tok);
1321 new_cookie_hdr[offset] = ';';
1327 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1328 "Got Set-Cookie HTTP header %s\n", new_cookie_hdr);
1330 if (GNUNET_NO == MHD_add_response_header (ctask->response,
1331 MHD_HTTP_HEADER_SET_COOKIE,
1334 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1335 "MHD: Error adding set-cookie header field %s\n",
1336 hdr_generic+cookie_hdr_len+1);
1341 ndup = GNUNET_strdup (hdr_generic);
1342 hdr_type = strtok (ndup, ":");
1344 if (NULL == hdr_type)
1350 hdr_val = strtok (NULL, "");
1352 if (NULL == hdr_val)
1360 if (0 == strcasecmp (MHD_HTTP_HEADER_LOCATION, hdr_type))
1362 if (ctask->mhd->is_ssl)
1364 sprintf (leho_host, "https://%s", ctask->leho);
1365 sprintf (real_host, "https://%s", ctask->host);
1369 sprintf (leho_host, "http://%s", ctask->leho);
1370 sprintf (real_host, "http://%s", ctask->host);
1373 if (0 == memcmp (leho_host, hdr_val, strlen (leho_host)))
1375 sprintf (new_location, "%s%s", real_host, hdr_val+strlen (leho_host));
1376 hdr_val = new_location;
1380 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1381 "Trying to set %s: %s\n",
1384 if (GNUNET_NO == MHD_add_response_header (ctask->response,
1388 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1389 "MHD: Error adding %s header field %s\n",
1400 * Ask cURL for the select sets and schedule download
1403 curl_download_prepare (void);
1407 * Callback to free content
1409 * @param cls content to free
1410 * @param tc task context
1413 mhd_content_free (void *cls,
1414 const struct GNUNET_SCHEDULER_TaskContext *tc)
1416 struct ProxyCurlTask *ctask = cls;
1417 struct ProxyUploadData *pdata;
1419 if (NULL != ctask->headers)
1420 curl_slist_free_all (ctask->headers);
1422 if (NULL != ctask->headers)
1423 curl_slist_free_all (ctask->resolver);
1425 if (NULL != ctask->response)
1426 MHD_destroy_response (ctask->response);
1428 if (NULL != ctask->post_handler)
1429 MHD_destroy_post_processor (ctask->post_handler);
1431 if (GNUNET_SCHEDULER_NO_TASK != ctask->pp_task)
1432 GNUNET_SCHEDULER_cancel (ctask->pp_task);
1434 for (pdata = ctask->upload_data_head; NULL != pdata; pdata = ctask->upload_data_head)
1436 GNUNET_CONTAINER_DLL_remove (ctask->upload_data_head,
1437 ctask->upload_data_tail,
1439 GNUNET_free_non_null (pdata->filename);
1440 GNUNET_free_non_null (pdata->content_type);
1441 GNUNET_free_non_null (pdata->key);
1442 GNUNET_free_non_null (pdata->value);
1443 GNUNET_free (pdata);
1445 GNUNET_free (ctask);
1450 * Callback for MHD response
1452 * @param cls closure
1453 * @param pos in buffer
1455 * @param max space in buffer
1456 * @return number of bytes written
1459 mhd_content_cb (void *cls,
1464 struct ProxyCurlTask *ctask = cls;
1466 size_t bytes_to_copy = ctask->buffer_write_ptr - ctask->buffer_read_ptr;
1468 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1469 "MHD: content cb for %s. To copy: %u\n",
1470 ctask->url, (unsigned int) bytes_to_copy);
1471 if ((GNUNET_YES == ctask->download_is_finished) &&
1472 (GNUNET_NO == ctask->download_error) &&
1473 (0 == bytes_to_copy))
1475 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1476 "MHD: sending response for %s\n", ctask->url);
1477 ctask->download_in_progress = GNUNET_NO;
1478 run_mhd_now (ctask->mhd);
1479 GNUNET_SCHEDULER_add_now (&mhd_content_free, ctask);
1480 return MHD_CONTENT_READER_END_OF_STREAM;
1483 if ((GNUNET_YES == ctask->download_error) &&
1484 (GNUNET_YES == ctask->download_is_finished) &&
1485 (0 == bytes_to_copy))
1487 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1488 "MHD: sending error response\n");
1489 ctask->download_in_progress = GNUNET_NO;
1490 run_mhd_now (ctask->mhd);
1491 GNUNET_SCHEDULER_add_now (&mhd_content_free, ctask);
1492 return MHD_CONTENT_READER_END_WITH_ERROR;
1495 if ( ctask->buf_status == BUF_WAIT_FOR_CURL )
1499 bytes_to_copy = ctask->buffer_write_ptr - ctask->buffer_read_ptr;
1501 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1502 "MHD: copied: %d left: %u, space left in buf: %d\n",
1504 (unsigned int) bytes_to_copy, (int) (max - copied));
1506 if (GNUNET_NO == ctask->download_is_finished)
1508 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1509 "MHD: Purging buffer\n");
1510 memmove (ctask->buffer, ctask->buffer_read_ptr, bytes_to_copy);
1511 ctask->buffer_read_ptr = ctask->buffer;
1512 ctask->buffer_write_ptr = ctask->buffer + bytes_to_copy;
1513 ctask->buffer[bytes_to_copy] = '\0';
1516 if (bytes_to_copy + copied > max)
1517 bytes_to_copy = max - copied;
1518 memcpy (buf+copied, ctask->buffer_read_ptr, bytes_to_copy);
1519 ctask->buffer_read_ptr += bytes_to_copy;
1520 copied += bytes_to_copy;
1521 ctask->buf_status = BUF_WAIT_FOR_CURL;
1523 if (NULL != ctask->curl)
1524 curl_easy_pause (ctask->curl, CURLPAUSE_CONT);
1526 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1527 "MHD: copied %d bytes\n", (int) copied);
1528 run_mhd_now (ctask->mhd);
1534 * Handle data from cURL
1536 * @param ptr pointer to the data
1537 * @param size number of blocks of data
1538 * @param nmemb blocksize
1539 * @param ctx the curlproxytask
1540 * @return number of bytes handled
1543 curl_download_cb (void *ptr, size_t size, size_t nmemb, void* ctx)
1545 const char *cbuf = ptr;
1546 size_t total = size * nmemb;
1547 struct ProxyCurlTask *ctask = ctx;
1548 size_t buf_space = sizeof (ctask->buffer) - (ctask->buffer_write_ptr - ctask->buffer);
1550 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1551 "CURL: Got %d. %d free in buffer\n",
1556 ctask->buf_status = BUF_WAIT_FOR_MHD;
1557 run_mhd_now (ctask->mhd);
1558 return CURL_WRITEFUNC_PAUSE;
1560 if (total > buf_space)
1562 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1563 "CURL: Copying %d bytes to buffer (%s)\n",
1565 memcpy (ctask->buffer_write_ptr, cbuf, total);
1566 ctask->bytes_in_buffer += total;
1567 ctask->buffer_write_ptr += total;
1568 if (ctask->bytes_in_buffer > 0)
1570 ctask->buf_status = BUF_WAIT_FOR_MHD;
1571 run_mhd_now (ctask->mhd);
1578 * cURL callback for put data
1581 put_read_callback (void *buf, size_t size, size_t nmemb, void *cls)
1583 struct ProxyCurlTask *ctask = cls;
1584 struct ProxyUploadData *pdata = ctask->upload_data_head;
1585 size_t len = size * nmemb;
1589 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1590 "CURL: put read callback\n");
1593 return CURL_READFUNC_PAUSE;
1596 if (NULL == pdata->value)
1598 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1599 "CURL: Terminating PUT\n");
1601 GNUNET_CONTAINER_DLL_remove (ctask->upload_data_head,
1602 ctask->upload_data_tail,
1604 GNUNET_free (pdata);
1608 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1609 "CURL: read callback value %s\n", pdata->value);
1611 to_copy = pdata->bytes_left;
1615 pos = pdata->value + (pdata->total_bytes - pdata->bytes_left);
1616 memcpy (buf, pos, to_copy);
1617 pdata->bytes_left -= to_copy;
1618 if (pdata->bytes_left <= 0)
1620 GNUNET_free (pdata->value);
1621 GNUNET_CONTAINER_DLL_remove (ctask->upload_data_head,
1622 ctask->upload_data_tail,
1624 GNUNET_free (pdata);
1631 * cURL callback for post data
1634 post_read_callback (void *buf, size_t size, size_t nmemb, void *cls)
1636 struct ProxyCurlTask *ctask = cls;
1637 struct ProxyUploadData *pdata = ctask->upload_data_head;
1638 size_t len = size * nmemb;
1642 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1643 "CURL: read callback\n");
1646 return CURL_READFUNC_PAUSE;
1649 if (NULL == pdata->value)
1651 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1652 "CURL: Terminating POST data\n");
1654 GNUNET_CONTAINER_DLL_remove (ctask->upload_data_head,
1655 ctask->upload_data_tail,
1657 GNUNET_free (pdata);
1661 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1662 "CURL: read callback value %s\n", pdata->value);
1664 to_copy = pdata->bytes_left;
1668 pos = pdata->value + (pdata->total_bytes - pdata->bytes_left);
1669 memcpy (buf, pos, to_copy);
1670 pdata->bytes_left -= to_copy;
1671 if (pdata->bytes_left <= 0)
1673 GNUNET_free (pdata->value);
1674 GNUNET_CONTAINER_DLL_remove (ctask->upload_data_head,
1675 ctask->upload_data_tail,
1677 GNUNET_free (pdata);
1684 * Task that is run when we are ready to receive more data
1687 * @param cls closure
1688 * @param tc task context
1691 curl_task_download (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc);
1695 * Ask cURL for the select sets and schedule download
1698 curl_download_prepare ()
1705 struct GNUNET_NETWORK_FDSet *grs;
1706 struct GNUNET_NETWORK_FDSet *gws;
1708 struct GNUNET_TIME_Relative rtime;
1714 if (CURLM_OK != (mret = curl_multi_fdset (curl_multi, &rs, &ws, &es, &max)))
1716 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1717 "%s failed at %s:%d: `%s'\n",
1718 "curl_multi_fdset", __FILE__, __LINE__,
1719 curl_multi_strerror (mret));
1720 //TODO cleanup here?
1724 GNUNET_break (CURLM_OK == curl_multi_timeout (curl_multi, &to));
1725 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1726 "cURL multi fds: max=%d timeout=%lld\n", max, (long long) to);
1728 rtime = GNUNET_TIME_UNIT_FOREVER_REL;
1730 rtime = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, to);
1731 grs = GNUNET_NETWORK_fdset_create ();
1732 gws = GNUNET_NETWORK_fdset_create ();
1733 GNUNET_NETWORK_fdset_copy_native (grs, &rs, max + 1);
1734 GNUNET_NETWORK_fdset_copy_native (gws, &ws, max + 1);
1735 if (curl_download_task != GNUNET_SCHEDULER_NO_TASK)
1736 GNUNET_SCHEDULER_cancel (curl_download_task);
1739 curl_download_task =
1740 GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
1743 &curl_task_download, curl_multi);
1745 else if (NULL != ctasks_head)
1747 /* as specified in curl docs */
1748 curl_download_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_MILLISECONDS,
1749 &curl_task_download,
1752 GNUNET_NETWORK_fdset_destroy (gws);
1753 GNUNET_NETWORK_fdset_destroy (grs);
1758 * Task that is run when we are ready to receive more data
1761 * @param cls closure
1762 * @param tc task context
1765 curl_task_download (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1769 struct CURLMsg *msg;
1771 struct ProxyCurlTask *ctask;
1774 struct ProxyCurlTask *clean_head = NULL;
1775 struct ProxyCurlTask *clean_tail = NULL;
1777 curl_download_task = GNUNET_SCHEDULER_NO_TASK;
1779 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
1781 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1782 "Shutdown requested while trying to download\n");
1786 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1794 mret = curl_multi_perform (curl_multi, &running);
1796 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1797 "Running curl tasks: %d\n", running);
1798 for (ctask = ctasks_head; NULL != ctask; ctask = ctask->next)
1800 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1801 "CTask: %s\n", ctask->url);
1808 msg = curl_multi_info_read (curl_multi, &msgnum);
1809 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1810 "Messages left: %d\n", msgnum);
1817 if ((msg->data.result != CURLE_OK) &&
1818 (msg->data.result != CURLE_GOT_NOTHING))
1820 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1821 "Download curl failed");
1823 for (ctask = ctasks_head; NULL != ctask; ctask = ctask->next)
1825 if (NULL == ctask->curl)
1828 if (memcmp (msg->easy_handle, ctask->curl, sizeof (CURL)) != 0)
1831 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1832 "CURL: Download failed for task %s: %s.\n",
1834 curl_easy_strerror (msg->data.result));
1835 ctask->download_is_finished = GNUNET_YES;
1836 ctask->download_error = GNUNET_YES;
1837 if (CURLE_OK == curl_easy_getinfo (ctask->curl,
1838 CURLINFO_RESPONSE_CODE,
1840 ctask->curl_response_code = resp_code;
1841 ctask->ready_to_queue = MHD_YES;
1842 ctask->buf_status = BUF_WAIT_FOR_MHD;
1843 run_mhd_now (ctask->mhd);
1845 GNUNET_CONTAINER_DLL_remove (ctasks_head, ctasks_tail,
1847 GNUNET_CONTAINER_DLL_insert (clean_head, clean_tail, ctask);
1850 GNUNET_assert (ctask != NULL);
1854 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1855 "CURL: download completed.\n");
1857 for (ctask = ctasks_head; NULL != ctask; ctask = ctask->next)
1859 if (NULL == ctask->curl)
1862 if (0 != memcmp (msg->easy_handle, ctask->curl, sizeof (CURL)))
1865 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1866 "CURL: completed task %s found.\n", ctask->url);
1867 if (CURLE_OK == curl_easy_getinfo (ctask->curl,
1868 CURLINFO_RESPONSE_CODE,
1870 ctask->curl_response_code = resp_code;
1873 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1874 "CURL: Completed ctask!\n");
1875 if (GNUNET_SCHEDULER_NO_TASK == ctask->pp_task)
1877 ctask->buf_status = BUF_WAIT_FOR_MHD;
1878 run_mhd_now (ctask->mhd);
1881 ctask->ready_to_queue = MHD_YES;
1882 ctask->download_is_finished = GNUNET_YES;
1884 /* We MUST not modify the multi handle else we loose messages */
1885 GNUNET_CONTAINER_DLL_remove (ctasks_head, ctasks_tail,
1887 GNUNET_CONTAINER_DLL_insert (clean_head, clean_tail, ctask);
1891 GNUNET_assert (ctask != NULL);
1893 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1894 "CURL: %s\n", curl_easy_strerror(msg->data.result));
1900 } while (msgnum > 0);
1902 for (ctask=clean_head; NULL != ctask; ctask = ctask->next)
1904 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1905 "CURL: Removing task %s.\n", ctask->url);
1906 curl_multi_remove_handle (curl_multi, ctask->curl);
1907 curl_easy_cleanup (ctask->curl);
1912 for (ctask=ctasks_head; NULL != ctask; ctask = ctask->next)
1914 GNUNET_assert (num_ctasks == running);
1916 } while (mret == CURLM_CALL_MULTI_PERFORM);
1918 if (mret != CURLM_OK)
1920 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "CURL: %s failed at %s:%d: `%s'\n",
1921 "curl_multi_perform", __FILE__, __LINE__,
1922 curl_multi_strerror (mret));
1924 curl_download_prepare();
1929 * Process LEHO lookup
1931 * @param cls the ctask
1932 * @param rd_count number of records returned
1933 * @param rd record data
1936 process_leho_lookup (void *cls,
1938 const struct GNUNET_NAMESTORE_RecordData *rd)
1940 struct ProxyCurlTask *ctask = cls;
1941 char hosthdr[262]; //256 + "Host: "
1945 struct hostent *phost;
1947 char resolvename[512];
1951 strcpy (ctask->leho, "");
1954 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1955 "No LEHO present!\n");
1957 for (i=0; i<rd_count; i++)
1959 if (rd[i].record_type != GNUNET_NAMESTORE_TYPE_LEHO)
1962 memcpy (ctask->leho, rd[i].data, rd[i].data_size);
1964 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1965 "Found LEHO %s for %s\n", ctask->leho, ctask->url);
1968 if (0 != strcmp (ctask->leho, ""))
1970 sprintf (hosthdr, "%s%s:%d", "Host: ", ctask->leho, ctask->port);
1971 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1972 "New HTTP header value: %s\n", hosthdr);
1973 ctask->headers = curl_slist_append (ctask->headers, hosthdr);
1974 GNUNET_assert (NULL != ctask->headers);
1975 if (CURLE_OK != (ret = curl_easy_setopt (ctask->curl, CURLOPT_HTTPHEADER, ctask->headers)))
1976 LOG_CURL_EASY(GNUNET_ERROR_TYPE_WARNING,"curl_easy_setopt",ret);
1979 if (ctask->mhd->is_ssl)
1981 phost = (struct hostent*)gethostbyname (ctask->host);
1985 ssl_ip = inet_ntoa(*((struct in_addr*)(phost->h_addr)));
1986 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1987 "SSL target server: %s\n", ssl_ip);
1988 sprintf (resolvename, "%s:%d:%s", ctask->leho, HTTPS_PORT, ssl_ip);
1989 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1990 "Curl resolve: %s\n", resolvename);
1991 ctask->resolver = curl_slist_append ( ctask->resolver, resolvename);
1992 if (CURLE_OK != (ret = curl_easy_setopt (ctask->curl, CURLOPT_RESOLVE, ctask->resolver)))
1993 LOG_CURL_EASY(GNUNET_ERROR_TYPE_WARNING,"curl_easy_setopt",ret);
1994 sprintf (curlurl, "https://%s:%d%s", ctask->leho, ctask->port, ctask->url);
1995 if (CURLE_OK != (ret = curl_easy_setopt (ctask->curl, CURLOPT_URL, curlurl)))
1996 LOG_CURL_EASY(GNUNET_ERROR_TYPE_WARNING,"curl_easy_setopt",ret);
2000 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2001 "gethostbyname failed for %s!\n",
2003 ctask->download_is_finished = GNUNET_YES;
2004 ctask->download_error = GNUNET_YES;
2009 if (CURLM_OK != (mret=curl_multi_add_handle (curl_multi, ctask->curl)))
2011 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2012 "%s failed at %s:%d: `%s'\n",
2013 "curl_multi_add_handle", __FILE__, __LINE__,
2014 curl_multi_strerror (mret));
2015 ctask->download_is_finished = GNUNET_YES;
2016 ctask->download_error = GNUNET_YES;
2019 GNUNET_CONTAINER_DLL_insert (ctasks_head, ctasks_tail, ctask);
2021 curl_download_prepare ();
2028 * Main MHD callback for handling requests.
2031 * @param con MHD connection handle
2032 * @param url the url in the request
2033 * @param meth the HTTP method used ("GET", "PUT", etc.)
2034 * @param ver the HTTP version string (i.e. "HTTP/1.1")
2035 * @param upload_data the data being uploaded (excluding HEADERS,
2036 * for a POST that fits into memory and that is encoded
2037 * with a supported encoding, the POST data will NOT be
2038 * given in upload_data and is instead available as
2039 * part of MHD_get_connection_values; very large POST
2040 * data *will* be made available incrementally in
2042 * @param upload_data_size set initially to the size of the
2043 * @a upload_data provided; the method must update this
2044 * value to the number of bytes NOT processed;
2045 * @param con_cls pointer to location where we store the 'struct Request'
2046 * @return #MHD_YES if the connection was handled successfully,
2047 * #MHD_NO if the socket must be closed due to a serious
2048 * error while handling the request
2051 create_response (void *cls,
2052 struct MHD_Connection *con,
2056 const char *upload_data,
2057 size_t *upload_data_size,
2060 struct MhdHttpList* hd = cls;
2061 char curlurl[MAX_HTTP_URI_LENGTH]; // buffer overflow!
2064 struct ProxyCurlTask *ctask = *con_cls;
2065 struct ProxyUploadData *fin_post;
2066 struct curl_forms forms[5];
2067 struct ProxyUploadData *upload_data_iter;
2070 if ((0 != strcasecmp (meth, MHD_HTTP_METHOD_GET)) &&
2071 (0 != strcasecmp (meth, MHD_HTTP_METHOD_PUT)) &&
2072 (0 != strcasecmp (meth, MHD_HTTP_METHOD_POST)) &&
2073 (0 != strcasecmp (meth, MHD_HTTP_METHOD_HEAD)))
2075 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2076 "MHD: %s NOT IMPLEMENTED!\n", meth);
2081 if (GNUNET_NO == ctask->accepted)
2084 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2085 "Got %s request for %s\n", meth, url);
2087 ctask->curl = curl_easy_init();
2088 ctask->curl_running = GNUNET_NO;
2089 if (NULL == ctask->curl)
2091 ret = MHD_queue_response (con,
2093 curl_failure_response);
2094 GNUNET_free (ctask);
2098 if (ctask->mhd->is_ssl)
2099 ctask->port = HTTPS_PORT;
2101 ctask->port = HTTP_PORT;
2103 MHD_get_connection_values (con,
2105 &con_val_iter, ctask);
2107 curl_easy_setopt (ctask->curl, CURLOPT_HEADERFUNCTION, &curl_check_hdr);
2108 curl_easy_setopt (ctask->curl, CURLOPT_HEADERDATA, ctask);
2109 curl_easy_setopt (ctask->curl, CURLOPT_WRITEFUNCTION, &curl_download_cb);
2110 curl_easy_setopt (ctask->curl, CURLOPT_WRITEDATA, ctask);
2111 curl_easy_setopt (ctask->curl, CURLOPT_FOLLOWLOCATION, 0);
2112 curl_easy_setopt (ctask->curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
2114 if (GNUNET_NO == ctask->mhd->is_ssl)
2116 sprintf (curlurl, "http://%s:%d%s", ctask->host, ctask->port, ctask->url);
2117 curl_easy_setopt (ctask->curl, CURLOPT_URL, curlurl);
2121 curl_easy_setopt (ctask->curl, CURLOPT_FAILONERROR, 1);
2122 curl_easy_setopt (ctask->curl, CURLOPT_CONNECTTIMEOUT, 600L);
2123 curl_easy_setopt (ctask->curl, CURLOPT_TIMEOUT, 600L);
2125 /* Add GNS header */
2126 ctask->headers = curl_slist_append (ctask->headers,
2128 ctask->accepted = GNUNET_YES;
2129 ctask->download_in_progress = GNUNET_YES;
2130 ctask->buf_status = BUF_WAIT_FOR_CURL;
2131 ctask->connection = con;
2132 ctask->curl_response_code = MHD_HTTP_OK;
2133 ctask->buffer_read_ptr = ctask->buffer;
2134 ctask->buffer_write_ptr = ctask->buffer;
2135 ctask->pp_task = GNUNET_SCHEDULER_NO_TASK;
2138 if (0 == strcasecmp (meth, MHD_HTTP_METHOD_PUT))
2140 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2141 "Setting up PUT\n");
2143 curl_easy_setopt (ctask->curl, CURLOPT_UPLOAD, 1);
2144 curl_easy_setopt (ctask->curl, CURLOPT_READDATA, ctask);
2145 curl_easy_setopt (ctask->curl, CURLOPT_READFUNCTION, &put_read_callback);
2146 ctask->headers = curl_slist_append (ctask->headers,
2147 "Transfer-Encoding: chunked");
2150 if (0 == strcasecmp (meth, MHD_HTTP_METHOD_POST))
2152 //FIXME handle multipart
2153 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2154 "Setting up POST processor\n");
2155 ctask->post_handler = MHD_create_post_processor (con,
2157 &con_post_data_iter,
2159 ctask->headers = curl_slist_append (ctask->headers,
2160 "Transfer-Encoding: chunked");
2164 if (0 == strcasecmp (meth, MHD_HTTP_METHOD_HEAD))
2166 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2167 "Setting NOBODY\n");
2168 curl_easy_setopt (ctask->curl, CURLOPT_NOBODY, 1);
2172 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2173 "MHD: Adding new curl task for %s\n", ctask->host);
2175 GNUNET_GNS_get_authority (gns_handle,
2177 &process_get_authority,
2180 ctask->ready_to_queue = GNUNET_NO;
2181 ctask->fin = GNUNET_NO;
2182 ctask->curl_running = GNUNET_YES;
2186 ctask = (struct ProxyCurlTask *) *con_cls;
2187 if (0 == strcasecmp (meth, MHD_HTTP_METHOD_POST))
2189 if (0 != *upload_data_size)
2192 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2193 "Invoking POST processor\n");
2194 MHD_post_process (ctask->post_handler,
2195 upload_data, *upload_data_size);
2196 *upload_data_size = 0;
2197 if ((GNUNET_NO == ctask->is_httppost) &&
2198 (GNUNET_NO == ctask->curl_running))
2200 curl_easy_setopt (ctask->curl, CURLOPT_POST, 1);
2201 curl_easy_setopt (ctask->curl, CURLOPT_READFUNCTION,
2202 &post_read_callback);
2203 curl_easy_setopt (ctask->curl, CURLOPT_READDATA, ctask);
2205 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2206 "MHD: Adding new curl task for %s\n", ctask->host);
2208 GNUNET_GNS_get_authority (gns_handle,
2210 &process_get_authority,
2213 ctask->ready_to_queue = GNUNET_NO;
2214 ctask->fin = GNUNET_NO;
2215 ctask->curl_running = GNUNET_YES;
2219 else if (GNUNET_NO == ctask->post_done)
2221 if (GNUNET_YES == ctask->is_httppost)
2223 for (upload_data_iter = ctask->upload_data_head;
2224 NULL != upload_data_iter;
2225 upload_data_iter = upload_data_iter->next)
2228 if (NULL != upload_data_iter->filename)
2230 forms[i].option = CURLFORM_FILENAME;
2231 forms[i].value = upload_data_iter->filename;
2232 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2233 "Adding filename %s\n",
2237 if (NULL != upload_data_iter->content_type)
2239 forms[i].option = CURLFORM_CONTENTTYPE;
2240 forms[i].value = upload_data_iter->content_type;
2241 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2242 "Adding content type %s\n",
2246 forms[i].option = CURLFORM_PTRCONTENTS;
2247 forms[i].value = upload_data_iter->value;
2248 forms[i+1].option = CURLFORM_END;
2250 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2251 "Adding formdata for %s (len=%lld)\n",
2252 upload_data_iter->key,
2253 upload_data_iter->total_bytes);
2255 curl_formadd(&ctask->httppost, &ctask->httppost_last,
2256 CURLFORM_COPYNAME, upload_data_iter->key,
2257 CURLFORM_CONTENTSLENGTH, upload_data_iter->total_bytes,
2258 CURLFORM_ARRAY, forms,
2261 curl_easy_setopt (ctask->curl, CURLOPT_HTTPPOST,
2264 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2265 "MHD: Adding new curl task for %s\n", ctask->host);
2267 GNUNET_GNS_get_authority (gns_handle,
2269 &process_get_authority,
2272 ctask->ready_to_queue = GNUNET_YES;
2273 ctask->fin = GNUNET_NO;
2274 ctask->curl_running = GNUNET_YES;
2275 ctask->post_done = GNUNET_YES;
2279 fin_post = GNUNET_new (struct ProxyUploadData);
2280 GNUNET_CONTAINER_DLL_insert_tail (ctask->upload_data_head,
2281 ctask->upload_data_tail,
2283 ctask->post_done = GNUNET_YES;
2288 if (GNUNET_YES != ctask->ready_to_queue)
2289 return MHD_YES; /* wait longer */
2291 if (GNUNET_YES == ctask->fin)
2294 ctask->fin = GNUNET_YES;
2295 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2296 "MHD: Queueing response for %s\n", ctask->url);
2297 ret = MHD_queue_response (con, ctask->curl_response_code, ctask->response);
2298 run_mhd_now (ctask->mhd);
2303 /* ******************** MHD HTTP setup and event loop ******************** */
2307 * Function called when MHD decides that we are done with a connection.
2310 * @param connection connection handle
2311 * @param con_cls value as set by the last call to
2312 * the #MHD_AccessHandlerCallback, should be our `struct Socks5Request`
2313 * @param toe reason for request termination (ignored)
2316 mhd_completed_cb (void *cls,
2317 struct MHD_Connection *connection,
2319 enum MHD_RequestTerminationCode toe)
2321 struct Socks5Request *s5r = *con_cls;
2331 * Function called when MHD first processes an incoming connection.
2332 * Gives us the respective URI information.
2334 * We use this to associate the `struct MHD_Connection` with our
2335 * internal `struct Socks5Request` data structure (by checking
2336 * for matching sockets).
2338 * @param cls the HTTP server handle (a `struct MhdHttpList`)
2339 * @param url the URL that is being requested
2340 * @param connection MHD connection object for the request
2341 * @return the `struct Socks5Request` that this @a connection is for
2344 mhd_log_callback (void *cls,
2346 struct MHD_Connection *connection)
2348 struct Socks5Request *s5r;
2349 const union MHD_ConnectionInfo *ci;
2352 ci = MHD_get_connection_info (connection,
2353 MHD_CONNECTION_INFO_CONNECTION_FD);
2359 sock = ci->connect_fd;
2360 for (s5r = s5r_head; NULL != s5r; s5r = s5r->next)
2362 if (GNUNET_NETWORK_get_fd (s5r->sock) == sock)
2364 if (NULL != s5r->url)
2369 s5r->url = GNUNET_strdup (url);
2378 * Kill the given MHD daemon.
2380 * @param hd daemon to stop
2383 kill_httpd (struct MhdHttpList *hd)
2385 GNUNET_CONTAINER_DLL_remove (mhd_httpd_head,
2388 GNUNET_free_non_null (hd->domain);
2389 MHD_stop_daemon (hd->daemon);
2390 if (GNUNET_SCHEDULER_NO_TASK != hd->httpd_task)
2391 GNUNET_SCHEDULER_cancel (hd->httpd_task);
2392 GNUNET_free_non_null (hd->proxy_cert);
2400 * Task run whenever HTTP server is idle for too long. Kill it.
2402 * @param cls the `struct MhdHttpList *`
2403 * @param tc sched context
2406 kill_httpd_task (void *cls,
2407 const struct GNUNET_SCHEDULER_TaskContext *tc)
2409 struct MhdHttpList *hd = cls;
2416 * Task run whenever HTTP server operations are pending.
2418 * @param cls the `struct MhdHttpList *` of the daemon that is being run
2419 * @param tc sched context
2422 do_httpd (void *cls,
2423 const struct GNUNET_SCHEDULER_TaskContext *tc);
2427 * Schedule MHD. This function should be called initially when an
2428 * MHD is first getting its client socket, and will then automatically
2429 * always be called later whenever there is work to be done.
2431 * @param hd the daemon to schedule
2434 schedule_httpd (struct MhdHttpList *hd)
2439 struct GNUNET_NETWORK_FDSet *wrs;
2440 struct GNUNET_NETWORK_FDSet *wws;
2443 MHD_UNSIGNED_LONG_LONG timeout;
2444 struct GNUNET_TIME_Relative tv;
2450 if (MHD_YES != MHD_get_fdset (hd->daemon, &rs, &ws, &es, &max))
2455 haveto = MHD_get_timeout (hd->daemon, &timeout);
2456 if (MHD_YES == haveto)
2457 tv.rel_value_us = (uint64_t) timeout * 1000LL;
2459 tv = GNUNET_TIME_UNIT_FOREVER_REL;
2462 wrs = GNUNET_NETWORK_fdset_create ();
2463 wws = GNUNET_NETWORK_fdset_create ();
2464 GNUNET_NETWORK_fdset_copy_native (wrs, &rs, max + 1);
2465 GNUNET_NETWORK_fdset_copy_native (wws, &ws, max + 1);
2472 if (GNUNET_SCHEDULER_NO_TASK != hd->httpd_task)
2473 GNUNET_SCHEDULER_cancel (hd->httpd_task);
2474 if ( (MHD_YES != haveto) &&
2478 /* daemon is idle, kill after timeout */
2479 hd->httpd_task = GNUNET_SCHEDULER_add_delayed (MHD_CACHE_TIMEOUT,
2486 GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
2491 GNUNET_NETWORK_fdset_destroy (wrs);
2493 GNUNET_NETWORK_fdset_destroy (wws);
2498 * Task run whenever HTTP server operations are pending.
2500 * @param cls the `struct MhdHttpList` of the daemon that is being run
2501 * @param tc scheduler context
2504 do_httpd (void *cls,
2505 const struct GNUNET_SCHEDULER_TaskContext *tc)
2507 struct MhdHttpList *hd = cls;
2509 hd->httpd_task = GNUNET_SCHEDULER_NO_TASK;
2510 MHD_run (hd->daemon);
2511 schedule_httpd (hd);
2516 * Run MHD now, we have extra data ready for the callback.
2518 * @param hd the daemon to run now.
2521 run_mhd_now (struct MhdHttpList *hd)
2523 if (GNUNET_SCHEDULER_NO_TASK !=
2525 GNUNET_SCHEDULER_cancel (hd->httpd_task);
2526 hd->httpd_task = GNUNET_SCHEDULER_add_now (&do_httpd,
2532 * Read file in filename
2534 * @param filename file to read
2535 * @param size pointer where filesize is stored
2536 * @return NULL on error
2539 load_file (const char* filename,
2546 GNUNET_DISK_file_size (filename, &fsize,
2547 GNUNET_YES, GNUNET_YES))
2549 if (fsize > MAX_PEM_SIZE)
2551 *size = (unsigned int) fsize;
2552 buffer = GNUNET_malloc (*size);
2553 if (fsize != GNUNET_DISK_fn_read (filename, buffer, (size_t) fsize))
2555 GNUNET_free (buffer);
2563 * Load PEM key from file
2565 * @param key where to store the data
2566 * @param keyfile path to the PEM file
2567 * @return #GNUNET_OK on success
2570 load_key_from_file (gnutls_x509_privkey_t key,
2571 const char* keyfile)
2573 gnutls_datum_t key_data;
2576 key_data.data = load_file (keyfile, &key_data.size);
2577 ret = gnutls_x509_privkey_import (key, &key_data,
2578 GNUTLS_X509_FMT_PEM);
2579 if (GNUTLS_E_SUCCESS != ret)
2581 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2582 _("Unable to import private key from file `%s'\n"),
2586 GNUNET_free (key_data.data);
2587 return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK;
2592 * Load cert from file
2594 * @param crt struct to store data in
2595 * @param certfile path to pem file
2596 * @return #GNUNET_OK on success
2599 load_cert_from_file (gnutls_x509_crt_t crt,
2600 const char* certfile)
2602 gnutls_datum_t cert_data;
2605 cert_data.data = load_file (certfile, &cert_data.size);
2606 ret = gnutls_x509_crt_import (crt, &cert_data,
2607 GNUTLS_X509_FMT_PEM);
2608 if (GNUTLS_E_SUCCESS != ret)
2610 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2611 _("Unable to import certificate %s\n"), certfile);
2614 GNUNET_free (cert_data.data);
2615 return (GNUTLS_E_SUCCESS != ret) ? GNUNET_SYSERR : GNUNET_OK;
2620 * Generate new certificate for specific name
2622 * @param name the subject name to generate a cert for
2623 * @return a struct holding the PEM data, NULL on error
2625 static struct ProxyGNSCertificate *
2626 generate_gns_certificate (const char *name)
2628 unsigned int serial;
2629 size_t key_buf_size;
2630 size_t cert_buf_size;
2631 gnutls_x509_crt_t request;
2634 struct ProxyGNSCertificate *pgc;
2636 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2637 "Generating TLS/SSL certificate for `%s'\n",
2639 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&request));
2640 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_key (request, proxy_ca.key));
2641 pgc = GNUNET_new (struct ProxyGNSCertificate);
2642 gnutls_x509_crt_set_dn_by_oid (request, GNUTLS_OID_X520_COUNTRY_NAME,
2644 gnutls_x509_crt_set_dn_by_oid (request, GNUTLS_OID_X520_ORGANIZATION_NAME,
2645 0, "GNU Name System", 4);
2646 gnutls_x509_crt_set_dn_by_oid (request, GNUTLS_OID_X520_COMMON_NAME,
2647 0, name, strlen (name));
2648 GNUNET_break (GNUTLS_E_SUCCESS == gnutls_x509_crt_set_version (request, 3));
2649 gnutls_rnd (GNUTLS_RND_NONCE, &serial, sizeof (serial));
2650 gnutls_x509_crt_set_serial (request,
2653 etime = time (NULL);
2654 tm_data = localtime (&etime);
2655 gnutls_x509_crt_set_activation_time (request,
2658 etime = mktime (tm_data);
2659 gnutls_x509_crt_set_expiration_time (request,
2661 gnutls_x509_crt_sign (request,
2664 key_buf_size = sizeof (pgc->key);
2665 cert_buf_size = sizeof (pgc->cert);
2666 gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM,
2667 pgc->cert, &cert_buf_size);
2668 gnutls_x509_privkey_export (proxy_ca.key, GNUTLS_X509_FMT_PEM,
2669 pgc->key, &key_buf_size);
2670 gnutls_x509_crt_deinit (request);
2676 * Lookup (or create) an SSL MHD instance for a particular domain.
2678 * @param domain the domain the SSL daemon has to serve
2679 * @return NULL on errro
2681 static struct MhdHttpList *
2682 lookup_ssl_httpd (const char* domain)
2684 struct MhdHttpList *hd;
2685 struct ProxyGNSCertificate *pgc;
2687 for (hd = mhd_httpd_head; NULL != hd; hd = hd->next)
2688 if (0 == strcmp (hd->domain, domain))
2690 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2691 "Starting fresh MHD HTTPS instance for domain `%s'\n",
2693 pgc = generate_gns_certificate (domain);
2694 hd = GNUNET_new (struct MhdHttpList);
2695 hd->is_ssl = GNUNET_YES;
2696 hd->domain = GNUNET_strdup (domain);
2697 hd->proxy_cert = pgc;
2698 hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL | MHD_USE_NO_LISTEN_SOCKET,
2701 &create_response, hd,
2702 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16,
2703 MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL,
2704 MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL,
2705 MHD_OPTION_HTTPS_MEM_KEY, pgc->key,
2706 MHD_OPTION_HTTPS_MEM_CERT, pgc->cert,
2708 if (NULL == hd->daemon)
2714 GNUNET_CONTAINER_DLL_insert (mhd_httpd_head,
2722 * Task run when a Socks5Request somehow fails to be associated with
2723 * an MHD connection (i.e. because the client never speaks HTTP after
2724 * the SOCKS5 handshake). Clean up.
2726 * @param cls the `struct Socks5Request *`
2727 * @param tc sched context
2730 timeout_s5r_handshake (void *cls,
2731 const struct GNUNET_SCHEDULER_TaskContext *tc)
2733 struct Socks5Request *s5r = cls;
2735 s5r->timeout_task = GNUNET_SCHEDULER_NO_TASK;
2741 * Checks if name is in given @a tld.
2743 * @param name the name to check
2744 * @param tld the TLD to check for (must NOT begin with ".")
2745 * @return #GNUNET_YES or #GNUNET_NO
2748 is_tld (const char* name, const char* tld)
2750 size_t name_len = strlen (name);
2751 size_t tld_len = strlen (tld);
2753 GNUNET_break ('.' != tld[0]);
2754 return ( (tld_len < name_len) &&
2755 ( ('.' == name[name_len - tld_len - 1]) || (name_len == tld_len) ) &&
2757 name + (name_len - tld_len),
2763 * We're done with the Socks5 protocol, now we need to pass the
2764 * connection data through to the final destination, either
2765 * direct (if the protocol might not be HTTP), or via MHD
2766 * (if the port looks like it should be HTTP).
2768 * @param s5r socks request that has reached the final stage
2771 setup_data_transfer (struct Socks5Request *s5r)
2773 struct MhdHttpList *hd;
2775 const struct sockaddr *addr;
2778 if (is_tld (s5r->domain, GNUNET_GNS_TLD) ||
2779 is_tld (s5r->domain, GNUNET_GNS_TLD_ZKEY))
2781 /* GNS TLD, setup MHD server for destination */
2785 hd = lookup_ssl_httpd (s5r->domain);
2788 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2789 _("Failed to start HTTPS server for `%s'\n"),
2796 GNUNET_assert (NULL == httpd);
2800 hd = NULL; /* netcat */
2806 hd = NULL; /* netcat */
2810 fd = GNUNET_NETWORK_get_fd (s5r->sock);
2811 addr = GNUNET_NETWORK_get_addr (s5r->sock);
2812 len = GNUNET_NETWORK_get_addrlen (s5r->sock);
2813 s5r->state = SOCKS5_SOCKET_WITH_MHD;
2814 if (MHD_YES != MHD_add_connection (hd->daemon, fd, addr, len))
2816 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2817 _("Failed to pass client to MHD\n"));
2821 schedule_httpd (hd);
2822 s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT,
2823 &timeout_s5r_handshake,
2828 // FIXME: not implemented
2830 /* start netcat mode here! */
2835 /* ********************* SOCKS handling ************************* */
2839 * Write data from buffer to socks5 client, then continue with state machine.
2841 * @param cls the closure with the `struct Socks5Request`
2842 * @param tc scheduler context
2845 do_write (void *cls,
2846 const struct GNUNET_SCHEDULER_TaskContext *tc)
2848 struct Socks5Request *s5r = cls;
2851 s5r->wtask = GNUNET_SCHEDULER_NO_TASK;
2852 len = GNUNET_NETWORK_socket_send (s5r->sock,
2857 /* write error: connection closed, shutdown, etc.; just clean up */
2863 s5r->wbuf_len - len);
2864 s5r->wbuf_len -= len;
2865 if (s5r->wbuf_len > 0)
2867 /* not done writing */
2869 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2875 /* we're done writing, continue with state machine! */
2882 case SOCKS5_REQUEST:
2883 GNUNET_assert (GNUNET_SCHEDULER_NO_TASK != s5r->rtask);
2885 case SOCKS5_DATA_TRANSFER:
2886 setup_data_transfer (s5r);
2888 case SOCKS5_WRITE_THEN_CLEANUP:
2899 * Return a server response message indicating a failure to the client.
2901 * @param s5r request to return failure code for
2902 * @param sc status code to return
2905 signal_socks_failure (struct Socks5Request *s5r,
2906 enum Socks5StatusCode sc)
2908 struct Socks5ServerResponseMessage *s_resp;
2910 s_resp = (struct Socks5ServerResponseMessage *) &s5r->wbuf[s5r->wbuf_len];
2911 memset (s_resp, 0, sizeof (struct Socks5ServerResponseMessage));
2912 s_resp->version = SOCKS_VERSION_5;
2914 s5r->state = SOCKS5_WRITE_THEN_CLEANUP;
2915 if (GNUNET_SCHEDULER_NO_TASK != s5r->wtask)
2917 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2924 * Return a server response message indicating success.
2926 * @param s5r request to return success status message for
2929 signal_socks_success (struct Socks5Request *s5r)
2931 struct Socks5ServerResponseMessage *s_resp;
2933 s_resp = (struct Socks5ServerResponseMessage *) &s5r->wbuf[s5r->wbuf_len];
2934 s_resp->version = SOCKS_VERSION_5;
2935 s_resp->reply = SOCKS5_STATUS_REQUEST_GRANTED;
2936 s_resp->reserved = 0;
2937 s_resp->addr_type = SOCKS5_AT_IPV4;
2938 /* zero out IPv4 address and port */
2941 sizeof (struct in_addr) + sizeof (uint16_t));
2942 s5r->wbuf_len += sizeof (struct Socks5ServerResponseMessage) +
2943 sizeof (struct in_addr) + sizeof (uint16_t);
2944 if (GNUNET_SCHEDULER_NO_TASK == s5r->wtask)
2946 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2953 * Process GNS results for target domain.
2955 * @param cls the ctask
2956 * @param rd_count number of records returned
2957 * @param rd record data
2960 handle_gns_result (void *cls,
2962 const struct GNUNET_NAMESTORE_RecordData *rd)
2964 struct Socks5Request *s5r = cls;
2966 const struct GNUNET_NAMESTORE_RecordData *r;
2969 s5r->gns_lookup = NULL;
2971 for (i=0;i<rd_count;i++)
2974 switch (r->record_type)
2976 case GNUNET_DNSPARSER_TYPE_A:
2978 struct sockaddr_in *in;
2980 if (sizeof (struct in_addr) != r->data_size)
2982 GNUNET_break_op (0);
2985 if (GNUNET_YES == got_ip)
2988 GNUNET_NETWORK_test_pf (PF_INET))
2990 got_ip = GNUNET_YES;
2991 in = (struct sockaddr_in *) &s5r->destination_address;
2992 in->sin_family = AF_INET;
2993 memcpy (&in->sin_addr,
2996 in->sin_port = htons (s5r->port);
2997 #if HAVE_SOCKADDR_IN_SIN_LEN
2998 in->sin_len = sizeof (*in);
3002 case GNUNET_DNSPARSER_TYPE_AAAA:
3004 struct sockaddr_in6 *in;
3006 if (sizeof (struct in6_addr) != r->data_size)
3008 GNUNET_break_op (0);
3011 if (GNUNET_YES == got_ip)
3014 GNUNET_NETWORK_test_pf (PF_INET))
3016 /* FIXME: allow user to disable IPv6 per configuration option... */
3017 got_ip = GNUNET_YES;
3018 in = (struct sockaddr_in6 *) &s5r->destination_address;
3019 in->sin6_family = AF_INET6;
3020 memcpy (&in->sin6_addr,
3023 in->sin6_port = htons (s5r->port);
3024 #if HAVE_SOCKADDR_IN_SIN_LEN
3025 in->sin6_len = sizeof (*in);
3029 case GNUNET_NAMESTORE_TYPE_VPN:
3030 GNUNET_break (0); /* should have been translated within GNS */
3032 case GNUNET_NAMESTORE_TYPE_LEHO:
3033 GNUNET_free_non_null (s5r->leho);
3034 s5r->leho = GNUNET_strndup (r->data,
3042 if (GNUNET_YES != got_ip)
3044 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3045 "Name resolution failed to yield useful IP address.\n");
3046 signal_socks_failure (s5r,
3047 SOCKS5_STATUS_GENERAL_FAILURE);
3050 s5r->state = SOCKS5_DATA_TRANSFER;
3051 signal_socks_success (s5r);
3056 * Remove the first @a len bytes from the beginning of the read buffer.
3058 * @param s5r the handle clear the read buffer for
3059 * @param len number of bytes in read buffer to advance
3062 clear_from_s5r_rbuf (struct Socks5Request *s5r,
3065 GNUNET_assert (len <= s5r->rbuf_len);
3068 s5r->rbuf_len - len);
3069 s5r->rbuf_len -= len;
3074 * Read data from incoming Socks5 connection
3076 * @param cls the closure with the `struct Socks5Request`
3077 * @param tc the scheduler context
3080 do_s5r_read (void *cls,
3081 const struct GNUNET_SCHEDULER_TaskContext *tc)
3083 struct Socks5Request *s5r = cls;
3084 const struct Socks5ClientHelloMessage *c_hello;
3085 struct Socks5ServerHelloMessage *s_hello;
3086 const struct Socks5ClientRequestMessage *c_req;
3090 s5r->rtask = GNUNET_SCHEDULER_NO_TASK;
3091 if ( (NULL != tc->read_ready) &&
3092 (GNUNET_NETWORK_fdset_isset (tc->read_ready, s5r->sock)) )
3094 rlen = GNUNET_NETWORK_socket_recv (s5r->sock,
3095 &s5r->rbuf[s5r->rbuf_len],
3096 sizeof (s5r->rbuf) - s5r->rbuf_len);
3099 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3100 "socks5 client disconnected.\n");
3104 s5r->rbuf_len += rlen;
3106 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
3109 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3110 "Processing %u bytes of socks data in state %d\n",
3116 c_hello = (const struct Socks5ClientHelloMessage*) &s5r->rbuf;
3117 if ( (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage)) ||
3118 (s5r->rbuf_len < sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods) )
3119 return; /* need more data */
3120 if (SOCKS_VERSION_5 != c_hello->version)
3122 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3123 _("Unsupported socks version %d\n"),
3124 (int) c_hello->version);
3128 clear_from_s5r_rbuf (s5r,
3129 sizeof (struct Socks5ClientHelloMessage) + c_hello->num_auth_methods);
3130 GNUNET_assert (0 == s5r->wbuf_len);
3131 s_hello = (struct Socks5ServerHelloMessage *) &s5r->wbuf;
3132 s5r->wbuf_len = sizeof (struct Socks5ServerHelloMessage);
3133 s_hello->version = SOCKS_VERSION_5;
3134 s_hello->auth_method = SOCKS_AUTH_NONE;
3135 GNUNET_assert (GNUNET_SCHEDULER_NO_TASK == s5r->wtask);
3136 s5r->wtask = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
3139 s5r->state = SOCKS5_REQUEST;
3141 case SOCKS5_REQUEST:
3142 c_req = (const struct Socks5ClientRequestMessage *) &s5r->rbuf;
3143 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage))
3145 switch (c_req->command)
3147 case SOCKS5_CMD_TCP_STREAM:
3151 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3152 _("Unsupported socks command %d\n"),
3153 (int) c_req->command);
3154 signal_socks_failure (s5r,
3155 SOCKS5_STATUS_COMMAND_NOT_SUPPORTED);
3158 switch (c_req->addr_type)
3160 case SOCKS5_AT_IPV4:
3162 const struct in_addr *v4 = (const struct in_addr *) &c_req[1];
3163 const uint16_t *port = (const uint16_t *) &v4[1];
3164 struct sockaddr_in *in;
3166 s5r->port = ntohs (*port);
3167 alen = sizeof (struct in_addr);
3168 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
3169 alen + sizeof (uint16_t))
3170 return; /* need more data */
3171 in = (struct sockaddr_in *) &s5r->destination_address;
3172 in->sin_family = AF_INET;
3174 in->sin_port = *port;
3175 #if HAVE_SOCKADDR_IN_SIN_LEN
3176 in->sin_len = sizeof (*in);
3178 s5r->state = SOCKS5_DATA_TRANSFER;
3181 case SOCKS5_AT_IPV6:
3183 const struct in6_addr *v6 = (const struct in6_addr *) &c_req[1];
3184 const uint16_t *port = (const uint16_t *) &v6[1];
3185 struct sockaddr_in6 *in;
3187 s5r->port = ntohs (*port);
3188 alen = sizeof (struct in6_addr);
3189 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
3190 alen + sizeof (uint16_t))
3191 return; /* need more data */
3192 in = (struct sockaddr_in6 *) &s5r->destination_address;
3193 in->sin6_family = AF_INET6;
3194 in->sin6_addr = *v6;
3195 in->sin6_port = *port;
3196 #if HAVE_SOCKADDR_IN_SIN_LEN
3197 in->sin6_len = sizeof (*in);
3199 s5r->state = SOCKS5_DATA_TRANSFER;
3202 case SOCKS5_AT_DOMAINNAME:
3204 const uint8_t *dom_len;
3205 const char *dom_name;
3206 const uint16_t *port;
3208 dom_len = (const uint8_t *) &c_req[1];
3209 alen = *dom_len + 1;
3210 if (s5r->rbuf_len < sizeof (struct Socks5ClientRequestMessage) +
3211 alen + sizeof (uint16_t))
3212 return; /* need more data */
3213 dom_name = (const char *) &dom_len[1];
3214 port = (const uint16_t*) &dom_name[*dom_len];
3215 s5r->domain = GNUNET_strndup (dom_name, *dom_len);
3216 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3217 "Requested connection is to %s:%d\n",
3220 s5r->state = SOCKS5_RESOLVING;
3221 s5r->port = ntohs (*port);
3222 s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
3225 GNUNET_DNSPARSER_TYPE_A,
3226 GNUNET_NO /* only cached */,
3227 (GNUNET_YES == do_shorten) ? &local_shorten_zone : NULL,
3233 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3234 _("Unsupported socks address type %d\n"),
3235 (int) c_req->addr_type);
3236 signal_socks_failure (s5r,
3237 SOCKS5_STATUS_ADDRESS_TYPE_NOT_SUPPORTED);
3240 clear_from_s5r_rbuf (s5r,
3241 sizeof (struct Socks5ClientRequestMessage) +
3242 alen + sizeof (uint16_t));
3243 if (0 != s5r->rbuf_len)
3245 /* read more bytes than healthy, why did the client send more!? */
3246 GNUNET_break_op (0);
3247 signal_socks_failure (s5r,
3248 SOCKS5_STATUS_GENERAL_FAILURE);
3251 if (SOCKS5_DATA_TRANSFER == s5r->state)
3253 /* if we are not waiting for GNS resolution, signal success */
3254 signal_socks_success (s5r);
3256 /* We are done reading right now */
3257 GNUNET_SCHEDULER_cancel (s5r->rtask);
3258 s5r->rtask = GNUNET_SCHEDULER_NO_TASK;
3260 case SOCKS5_RESOLVING:
3263 case SOCKS5_DATA_TRANSFER:
3274 * Accept new incoming connections
3276 * @param cls the closure
3277 * @param tc the scheduler context
3280 do_accept (void *cls,
3281 const struct GNUNET_SCHEDULER_TaskContext *tc)
3283 struct GNUNET_NETWORK_Handle *s;
3284 struct Socks5Request *s5r;
3286 ltask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
3289 s = GNUNET_NETWORK_socket_accept (lsock, NULL, NULL);
3292 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "accept");
3295 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3296 "Got an inbound connection, waiting for data\n");
3297 s5r = GNUNET_new (struct Socks5Request);
3298 GNUNET_CONTAINER_DLL_insert (s5r_head,
3302 s5r->state = SOCKS5_INIT;
3303 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
3309 /* ******************* General / main code ********************* */
3313 * Task run on shutdown
3315 * @param cls closure
3316 * @param tc task context
3319 do_shutdown (void *cls,
3320 const struct GNUNET_SCHEDULER_TaskContext *tc)
3322 struct ProxyCurlTask *ctask;
3323 struct ProxyCurlTask *ctask_tmp;
3324 struct ProxyUploadData *pdata;
3326 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
3327 "Shutting down...\n");
3328 while (NULL != mhd_httpd_head)
3329 kill_httpd (mhd_httpd_head);
3330 for (ctask=ctasks_head; NULL != ctask; ctask=ctask_tmp)
3332 ctask_tmp = ctask->next;
3333 if (NULL != ctask->curl)
3335 curl_easy_cleanup (ctask->curl);
3338 if (NULL != ctask->headers)
3340 curl_slist_free_all (ctask->headers);
3341 ctask->headers = NULL;
3343 if (NULL != ctask->resolver)
3345 curl_slist_free_all (ctask->resolver);
3346 ctask->resolver = NULL;
3348 if (NULL != ctask->response)
3350 MHD_destroy_response (ctask->response);
3351 ctask->response = NULL;
3353 for (pdata = ctask->upload_data_head; NULL != pdata; pdata = ctask->upload_data_head)
3355 GNUNET_CONTAINER_DLL_remove (ctask->upload_data_head,
3356 ctask->upload_data_tail,
3358 GNUNET_free_non_null (pdata->filename);
3359 GNUNET_free_non_null (pdata->content_type);
3360 GNUNET_free_non_null (pdata->key);
3361 GNUNET_free_non_null (pdata->value);
3362 GNUNET_free (pdata);
3364 GNUNET_free (ctask);
3368 GNUNET_NETWORK_socket_close (lsock);
3373 GNUNET_IDENTITY_cancel (id_op);
3376 if (NULL != identity)
3378 GNUNET_IDENTITY_disconnect (identity);
3381 if (NULL != curl_multi)
3383 curl_multi_cleanup (curl_multi);
3386 if (NULL != gns_handle)
3388 GNUNET_GNS_disconnect (gns_handle);
3391 if (GNUNET_SCHEDULER_NO_TASK != curl_download_task)
3393 GNUNET_SCHEDULER_cancel (curl_download_task);
3394 curl_download_task = GNUNET_SCHEDULER_NO_TASK;
3396 if (GNUNET_SCHEDULER_NO_TASK != ltask)
3398 GNUNET_SCHEDULER_cancel (ltask);
3399 ltask = GNUNET_SCHEDULER_NO_TASK;
3401 gnutls_x509_crt_deinit (proxy_ca.cert);
3402 gnutls_x509_privkey_deinit (proxy_ca.key);
3403 gnutls_global_deinit ();
3408 * Continue initialization after we have our zone information.
3413 struct MhdHttpList *hd;
3414 struct sockaddr_in sa;
3416 /* Open listen socket for socks proxy */
3417 /* FIXME: support IPv6! */
3418 memset (&sa, 0, sizeof (sa));
3419 sa.sin_family = AF_INET;
3420 sa.sin_port = htons (port);
3421 #if HAVE_SOCKADDR_IN_SIN_LEN
3422 sa.sin_len = sizeof (sa);
3424 lsock = GNUNET_NETWORK_socket_create (AF_INET,
3429 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "socket");
3430 GNUNET_SCHEDULER_shutdown ();
3434 GNUNET_NETWORK_socket_bind (lsock, (const struct sockaddr *) &sa,
3437 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "bind");
3438 GNUNET_SCHEDULER_shutdown ();
3441 if (GNUNET_OK != GNUNET_NETWORK_socket_listen (lsock, 5))
3443 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "listen");
3446 ltask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
3447 lsock, &do_accept, NULL);
3449 if (0 != curl_global_init (CURL_GLOBAL_WIN32))
3451 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3452 "cURL global init failed!\n");
3453 GNUNET_SCHEDULER_shutdown ();
3456 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3457 "Proxy listens on port %u\n",
3460 /* start MHD daemon for HTTP */
3461 hd = GNUNET_new (struct MhdHttpList);
3462 hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_NO_LISTEN_SOCKET,
3465 &create_response, hd,
3466 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16,
3467 MHD_OPTION_NOTIFY_COMPLETED, &mhd_completed_cb, NULL,
3468 MHD_OPTION_URI_LOG_CALLBACK, &mhd_log_callback, NULL,
3470 if (NULL == hd->daemon)
3473 GNUNET_SCHEDULER_shutdown ();
3477 GNUNET_CONTAINER_DLL_insert (mhd_httpd_head, mhd_httpd_tail, hd);
3482 * Method called to inform about the egos of the shorten zone of this peer.
3484 * When used with #GNUNET_IDENTITY_create or #GNUNET_IDENTITY_get,
3485 * this function is only called ONCE, and 'NULL' being passed in
3486 * @a ego does indicate an error (i.e. name is taken or no default
3487 * value is known). If @a ego is non-NULL and if '*ctx'
3488 * is set in those callbacks, the value WILL be passed to a subsequent
3489 * call to the identity callback of #GNUNET_IDENTITY_connect (if
3490 * that one was not NULL).
3492 * @param cls closure, NULL
3493 * @param ego ego handle
3494 * @param ctx context for application to store data for this ego
3495 * (during the lifetime of this process, initially NULL)
3496 * @param name name assigned by the user for this ego,
3497 * NULL if the user just deleted the ego and it
3498 * must thus no longer be used
3501 identity_shorten_cb (void *cls,
3502 struct GNUNET_IDENTITY_Ego *ego,
3509 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3510 _("No ego configured for `shorten-zone`\n"));
3514 local_shorten_zone = *GNUNET_IDENTITY_ego_get_private_key (ego);
3515 do_shorten = GNUNET_YES;
3522 * Method called to inform about the egos of the master zone of this peer.
3524 * When used with #GNUNET_IDENTITY_create or #GNUNET_IDENTITY_get,
3525 * this function is only called ONCE, and 'NULL' being passed in
3526 * @a ego does indicate an error (i.e. name is taken or no default
3527 * value is known). If @a ego is non-NULL and if '*ctx'
3528 * is set in those callbacks, the value WILL be passed to a subsequent
3529 * call to the identity callback of #GNUNET_IDENTITY_connect (if
3530 * that one was not NULL).
3532 * @param cls closure, NULL
3533 * @param ego ego handle
3534 * @param ctx context for application to store data for this ego
3535 * (during the lifetime of this process, initially NULL)
3536 * @param name name assigned by the user for this ego,
3537 * NULL if the user just deleted the ego and it
3538 * must thus no longer be used
3541 identity_master_cb (void *cls,
3542 struct GNUNET_IDENTITY_Ego *ego,
3549 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3550 _("No ego configured for `master-zone`\n"));
3551 GNUNET_SCHEDULER_shutdown ();
3554 GNUNET_IDENTITY_ego_get_public_key (ego,
3556 id_op = GNUNET_IDENTITY_get (identity,
3558 &identity_shorten_cb,
3564 * Main function that will be run
3566 * @param cls closure
3567 * @param args remaining command-line arguments
3568 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
3569 * @param c configuration
3572 run (void *cls, char *const *args, const char *cfgfile,
3573 const struct GNUNET_CONFIGURATION_Handle *c)
3575 char* cafile_cfg = NULL;
3579 if (NULL == (curl_multi = curl_multi_init ()))
3581 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3582 "Failed to create cURL multi handle!\n");
3585 cafile = cafile_opt;
3588 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns-proxy",
3592 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3597 cafile = cafile_cfg;
3599 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3600 "Using %s as CA\n", cafile);
3602 gnutls_global_init ();
3603 gnutls_x509_crt_init (&proxy_ca.cert);
3604 gnutls_x509_privkey_init (&proxy_ca.key);
3606 if ( (GNUNET_OK != load_cert_from_file (proxy_ca.cert, cafile)) ||
3607 (GNUNET_OK != load_key_from_file (proxy_ca.key, cafile)) )
3609 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3610 _("Failed to load SSL/TLS key and certificate from `%s'\n"),
3612 gnutls_x509_crt_deinit (proxy_ca.cert);
3613 gnutls_x509_privkey_deinit (proxy_ca.key);
3614 gnutls_global_deinit ();
3615 GNUNET_free_non_null (cafile_cfg);
3618 GNUNET_free_non_null (cafile_cfg);
3619 if (NULL == (gns_handle = GNUNET_GNS_connect (cfg)))
3621 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3622 "Unable to connect to GNS!\n");
3623 gnutls_x509_crt_deinit (proxy_ca.cert);
3624 gnutls_x509_privkey_deinit (proxy_ca.key);
3625 gnutls_global_deinit ();
3628 identity = GNUNET_IDENTITY_connect (cfg,
3630 id_op = GNUNET_IDENTITY_get (identity,
3632 &identity_master_cb,
3634 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
3635 &do_shutdown, NULL);
3640 * The main function for gnunet-gns-proxy.
3642 * @param argc number of arguments from the command line
3643 * @param argv command line arguments
3644 * @return 0 ok, 1 on error
3647 main (int argc, char *const *argv)
3649 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
3651 gettext_noop ("listen on specified port (default: 7777)"), 1,
3652 &GNUNET_GETOPT_set_ulong, &port},
3653 {'a', "authority", NULL,
3654 gettext_noop ("pem file to use as CA"), 1,
3655 &GNUNET_GETOPT_set_string, &cafile_opt},
3656 GNUNET_GETOPT_OPTION_END
3658 static const char* page =
3659 "<html><head><title>gnunet-gns-proxy</title>"
3660 "</head><body>cURL fail</body></html>";
3663 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
3665 GNUNET_log_setup ("gnunet-gns-proxy", "WARNING", NULL);
3666 curl_failure_response = MHD_create_response_from_buffer (strlen (page),
3668 MHD_RESPMEM_PERSISTENT);
3672 GNUNET_PROGRAM_run (argc, argv, "gnunet-gns-proxy",
3673 _("GNUnet GNS proxy"),
3675 &run, NULL)) ? 0 : 1;
3676 MHD_destroy_response (curl_failure_response);
3677 GNUNET_free_non_null ((char *) argv);
3681 /* end of gnunet-gns-proxy.c */