2 This file is part of GNUnet.
3 (C) 2012 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 #include <gnunet_util_lib.h>
23 #include <gnunet_gns_service.h>
24 #include <microhttpd.h>
25 #include <curl/curl.h>
27 #include "gns_proxy_proto.h"
31 #include <gnutls/gnutls.h>
32 #include <gnutls/x509.h>
33 #include <gnutls/abstract.h>
34 #include <gnutls/crypto.h>
37 #define GNUNET_GNS_PROXY_PORT 7777
38 #define MAX_MHD_CONNECTIONS 300
40 /* MHD/cURL defines */
41 #define BUF_WAIT_FOR_CURL 0
42 #define BUF_WAIT_FOR_MHD 1
43 #define HTML_HDR_CONTENT "Content-Type: text/html\r\n"
46 //#define RE_DOTPLUS "<a href=\"http://(([A-Za-z]+[.])+)([+])"
47 #define RE_A_HREF "<a href=\"https?://(([A-Za-z0-9]+[.])+)([+]|zkey)"
48 #define RE_N_MATCHES 4
50 /* The usual suspects */
52 #define HTTPS_PORT 443
56 * A structure for CA cert/key
61 gnutls_x509_crt_t cert;
64 gnutls_x509_privkey_t key;
69 * Structure for GNS certificates
71 struct ProxyGNSCertificate
73 /* The certificate as PEM */
76 /* The private key as PEM */
82 * A structure for socks requests
86 /* The client socket */
87 struct GNUNET_NETWORK_Handle *sock;
89 /* The server socket */
90 struct GNUNET_NETWORK_Handle *remote_sock;
95 /* Client socket read task */
96 GNUNET_SCHEDULER_TaskIdentifier rtask;
98 /* Server socket read task */
99 GNUNET_SCHEDULER_TaskIdentifier fwdrtask;
101 /* Client socket write task */
102 GNUNET_SCHEDULER_TaskIdentifier wtask;
104 /* Server socket write task */
105 GNUNET_SCHEDULER_TaskIdentifier fwdwtask;
113 /* Length of data in read buffer */
114 unsigned int rbuf_len;
116 /* Length of data in write buffer */
117 unsigned int wbuf_len;
119 /* This handle is scheduled for cleanup? */
122 /* Shall we close the client socket on cleanup? */
128 * A structure for all running Httpds
133 struct MhdHttpList *prev;
136 struct MhdHttpList *next;
138 /* is this an ssl daemon? */
141 /* the domain name to server (only important for SSL) */
144 /* The daemon handle */
145 struct MHD_Daemon *daemon;
147 /* Optional proxy certificate used */
148 struct ProxyGNSCertificate *proxy_cert;
151 GNUNET_SCHEDULER_TaskIdentifier httpd_task;
155 * A structure for MHD<->cURL streams
160 struct ProxyCurlTask *prev;
163 struct ProxyCurlTask *next;
168 /* Optional header replacements for curl (LEHO) */
169 struct curl_slist *headers;
171 /* Optional resolver replacements for curl (LEHO) */
172 struct curl_slist *resolver;
174 /* The URL to fetch */
177 /* The cURL write buffer / MHD read buffer */
178 char buffer[CURL_MAX_WRITE_SIZE];
180 /* The pointer to the data in the buffer */
183 /* The buffer status (BUF_WAIT_FOR_CURL or BUF_WAIT_FOR_MHD) */
186 /* Number of bytes in buffer */
187 unsigned int bytes_in_buffer;
189 /* Indicates wheather the download is in progress */
190 int download_in_progress;
192 /* Indicates wheather the download was successful */
193 int download_successful;
195 /* Indicates wheather the download failed */
198 /* Indicates wheather we need to parse HTML */
201 /* Indicates wheather we are postprocessing the HTML right now */
202 int is_postprocessing;
204 /* Indicates wheather postprocessing has finished */
207 /* Task ID of the postprocessing task */
208 GNUNET_SCHEDULER_TaskIdentifier pp_task;
210 /* The postprocessing buffer TODO length? */
213 /* The authority of the corresponding host (site of origin) */
216 /* The hostname (Host header field) */
219 /* The LEgacy HOstname (can be empty) */
222 /* The associated daemon list entry */
223 struct MhdHttpList *mhd;
227 /* The port the proxy is running on (default 7777) */
228 static unsigned long port = GNUNET_GNS_PROXY_PORT;
230 /* The CA file (pem) to use for the proxy CA */
233 /* The listen socket of the proxy */
234 static struct GNUNET_NETWORK_Handle *lsock;
236 /* The listen task ID */
237 GNUNET_SCHEDULER_TaskIdentifier ltask;
239 /* The cURL download task */
240 GNUNET_SCHEDULER_TaskIdentifier curl_download_task;
242 /* The non SSL httpd daemon handle */
243 static struct MHD_Daemon *httpd;
245 /* Number of current mhd connections */
246 static unsigned int total_mhd_connections;
248 /* The cURL multi handle */
249 static CURLM *curl_multi;
251 /* Handle to the GNS service */
252 static struct GNUNET_GNS_Handle *gns_handle;
254 /* DLL for ProxyCurlTasks */
255 static struct ProxyCurlTask *ctasks_head;
257 /* DLL for ProxyCurlTasks */
258 static struct ProxyCurlTask *ctasks_tail;
260 /* DLL for http daemons */
261 static struct MhdHttpList *mhd_httpd_head;
263 /* DLL for http daemons */
264 static struct MhdHttpList *mhd_httpd_tail;
266 /* Handle to the regex for dotplus (.+) replacement in HTML */
267 static regex_t re_dotplus;
269 /* The users local GNS zone hash */
270 static struct GNUNET_CRYPTO_ShortHashCode local_gns_zone;
272 /* The users local shorten zone hash */
273 static struct GNUNET_CRYPTO_ShortHashCode local_shorten_zone;
275 /* The CA for SSL certificate generation */
276 static struct ProxyCA proxy_ca;
278 /* UNIX domain socket for mhd */
279 struct GNUNET_NETWORK_Handle *mhd_unix_socket;
285 * Checks if name is in tld
287 * @param name the name to check
288 * @param tld the TLD to check for
289 * @return GNUNET_YES or GNUNET_NO
292 is_tld(const char* name, const char* tld)
296 if (strlen(name) <= strlen(tld))
301 offset = strlen(name)-strlen(tld);
302 if (strcmp (name+offset, tld) != 0)
304 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
305 "%s is not in .%s TLD\n", name, tld);
314 * Read HTTP request header field 'Host'
316 * @param cls buffer to write to
317 * @param kind value kind
318 * @param key field key
319 * @param value field value
320 * @return MHD_NO when Host found
323 con_val_iter (void *cls,
324 enum MHD_ValueKind kind,
328 char* buf = (char*)cls;
330 if (0 == strcmp ("Host", key))
340 * Check HTTP response header for mime
342 * @param buffer curl buffer
343 * @param size curl blocksize
344 * @param nmemb curl blocknumber
346 * @return size of read bytes
349 curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls)
351 size_t bytes = size * nmemb;
352 struct ProxyCurlTask *ctask = cls;
355 memcpy (hdr, buffer, bytes);
358 if (0 == strcmp (hdr, HTML_HDR_CONTENT))
360 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
361 "Got HTML HTTP response header\n");
362 ctask->parse_content = GNUNET_YES;
371 * @param hd a http daemon list entry
374 run_httpd (struct MhdHttpList *hd);
386 * Task that simply runs MHD main loop
389 * @param tc task context
392 run_mhd (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
395 struct MhdHttpList *hd = cls;
397 //for (hd=mhd_httpd_head; hd != NULL; hd = hd->next)
398 MHD_run (hd->daemon);
403 * Process cURL download bits
405 * @param ptr buffer with data
406 * @param size size of a record
407 * @param nmemb number of records downloaded
409 * @return number of processed bytes
412 callback_download (void *ptr, size_t size, size_t nmemb, void *ctx)
414 const char *cbuf = ptr;
416 struct ProxyCurlTask *ctask = ctx;
427 if (total > sizeof (ctask->buffer))
429 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
430 "CURL gave us too much data to handle (%d)!\n",
435 if (ctask->buf_status == BUF_WAIT_FOR_MHD)
437 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
438 "CURL: Waiting for MHD (%s)\n", ctask->url);
439 return CURL_WRITEFUNC_PAUSE;
443 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
444 "CURL: Copying to MHD (%s, %d)\n", ctask->url, total);
445 memcpy (ctask->buffer, cbuf, total);
446 ctask->bytes_in_buffer = total;
447 ctask->buffer_ptr = ctask->buffer;
449 ctask->buf_status = BUF_WAIT_FOR_MHD;
451 //GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
452 // "cURL chunk:\n%s\n", (char*)ctask->buffer);
453 //run_mhd (NULL, NULL);
454 GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
461 * Callback to free content
463 * @param cls content to free
466 mhd_content_free (void *cls)
468 struct ProxyCurlTask *ctask = cls;
470 if (NULL != ctask->headers)
471 curl_slist_free_all (ctask->headers);
473 if (NULL != ctask->curl)
474 curl_easy_cleanup (ctask->curl);
484 * Shorten result callback
486 * @param cls the proxycurltask
487 * @param short_name the shortened name (NULL on error)
490 process_shorten (void* cls, const char* short_name)
492 struct ProxyCurlTask *ctask = cls;
494 char tmp[strlen(ctask->pp_buf)]; //TODO length
496 if (NULL == short_name)
498 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
499 "MHD PP: Unable to shorten %s\n",
504 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
505 "MHD PP: Shorten %s -> %s\n",
509 sprintf (tmp, "<a href=\"http://%s", short_name);
510 strcpy (ctask->pp_buf, tmp);
512 ctask->pp_finished = GNUNET_YES;
514 GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
519 * Postprocessing task that uses GNS to shorten names
521 * @param cls the proxycurltask
522 * @param tc the task context
525 postprocess_name (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
527 struct ProxyCurlTask *ctask = cls;
528 char tmp[strlen(ctask->pp_buf)];
530 sprintf ( tmp, "%s%s", ctask->pp_buf, ctask->authority);
532 GNUNET_GNS_shorten (gns_handle,
541 * Callback for MHD response
544 * @param pos in buffer
546 * @param max space in buffer
549 mhd_content_cb (void *cls,
554 struct ProxyCurlTask *ctask = cls;
556 size_t bytes_to_copy;
559 regmatch_t m[RE_N_MATCHES];
561 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
562 "MHD: content cb\n");
564 if (ctask->download_successful &&
565 (ctask->buf_status == BUF_WAIT_FOR_CURL))
567 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
568 "MHD: sending response for %s\n", ctask->url);
569 ctask->download_in_progress = GNUNET_NO;
570 curl_multi_remove_handle (curl_multi, ctask->curl);
571 curl_easy_cleanup (ctask->curl);
572 GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
573 total_mhd_connections--;
574 return MHD_CONTENT_READER_END_OF_STREAM;
577 if (ctask->download_error &&
578 (ctask->buf_status == BUF_WAIT_FOR_CURL))
580 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
581 "MHD: sending error response\n");
582 ctask->download_in_progress = GNUNET_NO;
583 curl_multi_remove_handle (curl_multi, ctask->curl);
584 curl_easy_cleanup (ctask->curl);
585 GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
586 total_mhd_connections--;
587 return MHD_CONTENT_READER_END_WITH_ERROR;
590 if ( ctask->buf_status == BUF_WAIT_FOR_CURL )
593 bytes_to_copy = ctask->bytes_in_buffer;
595 if (ctask->parse_content == GNUNET_YES)
598 GNUNET_log ( GNUNET_ERROR_TYPE_DEBUG,
599 "MHD: We need to parse the HTML %s\n", ctask->buffer_ptr);
601 nomatch = regexec ( &re_dotplus, ctask->buffer_ptr, RE_N_MATCHES, m, 0);
605 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
606 "MHD RE: No match\n");
610 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
613 GNUNET_assert (m[1].rm_so != -1);
615 hostptr = ctask->buffer_ptr+m[1].rm_so;
619 bytes_to_copy = m[0].rm_so;
620 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
621 "Copying %d bytes.\n", m[0].rm_so);
627 if (ctask->is_postprocessing == GNUNET_YES)
631 if ( ctask->pp_finished == GNUNET_NO )
633 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
634 "MHD PP: Waiting for PP of %s\n", ctask->pp_buf);
638 ctask->is_postprocessing = GNUNET_NO;
640 ctask->bytes_in_buffer -= m[0].rm_eo;//(m[1].rm_eo-m[1].rm_so);
641 ctask->buffer_ptr += m[0].rm_eo;//(m[1].rm_eo-m[1].rm_so);
642 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
643 "Skipping next %d bytes in buffer\n", m[0].rm_eo);
645 GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
647 if ( strlen (ctask->pp_buf) <= max )
649 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
650 "Copying postprocessed %s.\n", ctask->pp_buf);
651 memcpy ( buf, ctask->pp_buf, strlen (ctask->pp_buf) );
652 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
654 ctask->is_postprocessing = GNUNET_NO;
655 return strlen (ctask->pp_buf);
661 memset (ctask->pp_buf, 0, sizeof(ctask->pp_buf));
663 /* If .+ extend with authority */
664 if (*(ctask->buffer_ptr+m[1].rm_eo) == '+')
666 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
668 memcpy (ctask->pp_buf, hostptr, (m[1].rm_eo-m[1].rm_so));
669 strcpy ( ctask->pp_buf+strlen(ctask->pp_buf),
672 /* If .zkey simply copy the name */
675 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
677 memcpy (ctask->pp_buf, hostptr, (m[1].rm_eo-m[1].rm_so + strlen (GNUNET_GNS_TLD_ZKEY)));
680 ctask->is_postprocessing = GNUNET_YES;
681 ctask->pp_finished = GNUNET_NO;
683 GNUNET_GNS_shorten (gns_handle,
688 //postprocess_name(ctask, NULL);
689 //ctask->pp_task = GNUNET_SCHEDULER_add_now (&postprocess_name, ctask);
696 if ( bytes_to_copy > max )
698 GNUNET_log ( GNUNET_ERROR_TYPE_DEBUG,
699 "MHD: buffer in response too small! (%s)\n",
701 memcpy ( buf, ctask->buffer_ptr, max);
702 ctask->bytes_in_buffer -= max;
703 ctask->buffer_ptr += max;
708 GNUNET_log ( GNUNET_ERROR_TYPE_DEBUG,
709 "MHD: copying %d bytes to mhd response at offset %d\n",
712 memcpy ( buf, ctask->buffer_ptr, bytes_to_copy );
713 copied = bytes_to_copy;
714 if (bytes_to_copy < ctask->bytes_in_buffer)
716 ctask->bytes_in_buffer -= bytes_to_copy;
717 ctask->buffer_ptr += bytes_to_copy;
721 ctask->bytes_in_buffer = 0;
722 ctask->buf_status = BUF_WAIT_FOR_CURL;
723 ctask->buffer_ptr = ctask->buffer;
724 curl_easy_pause (ctask->curl, CURLPAUSE_CONT);
725 GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
729 GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
737 * Task that is run when we are ready to receive more data
741 * @param tc task context
744 curl_task_download (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc);
747 * Ask cURL for the select sets and schedule download
750 curl_download_prepare ()
757 struct GNUNET_NETWORK_FDSet *grs;
758 struct GNUNET_NETWORK_FDSet *gws;
760 struct GNUNET_TIME_Relative rtime;
766 mret = curl_multi_fdset (curl_multi, &rs, &ws, &es, &max);
768 if (mret != CURLM_OK)
770 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
771 "%s failed at %s:%d: `%s'\n",
772 "curl_multi_fdset", __FILE__, __LINE__,
773 curl_multi_strerror (mret));
778 mret = curl_multi_timeout (curl_multi, &to);
779 rtime = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, to);
781 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
782 "cURL multi fds: max=%d timeout=%llu\n", max, to);
784 grs = GNUNET_NETWORK_fdset_create ();
785 gws = GNUNET_NETWORK_fdset_create ();
786 GNUNET_NETWORK_fdset_copy_native (grs, &rs, max + 1);
787 GNUNET_NETWORK_fdset_copy_native (gws, &ws, max + 1);
788 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
789 "Scheduling task cURL\n");
791 if (curl_download_task != GNUNET_SCHEDULER_NO_TASK)
792 GNUNET_SCHEDULER_cancel (curl_download_task);
795 GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
798 &curl_task_download, curl_multi);
799 GNUNET_NETWORK_fdset_destroy (gws);
800 GNUNET_NETWORK_fdset_destroy (grs);
806 * Task that is run when we are ready to receive more data
810 * @param tc task context
813 curl_task_download (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
819 struct ProxyCurlTask *ctask;
822 curl_download_task = GNUNET_SCHEDULER_NO_TASK;
824 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
826 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
827 "Shutdown requested while trying to download\n");
831 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
839 mret = curl_multi_perform (curl_multi, &running);
841 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
842 "Running curl tasks: %d\n", running);
845 for (; ctask != NULL; ctask = ctask->next)
847 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
848 "CTask: %s\n", ctask->url);
852 if (num_ctasks != running)
854 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
855 "%d ctasks, %d curl running\n", num_ctasks, running);
861 msg = curl_multi_info_read (curl_multi, &msgnum);
862 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
863 "Messages left: %d\n", msgnum);
870 if ((msg->data.result != CURLE_OK) &&
871 (msg->data.result != CURLE_GOT_NOTHING))
873 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
874 "Download curl failed");
876 for (; ctask != NULL; ctask = ctask->next)
878 if (memcmp (msg->easy_handle, ctask->curl, sizeof (CURL)) != 0)
881 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
882 "Download curl failed for task %s: %s.\n",
884 curl_easy_strerror (msg->data.result));
885 ctask->download_successful = GNUNET_NO;
886 ctask->download_error = GNUNET_YES;
887 //curl_multi_remove_handle (curl_multi, ctask->curl);
888 //curl_easy_cleanup (ctask->curl);
889 GNUNET_CONTAINER_DLL_remove (ctasks_head, ctasks_tail,
893 GNUNET_assert (ctask != NULL);
897 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
898 "cURL download completed.\n");
900 for (; ctask != NULL; ctask = ctask->next)
902 if (memcmp (msg->easy_handle, ctask->curl, sizeof (CURL)) != 0)
905 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
906 "cURL task %s found.\n", ctask->url);
907 ctask->download_successful = GNUNET_YES;
908 //curl_multi_remove_handle (curl_multi, ctask->curl);
909 //curl_easy_cleanup (ctask->curl);
910 GNUNET_CONTAINER_DLL_remove (ctasks_head, ctasks_tail,
914 GNUNET_assert (ctask != NULL);
916 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
917 "curl end %s\n", curl_easy_strerror(msg->data.result));
923 } while (msgnum > 0);
926 for (ctask=ctasks_head; ctask != NULL; ctask = ctask->next)
931 if (num_ctasks != running)
933 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
934 "%d ctasks, %d curl running\n", num_ctasks, running);
937 GNUNET_assert ( num_ctasks == running );
941 } while (mret == CURLM_CALL_MULTI_PERFORM);
944 if (mret != CURLM_OK)
946 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s failed at %s:%d: `%s'\n",
947 "curl_multi_perform", __FILE__, __LINE__,
948 curl_multi_strerror (mret));
950 curl_download_prepare();
954 * Process LEHO lookup
956 * @param cls the ctask
957 * @param rd_count number of records returned
958 * @param rd record data
961 process_leho_lookup (void *cls,
963 const struct GNUNET_NAMESTORE_RecordData *rd)
965 struct ProxyCurlTask *ctask = cls;
966 char hosthdr[262]; //256 + "Host: "
970 struct hostent *phost;
972 char resolvename[512];
975 ctask->headers = NULL;
977 strcpy (ctask->leho, "");
980 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
981 "No LEHO present!\n");
983 for (i=0; i<rd_count; i++)
985 if (rd[i].record_type != GNUNET_GNS_RECORD_LEHO)
988 memcpy (ctask->leho, rd[i].data, rd[i].data_size);
990 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
991 "Found LEHO %s for %s\n", ctask->leho, ctask->url);
994 if (0 != strcmp (ctask->leho, ""))
996 sprintf (hosthdr, "%s%s", "Host: ", ctask->leho);
997 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
998 "New HTTP header value: %s\n", hosthdr);
999 ctask->headers = curl_slist_append (ctask->headers, hosthdr);
1000 GNUNET_assert (NULL != ctask->headers);
1001 ret = curl_easy_setopt (ctask->curl, CURLOPT_HTTPHEADER, ctask->headers);
1002 if (CURLE_OK != ret)
1004 GNUNET_log(GNUNET_ERROR_TYPE_WARNING, "%s failed at %s:%d: `%s'\n",
1005 "curl_easy_setopt", __FILE__, __LINE__, curl_easy_strerror(ret));
1010 if (ctask->mhd->is_ssl)
1012 phost = (struct hostent*)gethostbyname (ctask->host);
1013 ssl_ip = inet_ntoa(*((struct in_addr*)(phost->h_addr)));
1014 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1015 "SSL target server: %s\n", ssl_ip);
1016 sprintf (resolvename, "%s:%d:%s", ctask->leho, HTTPS_PORT, ssl_ip);
1017 ctask->resolver = curl_slist_append ( ctask->resolver, resolvename);
1018 curl_easy_setopt (ctask->curl, CURLOPT_RESOLVE, ctask->resolver);
1019 sprintf (curlurl, "https://%s%s", ctask->leho, ctask->url);
1020 curl_easy_setopt (ctask->curl, CURLOPT_URL, curlurl);
1023 if (CURLM_OK != (mret=curl_multi_add_handle (curl_multi, ctask->curl)))
1025 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1026 "%s failed at %s:%d: `%s'\n",
1027 "curl_multi_add_handle", __FILE__, __LINE__,
1028 curl_multi_strerror (mret));
1029 ctask->download_successful = GNUNET_NO;
1030 ctask->download_error = GNUNET_YES;
1033 GNUNET_CONTAINER_DLL_insert (ctasks_head, ctasks_tail, ctask);
1035 curl_download_prepare ();
1040 * Initialize download and trigger curl
1042 * @param cls the proxycurltask
1043 * @param auth_name the name of the authority (site of origin) of ctask->host
1047 process_get_authority (void *cls,
1048 const char* auth_name)
1050 struct ProxyCurlTask *ctask = cls;
1052 if (NULL == auth_name)
1054 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1055 "Get authority failed!\n");
1056 strcpy (ctask->authority, "");
1060 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1061 "Get authority yielded %s\n", auth_name);
1062 strcpy (ctask->authority, auth_name);
1065 GNUNET_GNS_lookup_zone (gns_handle,
1068 &local_shorten_zone,
1069 GNUNET_GNS_RECORD_LEHO,
1070 &process_leho_lookup,
1075 * Main MHD callback for handling requests.
1078 * @param con MHD connection handle
1079 * @param meth the HTTP method used ("GET", "PUT", etc.)
1080 * @param ver the HTTP version string (i.e. "HTTP/1.1")
1081 * @param upload_data the data being uploaded (excluding HEADERS,
1082 * for a POST that fits into memory and that is encoded
1083 * with a supported encoding, the POST data will NOT be
1084 * given in upload_data and is instead available as
1085 * part of MHD_get_connection_values; very large POST
1086 * data *will* be made available incrementally in
1088 * @param upload_data_size set initially to the size of the
1089 * upload_data provided; the method must update this
1090 * value to the number of bytes NOT processed;
1091 * @param con_cls pointer to location where we store the 'struct Request'
1092 * @return MHD_YES if the connection was handled successfully,
1093 * MHD_NO if the socket must be closed due to a serious
1094 * error while handling the request
1097 create_response (void *cls,
1098 struct MHD_Connection *con,
1102 const char *upload_data,
1103 size_t *upload_data_size,
1107 struct MhdHttpList* hd = cls;
1108 const char* page = "<html><head><title>gnoxy</title>"\
1109 "</head><body>cURL fail</body></html>";
1110 struct MHD_Response *response;
1115 struct ProxyCurlTask *ctask;
1117 if (0 != strcmp (meth, "GET"))
1119 if (&dummy != *con_cls)
1125 if (0 != *upload_data_size)
1130 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1133 MHD_get_connection_values (con,
1135 &con_val_iter, host);
1139 ctask = GNUNET_malloc (sizeof (struct ProxyCurlTask));
1141 ctask->curl = curl_easy_init();
1143 if (curl_multi == NULL)
1144 curl_multi = curl_multi_init ();
1146 if ((ctask->curl == NULL) || (curl_multi == NULL))
1148 response = MHD_create_response_from_buffer (strlen (page),
1150 MHD_RESPMEM_PERSISTENT);
1151 ret = MHD_queue_response (con,
1154 MHD_destroy_response (response);
1155 GNUNET_free (ctask);
1159 ctask->download_in_progress = GNUNET_YES;
1160 ctask->download_successful = GNUNET_NO;
1161 ctask->buf_status = BUF_WAIT_FOR_CURL;
1162 ctask->bytes_in_buffer = 0;
1163 ctask->parse_content = GNUNET_NO;
1165 curl_easy_setopt (ctask->curl, CURLOPT_HEADERFUNCTION, &curl_check_hdr);
1166 curl_easy_setopt (ctask->curl, CURLOPT_HEADERDATA, ctask);
1167 curl_easy_setopt (ctask->curl, CURLOPT_WRITEFUNCTION, &callback_download);
1168 curl_easy_setopt (ctask->curl, CURLOPT_WRITEDATA, ctask);
1169 curl_easy_setopt (ctask->curl, CURLOPT_FOLLOWLOCATION, 1);
1170 curl_easy_setopt (ctask->curl, CURLOPT_MAXREDIRS, 4);
1171 /* no need to abort if the above failed */
1172 if (GNUNET_NO == ctask->mhd->is_ssl)
1173 sprintf (curlurl, "http://%s%s", host, url);
1174 strcpy (ctask->host, host);
1175 strcpy (ctask->url, url);
1176 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1177 "Adding new curl task for %s\n", curlurl);
1179 curl_easy_setopt (ctask->curl, CURLOPT_URL, curlurl);
1180 curl_easy_setopt (ctask->curl, CURLOPT_FAILONERROR, 1);
1181 curl_easy_setopt (ctask->curl, CURLOPT_CONNECTTIMEOUT, 600L);
1182 curl_easy_setopt (ctask->curl, CURLOPT_TIMEOUT, 600L);
1184 GNUNET_GNS_get_authority (gns_handle,
1186 &process_get_authority,
1188 //download_prepare (ctask);
1189 //curl_download_prepare ();
1191 response = MHD_create_response_from_callback (-1, -1,
1196 ret = MHD_queue_response (con, MHD_HTTP_OK, response);
1198 //MHD_destroy_response (response);
1204 * Task run whenever HTTP server operations are pending.
1207 * @param tc sched context
1210 do_httpd (void *cls,
1211 const struct GNUNET_SCHEDULER_TaskContext *tc);
1220 struct MhdHttpList *hd;
1222 for (hd=mhd_httpd_head; hd != NULL; hd = hd->next)
1231 run_httpd (struct MhdHttpList *hd)
1236 struct GNUNET_NETWORK_FDSet *wrs;
1237 struct GNUNET_NETWORK_FDSet *wws;
1238 struct GNUNET_NETWORK_FDSet *wes;
1241 unsigned MHD_LONG_LONG timeout;
1242 struct GNUNET_TIME_Relative tv;
1247 wrs = GNUNET_NETWORK_fdset_create ();
1248 wes = GNUNET_NETWORK_fdset_create ();
1249 wws = GNUNET_NETWORK_fdset_create ();
1251 GNUNET_assert (MHD_YES == MHD_get_fdset (hd->daemon, &rs, &ws, &es, &max));
1254 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1255 "MHD fds: max=%d\n", max);
1257 haveto = MHD_get_timeout (hd->daemon, &timeout);
1259 if (haveto == MHD_YES)
1260 tv.rel_value = (uint64_t) timeout;
1262 tv = GNUNET_TIME_UNIT_FOREVER_REL;
1263 GNUNET_NETWORK_fdset_copy_native (wrs, &rs, max + 1);
1264 GNUNET_NETWORK_fdset_copy_native (wws, &ws, max + 1);
1265 GNUNET_NETWORK_fdset_copy_native (wes, &es, max + 1);
1267 if (hd->httpd_task != GNUNET_SCHEDULER_NO_TASK)
1268 GNUNET_SCHEDULER_cancel (hd->httpd_task);
1270 GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_HIGH,
1273 GNUNET_NETWORK_fdset_destroy (wrs);
1274 GNUNET_NETWORK_fdset_destroy (wws);
1275 GNUNET_NETWORK_fdset_destroy (wes);
1280 * Task run whenever HTTP server operations are pending.
1283 * @param tc sched context
1286 do_httpd (void *cls,
1287 const struct GNUNET_SCHEDULER_TaskContext *tc)
1289 struct MhdHttpList *hd = cls;
1291 hd->httpd_task = GNUNET_SCHEDULER_NO_TASK;
1293 MHD_run (hd->daemon);
1299 * Read data from socket
1301 * @param cls the closure
1302 * @param tc scheduler context
1305 do_read (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc);
1308 * Read from remote end
1310 * @param cls closure
1311 * @param tc scheduler context
1314 do_read_remote (void* cls, const struct GNUNET_SCHEDULER_TaskContext *tc);
1317 * Write data to remote socket
1319 * @param cls the closure
1320 * @param tc scheduler context
1323 do_write_remote (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1325 struct Socks5Request *s5r = cls;
1328 s5r->fwdwtask = GNUNET_SCHEDULER_NO_TASK;
1330 if ((NULL != tc->read_ready) &&
1331 (GNUNET_NETWORK_fdset_isset (tc->write_ready, s5r->remote_sock)) &&
1332 ((len = GNUNET_NETWORK_socket_send (s5r->remote_sock, s5r->rbuf,
1335 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1336 "Successfully sent %d bytes to remote socket\n",
1341 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "write remote");
1343 if (s5r->rtask != GNUNET_SCHEDULER_NO_TASK)
1344 GNUNET_SCHEDULER_cancel (s5r->rtask);
1345 if (s5r->wtask != GNUNET_SCHEDULER_NO_TASK)
1346 GNUNET_SCHEDULER_cancel (s5r->wtask);
1347 if (s5r->fwdrtask != GNUNET_SCHEDULER_NO_TASK)
1348 GNUNET_SCHEDULER_cancel (s5r->fwdrtask);
1349 GNUNET_NETWORK_socket_close (s5r->remote_sock);
1350 GNUNET_NETWORK_socket_close (s5r->sock);
1356 GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1363 * Clean up s5r handles
1365 * @param s5r the handle to destroy
1368 cleanup_s5r (struct Socks5Request *s5r)
1370 if (s5r->rtask != GNUNET_SCHEDULER_NO_TASK)
1371 GNUNET_SCHEDULER_cancel (s5r->rtask);
1372 if (s5r->fwdwtask != GNUNET_SCHEDULER_NO_TASK)
1373 GNUNET_SCHEDULER_cancel (s5r->fwdwtask);
1374 if (s5r->fwdrtask != GNUNET_SCHEDULER_NO_TASK)
1375 GNUNET_SCHEDULER_cancel (s5r->fwdrtask);
1377 if (NULL != s5r->remote_sock)
1378 GNUNET_NETWORK_socket_close (s5r->remote_sock);
1379 if ((NULL != s5r->sock) && (s5r->cleanup_sock == GNUNET_YES))
1380 GNUNET_NETWORK_socket_close (s5r->sock);
1386 * Write data to socket
1388 * @param cls the closure
1389 * @param tc scheduler context
1392 do_write (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1394 struct Socks5Request *s5r = cls;
1397 s5r->wtask = GNUNET_SCHEDULER_NO_TASK;
1399 if ((NULL != tc->read_ready) &&
1400 (GNUNET_NETWORK_fdset_isset (tc->write_ready, s5r->sock)) &&
1401 ((len = GNUNET_NETWORK_socket_send (s5r->sock, s5r->wbuf,
1404 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1405 "Successfully sent %d bytes to socket\n",
1411 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "write");
1412 s5r->cleanup = GNUNET_YES;
1413 s5r->cleanup_sock = GNUNET_YES;
1419 if (GNUNET_YES == s5r->cleanup)
1425 if ((s5r->state == SOCKS5_DATA_TRANSFER) &&
1426 (s5r->fwdrtask == GNUNET_SCHEDULER_NO_TASK))
1428 GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1430 &do_read_remote, s5r);
1434 * Read from remote end
1436 * @param cls closure
1437 * @param tc scheduler context
1440 do_read_remote (void* cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1442 struct Socks5Request *s5r = cls;
1444 s5r->fwdrtask = GNUNET_SCHEDULER_NO_TASK;
1447 if ((NULL != tc->write_ready) &&
1448 (GNUNET_NETWORK_fdset_isset (tc->read_ready, s5r->remote_sock)) &&
1449 (s5r->wbuf_len = GNUNET_NETWORK_socket_recv (s5r->remote_sock, s5r->wbuf,
1450 sizeof (s5r->wbuf))))
1452 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1453 "Successfully read %d bytes from remote socket\n",
1458 if (s5r->wbuf_len == 0)
1459 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1460 "0 bytes received from remote... graceful shutdown!\n");
1461 if (s5r->fwdwtask != GNUNET_SCHEDULER_NO_TASK)
1462 GNUNET_SCHEDULER_cancel (s5r->fwdwtask);
1463 if (s5r->rtask != GNUNET_SCHEDULER_NO_TASK)
1464 GNUNET_SCHEDULER_cancel (s5r->rtask);
1466 GNUNET_NETWORK_socket_close (s5r->remote_sock);
1467 s5r->remote_sock = NULL;
1468 GNUNET_NETWORK_socket_close (s5r->sock);
1474 s5r->wtask = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
1482 * Adds a socket to MHD
1484 * @param h the handle to the socket to add
1485 * @return whatever MHD_add_connection returns
1488 add_handle_to_mhd (struct GNUNET_NETWORK_Handle *h, struct MHD_Daemon *daemon)
1491 struct sockaddr *addr;
1494 fd = GNUNET_NETWORK_get_fd (h);
1495 addr = GNUNET_NETWORK_get_addr (h);
1496 len = GNUNET_NETWORK_get_addrlen (h);
1498 return MHD_add_connection (daemon, fd, addr, len);
1503 get_file_size (const char* filename)
1507 fp = fopen (filename, "rb");
1512 if ((0 != fseek (fp, 0, SEEK_END)) || (-1 == (size = ftell (fp))))
1524 * Read file in filename
1526 * @param filename file to read
1530 load_file (const char* filename)
1536 size = get_file_size (filename);
1540 fp = fopen (filename, "rb");
1544 buffer = GNUNET_malloc (size);
1551 if (size != fread (buffer, 1, size, fp))
1553 GNUNET_free (buffer);
1564 * Load PEM key from file
1566 * @param key where to store the data
1567 * @param keyfile path to the PEM file
1570 load_key_from_file (gnutls_x509_privkey_t key, char* keyfile)
1572 gnutls_datum_t key_data;
1575 key_data.data = (unsigned char*)load_file (keyfile);
1576 key_data.size = strlen ((char*)key_data.data);
1578 ret = gnutls_x509_privkey_import (key, &key_data,
1579 GNUTLS_X509_FMT_PEM);
1581 if (GNUTLS_E_SUCCESS != ret)
1583 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1584 "Unable to import private key %s(ret=%d)\n", key_data.data, ret);
1588 GNUNET_free (key_data.data);
1592 * Load cert from file
1594 * @param crt struct to store data in
1595 * @param certfile path to pem file
1598 load_cert_from_file (gnutls_x509_crt_t crt, char* certfile)
1600 gnutls_datum_t cert_data;
1603 cert_data.data = (unsigned char*)load_file (certfile);
1604 cert_data.size = strlen ((char*)cert_data.data);
1606 ret = gnutls_x509_crt_import (crt, &cert_data,
1607 GNUTLS_X509_FMT_PEM);
1608 if (GNUTLS_E_SUCCESS != ret)
1610 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1611 "Unable to import certificate %s(ret=%d)\n", certfile, ret);
1615 GNUNET_free (cert_data.data);
1621 * Generate new certificate for specific name
1623 * @param name the subject name to generate a cert for
1624 * @return a struct holding the PEM data
1626 static struct ProxyGNSCertificate *
1627 generate_gns_certificate (const char *name)
1631 unsigned int serial;
1632 size_t key_buf_size;
1633 size_t cert_buf_size;
1634 gnutls_x509_crt_t request;
1638 ret = gnutls_x509_crt_init (&request);
1640 if (GNUTLS_E_SUCCESS != ret)
1645 ret = gnutls_x509_crt_set_key (request, proxy_ca.key);
1647 if (GNUTLS_E_SUCCESS != ret)
1652 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Generating cert\n");
1654 struct ProxyGNSCertificate *pgc =
1655 GNUNET_malloc (sizeof (struct ProxyGNSCertificate));
1657 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding DNs\n");
1659 gnutls_x509_crt_set_dn_by_oid (request, GNUTLS_OID_X520_COUNTRY_NAME,
1662 gnutls_x509_crt_set_dn_by_oid (request, GNUTLS_OID_X520_ORGANIZATION_NAME,
1665 gnutls_x509_crt_set_dn_by_oid (request, GNUTLS_OID_X520_COMMON_NAME,
1666 0, name, strlen (name));
1668 ret = gnutls_x509_crt_set_version (request, 3);
1670 ret = gnutls_rnd (GNUTLS_RND_NONCE, &serial, sizeof (serial));
1672 etime = time (NULL);
1673 tm_data = localtime (&etime);
1676 ret = gnutls_x509_crt_set_serial (request,
1680 ret = gnutls_x509_crt_set_activation_time (request,
1683 etime = mktime (tm_data);
1690 ret = gnutls_x509_crt_set_expiration_time (request,
1692 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Signing...\n");
1694 ret = gnutls_x509_crt_sign (request, proxy_ca.cert, proxy_ca.key);
1696 key_buf_size = sizeof (pgc->key);
1697 cert_buf_size = sizeof (pgc->cert);
1699 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Exporting certificate...\n");
1701 gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM,
1702 pgc->cert, &cert_buf_size);
1704 gnutls_x509_privkey_export (proxy_ca.key, GNUTLS_X509_FMT_PEM,
1705 pgc->key, &key_buf_size);
1708 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n");
1709 gnutls_x509_crt_deinit (request);
1717 * Accept policy for mhdaemons
1720 * @param addr the sockaddr
1721 * @param addrlen the sockaddr length
1722 * @return MHD_NO if sockaddr is wrong or #conns too high
1725 accept_cb (void* cls, const struct sockaddr *addr, socklen_t addrlen)
1727 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1728 "In MHD accept policy cb\n");
1732 if (addr->sa_family == AF_UNIX)
1736 if (total_mhd_connections >= MAX_MHD_CONNECTIONS)
1739 total_mhd_connections++;
1746 * Adds a socket to an SSL MHD instance
1747 * It is important the the domain name is
1748 * correct. In most cases we need to start a new daemon
1751 add_handle_to_ssl_mhd (struct GNUNET_NETWORK_Handle *h, char* domain)
1753 struct MhdHttpList *hd = NULL;
1754 struct ProxyGNSCertificate *pgc;
1756 for (hd = mhd_httpd_head; hd != NULL; hd = hd->next)
1758 if (0 == strcmp (hd->domain, domain))
1765 pgc = generate_gns_certificate (domain);
1767 hd = GNUNET_malloc (sizeof (struct MhdHttpList));
1768 hd->is_ssl = GNUNET_YES;
1769 strcpy (hd->domain, domain);
1770 hd->proxy_cert = pgc;
1773 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1774 "No previous SSL instance found... starting new one for %s\n",
1777 hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL, 4444,
1779 &create_response, hd,
1780 MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket),
1781 MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128,
1782 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16,
1783 MHD_OPTION_NOTIFY_COMPLETED,
1785 MHD_OPTION_HTTPS_MEM_KEY, pgc->key,
1786 MHD_OPTION_HTTPS_MEM_CERT, pgc->cert,
1789 GNUNET_assert (hd->daemon != NULL);
1790 hd->httpd_task = GNUNET_SCHEDULER_NO_TASK;
1792 GNUNET_CONTAINER_DLL_insert (mhd_httpd_head, mhd_httpd_tail, hd);
1795 return add_handle_to_mhd (h, hd->daemon);
1801 * Read data from incoming connection
1803 * @param cls the closure
1804 * @param tc the scheduler context
1807 do_read (void* cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1809 struct Socks5Request *s5r = cls;
1810 struct socks5_client_hello *c_hello;
1811 struct socks5_server_hello *s_hello;
1812 struct socks5_client_request *c_req;
1813 struct socks5_server_response *s_resp;
1819 struct hostent *phost;
1821 struct sockaddr_in remote_addr;
1822 struct in_addr *r_sin_addr;
1824 s5r->rtask = GNUNET_SCHEDULER_NO_TASK;
1826 if ((NULL != tc->write_ready) &&
1827 (GNUNET_NETWORK_fdset_isset (tc->read_ready, s5r->sock)) &&
1828 (s5r->rbuf_len = GNUNET_NETWORK_socket_recv (s5r->sock, s5r->rbuf,
1829 sizeof (s5r->rbuf))))
1831 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1832 "Successfully read %d bytes from socket\n",
1837 if (s5r->rbuf_len != 0)
1838 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "read");
1840 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "client disco!\n");
1842 if (s5r->fwdrtask != GNUNET_SCHEDULER_NO_TASK)
1843 GNUNET_SCHEDULER_cancel (s5r->fwdrtask);
1844 if (s5r->wtask != GNUNET_SCHEDULER_NO_TASK)
1845 GNUNET_SCHEDULER_cancel (s5r->wtask);
1846 if (s5r->fwdwtask != GNUNET_SCHEDULER_NO_TASK)
1847 GNUNET_SCHEDULER_cancel (s5r->fwdwtask);
1848 GNUNET_NETWORK_socket_close (s5r->remote_sock);
1849 GNUNET_NETWORK_socket_close (s5r->sock);
1854 if (s5r->state == SOCKS5_INIT)
1856 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1858 c_hello = (struct socks5_client_hello*)&s5r->rbuf;
1860 GNUNET_assert (c_hello->version == SOCKS_VERSION_5);
1862 s_hello = (struct socks5_server_hello*)&s5r->wbuf;
1863 s5r->wbuf_len = sizeof( struct socks5_server_hello );
1865 s_hello->version = c_hello->version;
1866 s_hello->auth_method = SOCKS_AUTH_NONE;
1868 /* Write response to client */
1869 s5r->wtask = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
1873 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1877 s5r->state = SOCKS5_REQUEST;
1881 if (s5r->state == SOCKS5_REQUEST)
1883 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1884 "Processing SOCKS5 request\n");
1885 c_req = (struct socks5_client_request*)&s5r->rbuf;
1886 s_resp = (struct socks5_server_response*)&s5r->wbuf;
1887 //Only 10byte for ipv4 response!
1888 s5r->wbuf_len = 10;//sizeof (struct socks5_server_response);
1890 GNUNET_assert (c_req->addr_type == 3);
1892 dom_len = *((uint8_t*)(&(c_req->addr_type) + 1));
1893 memset(domain, 0, sizeof(domain));
1894 strncpy(domain, (char*)(&(c_req->addr_type) + 2), dom_len);
1895 req_port = *((uint16_t*)(&(c_req->addr_type) + 2 + dom_len));
1897 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1898 "Requested connection is %s:%d\n",
1902 if (is_tld (domain, GNUNET_GNS_TLD) ||
1903 is_tld (domain, GNUNET_GNS_TLD_ZKEY))
1905 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1906 "Requested connection is gnunet tld\n",
1910 if (ntohs(req_port) == HTTPS_PORT)
1912 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1913 "Requested connection is HTTPS\n");
1914 ret = add_handle_to_ssl_mhd ( s5r->sock, domain );
1916 else if (NULL != httpd)
1918 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1919 "Requested connection is HTTP\n");
1920 ret = add_handle_to_mhd ( s5r->sock, httpd );
1925 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1926 _("Failed to start HTTP server\n"));
1927 s_resp->version = 0x05;
1928 s_resp->reply = 0x01;
1929 s5r->cleanup = GNUNET_YES;
1930 s5r->cleanup_sock = GNUNET_YES;
1932 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
1938 /* Signal success */
1939 s_resp->version = 0x05;
1940 s_resp->reply = 0x00;
1941 s_resp->reserved = 0x00;
1942 s_resp->addr_type = 0x01;
1944 s5r->cleanup = GNUNET_YES;
1945 s5r->cleanup_sock = GNUNET_NO;
1947 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
1955 phost = (struct hostent*)gethostbyname (domain);
1958 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1959 "Resolve %s error!\n", domain );
1960 s_resp->version = 0x05;
1961 s_resp->reply = 0x01;
1962 s5r->cleanup = GNUNET_YES;
1963 s5r->cleanup_sock = GNUNET_YES;
1965 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
1971 s5r->remote_sock = GNUNET_NETWORK_socket_create (AF_INET,
1974 r_sin_addr = (struct in_addr*)(phost->h_addr);
1975 remote_ip = r_sin_addr->s_addr;
1976 memset(&remote_addr, 0, sizeof(remote_addr));
1977 remote_addr.sin_family = AF_INET;
1978 #if HAVE_SOCKADDR_IN_SIN_LEN
1979 remote_addr.sin_len = sizeof (remote_addr);
1981 remote_addr.sin_addr.s_addr = remote_ip;
1982 remote_addr.sin_port = req_port;
1984 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1985 "target server: %s:%u\n", inet_ntoa(remote_addr.sin_addr),
1989 GNUNET_NETWORK_socket_connect ( s5r->remote_sock,
1990 (const struct sockaddr*)&remote_addr,
1991 sizeof (remote_addr)))
1992 && (errno != EINPROGRESS))
1994 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "connect");
1995 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1996 "socket request error...\n");
1997 s_resp->version = 0x05;
1998 s_resp->reply = 0x01;
2000 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2007 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2008 "new remote connection\n");
2010 s_resp->version = 0x05;
2011 s_resp->reply = 0x00;
2012 s_resp->reserved = 0x00;
2013 s_resp->addr_type = 0x01;
2015 s5r->state = SOCKS5_DATA_TRANSFER;
2018 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2022 GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2030 if (s5r->state == SOCKS5_DATA_TRANSFER)
2032 if ((s5r->remote_sock == NULL) || (s5r->rbuf_len == 0))
2034 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2035 "Closing connection to client\n");
2036 if (s5r->rtask != GNUNET_SCHEDULER_NO_TASK)
2037 GNUNET_SCHEDULER_cancel (s5r->rtask);
2038 if (s5r->fwdwtask != GNUNET_SCHEDULER_NO_TASK)
2039 GNUNET_SCHEDULER_cancel (s5r->fwdwtask);
2040 if (s5r->fwdrtask != GNUNET_SCHEDULER_NO_TASK)
2041 GNUNET_SCHEDULER_cancel (s5r->fwdrtask);
2042 if (s5r->fwdrtask != GNUNET_SCHEDULER_NO_TASK)
2043 GNUNET_SCHEDULER_cancel (s5r->fwdrtask);
2045 if (s5r->remote_sock != NULL)
2046 GNUNET_NETWORK_socket_close (s5r->remote_sock);
2047 GNUNET_NETWORK_socket_close (s5r->sock);
2052 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2053 "forwarding %d bytes from client\n", s5r->rbuf_len);
2056 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
2058 &do_write_remote, s5r);
2060 if (s5r->fwdrtask == GNUNET_SCHEDULER_NO_TASK)
2063 GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2065 &do_read_remote, s5r);
2071 //GNUNET_CONTAINER_DLL_remove (s5conns.head, s5conns.tail, s5r);
2077 * Accept new incoming connections
2079 * @param cls the closure
2080 * @param tc the scheduler context
2083 do_accept (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
2085 struct GNUNET_NETWORK_Handle *s;
2086 struct Socks5Request *s5r;
2088 ltask = GNUNET_SCHEDULER_NO_TASK;
2089 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
2092 ltask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2096 s = GNUNET_NETWORK_socket_accept (lsock, NULL, NULL);
2100 GNUNET_log_strerror (GNUNET_ERROR_TYPE_INFO, "accept");
2104 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2105 "Got an inbound connection, waiting for data\n");
2107 s5r = GNUNET_malloc (sizeof (struct Socks5Request));
2109 s5r->state = SOCKS5_INIT;
2110 s5r->wtask = GNUNET_SCHEDULER_NO_TASK;
2111 s5r->fwdwtask = GNUNET_SCHEDULER_NO_TASK;
2112 s5r->fwdrtask = GNUNET_SCHEDULER_NO_TASK;
2113 s5r->rtask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2116 //GNUNET_CONTAINER_DLL_insert (s5conns.head, s5conns.tail, s5r);
2121 * Task run on shutdown
2123 * @param cls closure
2124 * @param tc task context
2127 do_shutdown (void *cls,
2128 const struct GNUNET_SCHEDULER_TaskContext *tc)
2131 struct MhdHttpList *hd;
2132 struct MhdHttpList *tmp_hd;
2133 struct ProxyCurlTask *ctask;
2134 struct ProxyCurlTask *ctask_tmp;
2136 if (GNUNET_SCHEDULER_NO_TASK != curl_download_task)
2138 GNUNET_SCHEDULER_cancel (curl_download_task);
2139 curl_download_task = GNUNET_SCHEDULER_NO_TASK;
2142 for (hd = mhd_httpd_head; hd != NULL; hd = tmp_hd)
2146 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2147 "Stopping daemon\n");
2149 if (GNUNET_SCHEDULER_NO_TASK != hd->httpd_task)
2151 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2152 "Stopping select task %d\n",
2154 GNUNET_SCHEDULER_cancel (hd->httpd_task);
2155 hd->httpd_task = GNUNET_SCHEDULER_NO_TASK;
2158 if (NULL != hd->daemon)
2160 MHD_stop_daemon (hd->daemon);
2164 if (NULL != hd->proxy_cert)
2166 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2167 "Free certificate\n");
2168 GNUNET_free (hd->proxy_cert);
2174 for (ctask=ctasks_head; ctask != NULL; ctask=ctask_tmp)
2176 ctask_tmp = ctask->next;
2178 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2179 "Cleaning up cURL task\n");
2181 if (ctask->curl != NULL)
2182 curl_easy_cleanup (ctask->curl);
2184 if (NULL != ctask->headers)
2185 curl_slist_free_all (ctask->headers);
2187 GNUNET_free (ctask);
2190 GNUNET_GNS_disconnect (gns_handle);
2195 * Compiles a regex for us
2197 * @param re ptr to re struct
2198 * @param rt the expression to compile
2199 * @return 0 on success
2202 compile_regex (regex_t *re, const char* rt)
2207 status = regcomp (re, rt, REG_EXTENDED|REG_NEWLINE);
2210 regerror (status, re, err, 1024);
2211 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2212 "Regex error compiling '%s': %s\n", rt, err);
2220 * Loads the users local zone key
2222 * @return GNUNET_YES on success
2225 load_local_zone_key (const struct GNUNET_CONFIGURATION_Handle *cfg)
2228 struct GNUNET_CRYPTO_RsaPrivateKey *key = NULL;
2229 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
2230 struct GNUNET_CRYPTO_ShortHashCode *zone = NULL;
2231 struct GNUNET_CRYPTO_ShortHashAsciiEncoded zonename;
2233 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns",
2234 "ZONEKEY", &keyfile))
2236 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2237 "Unable to load zone key config value!\n");
2241 if (GNUNET_NO == GNUNET_DISK_file_test (keyfile))
2243 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2244 "Unable to load zone key!\n");
2245 GNUNET_free(keyfile);
2249 key = GNUNET_CRYPTO_rsa_key_create_from_file (keyfile);
2250 GNUNET_CRYPTO_rsa_key_get_public (key, &pkey);
2251 GNUNET_CRYPTO_short_hash(&pkey,
2252 sizeof(struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded),
2254 zone = &local_gns_zone;
2255 GNUNET_CRYPTO_short_hash_to_enc (zone, &zonename);
2256 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2257 "Using zone: %s!\n", &zonename);
2258 GNUNET_CRYPTO_rsa_key_free(key);
2259 GNUNET_free(keyfile);
2265 * Loads the users local shorten zone key
2267 * @return GNUNET_YES on success
2270 load_local_shorten_key (const struct GNUNET_CONFIGURATION_Handle *cfg)
2273 struct GNUNET_CRYPTO_RsaPrivateKey *key = NULL;
2274 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
2275 struct GNUNET_CRYPTO_ShortHashCode *zone = NULL;
2276 struct GNUNET_CRYPTO_ShortHashAsciiEncoded zonename;
2278 if (GNUNET_NO == GNUNET_CONFIGURATION_get_value_yesno (cfg, "gns",
2279 "AUTO_IMPORT_PKEY"))
2284 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns",
2285 "AUTO_IMPORT_ZONEKEY",
2288 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2289 "Unable to load zone key config value!\n");
2293 if (GNUNET_NO == GNUNET_DISK_file_test (keyfile))
2295 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2296 "Unable to load zone key!\n");
2297 GNUNET_free(keyfile);
2301 key = GNUNET_CRYPTO_rsa_key_create_from_file (keyfile);
2302 GNUNET_CRYPTO_rsa_key_get_public (key, &pkey);
2303 GNUNET_CRYPTO_short_hash(&pkey,
2304 sizeof(struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded),
2305 &local_shorten_zone);
2306 zone = &local_gns_zone;
2307 GNUNET_CRYPTO_short_hash_to_enc (zone, &zonename);
2308 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2309 "Using shorten zone: %s!\n", &zonename);
2310 GNUNET_CRYPTO_rsa_key_free(key);
2311 GNUNET_free(keyfile);
2317 * Main function that will be run
2319 * @param cls closure
2320 * @param args remaining command-line arguments
2321 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
2322 * @param cfg configuration
2325 run (void *cls, char *const *args, const char *cfgfile,
2326 const struct GNUNET_CONFIGURATION_Handle *cfg)
2328 struct sockaddr_in sa;
2329 struct MhdHttpList *hd;
2330 struct sockaddr_un mhd_unix_sock_addr;
2332 char* proxy_sockfile;
2334 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2337 gnutls_global_init ();
2339 gnutls_x509_crt_init (&proxy_ca.cert);
2340 gnutls_x509_privkey_init (&proxy_ca.key);
2342 load_cert_from_file (proxy_ca.cert, cafile);
2343 load_key_from_file (proxy_ca.key, cafile);
2345 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2346 "Loading Template\n");
2348 compile_regex (&re_dotplus, (char*) RE_A_HREF);
2350 gns_handle = GNUNET_GNS_connect (cfg);
2352 if (GNUNET_NO == load_local_zone_key (cfg))
2354 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2355 "Unable to load zone!\n");
2359 use_shorten = load_local_shorten_key (cfg);
2361 if (NULL == gns_handle)
2363 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2364 "Unable to connect to GNS!\n");
2368 memset (&sa, 0, sizeof (sa));
2369 sa.sin_family = AF_INET;
2370 sa.sin_port = htons (port);
2371 #if HAVE_SOCKADDR_IN_SIN_LEN
2372 sa.sin_len = sizeof (sa);
2375 lsock = GNUNET_NETWORK_socket_create (AF_INET,
2379 if ((NULL == lsock) ||
2381 GNUNET_NETWORK_socket_bind (lsock, (const struct sockaddr *) &sa,
2384 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2385 "Failed to create listen socket bound to `%s'",
2386 GNUNET_a2s ((const struct sockaddr *) &sa, sizeof (sa)));
2388 GNUNET_NETWORK_socket_close (lsock);
2392 if (GNUNET_OK != GNUNET_NETWORK_socket_listen (lsock, 5))
2394 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2395 "Failed to listen on socket bound to `%s'",
2396 GNUNET_a2s ((const struct sockaddr *) &sa, sizeof (sa)));
2400 ltask = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2401 lsock, &do_accept, NULL);
2406 if (0 != curl_global_init (CURL_GLOBAL_WIN32))
2408 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2409 "cURL global init failed!\n");
2413 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2414 "Proxy listens on port %u\n",
2417 mhd_httpd_head = NULL;
2418 mhd_httpd_tail = NULL;
2419 total_mhd_connections = 0;
2421 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "gns-proxy",
2425 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2426 "Specify PROXY_UNIXPATH in gns-proxy config section!\n");
2430 mhd_unix_socket = GNUNET_NETWORK_socket_create (AF_UNIX,
2434 if (NULL == mhd_unix_socket)
2436 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2437 "Unable to create unix domain socket!\n");
2441 mhd_unix_sock_addr.sun_family = AF_UNIX;
2442 strcpy (mhd_unix_sock_addr.sun_path, proxy_sockfile);
2443 unlink (proxy_sockfile);
2444 len = strlen (proxy_sockfile) + sizeof(AF_UNIX);
2446 GNUNET_free (proxy_sockfile);
2448 if (GNUNET_OK != GNUNET_NETWORK_socket_bind (mhd_unix_socket,
2449 (struct sockaddr*)&mhd_unix_sock_addr,
2452 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2453 "Unable to bind unix domain socket!\n");
2457 if (GNUNET_OK != GNUNET_NETWORK_socket_listen (mhd_unix_socket,
2460 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2461 "Unable to listen on unix domain socket!\n");
2465 hd = GNUNET_malloc (sizeof (struct MhdHttpList));
2466 hd->is_ssl = GNUNET_NO;
2467 strcpy (hd->domain, "");
2468 httpd = MHD_start_daemon (MHD_USE_DEBUG, 4444, //Dummy port
2470 &create_response, hd,
2471 MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket),
2472 MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128,
2473 MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 16,
2474 MHD_OPTION_NOTIFY_COMPLETED,
2478 GNUNET_assert (httpd != NULL);
2480 hd->httpd_task = GNUNET_SCHEDULER_NO_TASK;
2482 GNUNET_CONTAINER_DLL_insert (mhd_httpd_head, mhd_httpd_tail, hd);
2486 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
2487 &do_shutdown, NULL);
2493 * The main function for gnunet-gns-proxy.
2495 * @param argc number of arguments from the command line
2496 * @param argv command line arguments
2497 * @return 0 ok, 1 on error
2500 main (int argc, char *const *argv)
2502 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2504 gettext_noop ("listen on specified port"), 1,
2505 &GNUNET_GETOPT_set_string, &port},
2506 {'a', "authority", NULL,
2507 gettext_noop ("pem file to use as CA"), 1,
2508 &GNUNET_GETOPT_set_string, &cafile},
2509 GNUNET_GETOPT_OPTION_END
2514 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
2517 GNUNET_log_setup ("gnunet-gns-proxy", "WARNING", NULL);
2520 GNUNET_PROGRAM_run (argc, argv, "gnunet-gns-proxy",
2521 _("GNUnet GNS proxy"),
2523 &run, NULL)) ? 0 : 1;