#include <curl/curl.h>
#define DEBUG_HTTPS GNUNET_NO
+#define VERBOSE GNUNET_NO
#define DEBUG_CURL GNUNET_NO
#define DEBUG_CONNECTIONS GNUNET_NO
#define DEBUG_SESSION_SELECTION GNUNET_NO
#define INBOUND GNUNET_NO
#define OUTBOUND GNUNET_YES
+#define PROTOCOL_PREFIX "https"
+
/**
* Text of the response sent back after the last bytes of a PUT
* request have been received (just to formally obey the HTTP
/* The private key MHD uses as an \0 terminated string */
char * key;
+
+ char * crypto_init;
};
GNUNET_assert ((addr!=NULL) && (addrlen != 0));
GNUNET_asprintf(&url,
- "https://%s/%s;%u",
+ "%s://%s/%s;%u", PROTOCOL_PREFIX,
http_plugin_address_to_string(NULL, addr, addrlen),
(char *) (&plugin->my_ascii_hash_ident),id);
{
msg->transmit_cont (msg->transmit_cont_cls,&pc->identity,call_msg_cont_result);
}
- GNUNET_free(msg);
GNUNET_CONTAINER_DLL_remove(ps->pending_msgs_head,ps->pending_msgs_head,msg);
+ GNUNET_free(msg);
msg = ps->pending_msgs_head;
}
/* no sessions left remove peer */
if (pc->head==NULL)
{
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"No sessions left for peer `%s', removing context\n",GNUNET_i2s(&pc->identity));
#endif
remove_peer_context_Iterator(plugin, &pc->identity.hashPubKey, pc);
struct Session * tmp = NULL;
struct HTTP_Message * msg = NULL;
struct HTTP_Message * msg_tmp = NULL;
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Freeing context for peer `%s'\n",GNUNET_i2s(&pc->identity));
#endif
GNUNET_CONTAINER_multihashmap_remove (plugin->peers, &pc->identity.hashPubKey, pc);
else if ((af == AF_INET6) && (plugin->use_ipv6 == GNUNET_YES) && (plugin->bind4_address == NULL))
{
struct in6_addr bnd_cmp6 = ((struct sockaddr_in6 *) addr)->sin6_addr;
- t6 = GNUNET_malloc(sizeof(struct IPv6HttpAddress));
if (IN6_IS_ADDR_LINKLOCAL (&((struct sockaddr_in6 *) addr)->sin6_addr))
- {
- return GNUNET_OK;
- }
-
+ {
+ return GNUNET_OK;
+ }
+ t6 = GNUNET_malloc(sizeof(struct IPv6HttpAddress));
+ GNUNET_assert(t6 != NULL);
if (plugin->bind6_address != NULL)
{
if (0 == memcmp(&plugin->bind6_address->sin6_addr, &bnd_cmp6, sizeof (struct in6_addr)))
{
struct Session *ps = cls;
- struct HTTP_PeerContext *pc = ps->peercontext;
GNUNET_assert(ps != NULL);
+
+ struct HTTP_PeerContext *pc = ps->peercontext;
GNUNET_assert(pc != NULL);
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Connection %X: Forwarding message to transport service, type %u and size %u from `%s' (`%s')\n",
ps,
int res = GNUNET_NO;
int send_error_to_client;
void * addr;
- size_t addr_len;
+ size_t addr_len = 0;
GNUNET_assert(cls !=NULL);
send_error_to_client = GNUNET_NO;
addr_len = sizeof(struct IPv6HttpAddress);
}
+ GNUNET_assert (addr != NULL);
+ GNUNET_assert (addr_len != 0);
+
ps = NULL;
/* only inbound sessions here */
*httpSessionCache = ps;
if (ps->msgtok==NULL)
ps->msgtok = GNUNET_SERVER_mst_create (&mhd_write_mst_cb, ps);
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Connection %X: HTTPS Daemon has new an incoming `%s' request from peer `%s' (`%s')\n",
ps,
method,
static size_t curl_get_header_cb( void *ptr, size_t size, size_t nmemb, void *stream)
{
struct Session * ps = stream;
- char * tmp;
- size_t len = size * nmemb;
+
long http_result = 0;
int res;
/* Getting last http result code */
+ GNUNET_assert(NULL!=ps);
if (ps->recv_connected==GNUNET_NO)
{
- GNUNET_assert(NULL!=ps);
res = curl_easy_getinfo(ps->recv_endpoint, CURLINFO_RESPONSE_CODE, &http_result);
if (CURLE_OK == res)
{
}
}
+#if DEBUG_CURL
+ char * tmp;
+ size_t len = size * nmemb;
+
tmp = NULL;
if ((size * nmemb) < SIZE_MAX)
tmp = GNUNET_malloc (len+1);
}
if (NULL != tmp)
GNUNET_free (tmp);
+#endif
return size * nmemb;
}
if (ps->send_active == GNUNET_NO)
return CURL_READFUNC_PAUSE;
-
if ((ps->pending_msgs_tail == NULL) && (ps->send_active == GNUNET_YES))
{
#if DEBUG_CONNECTIONS
return CURL_READFUNC_PAUSE;
}
- msg = ps->pending_msgs_tail;
+ GNUNET_assert (msg!=NULL);
+
/* data to send */
if (msg->pos < msg->size)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Connection %X: Message with %u bytes sent, removing message from queue \n",ps, msg->pos);
#endif
/* Calling transmit continuation */
- if (( NULL != ps->pending_msgs_tail) && (NULL != ps->pending_msgs_tail->transmit_cont))
+ if (NULL != ps->pending_msgs_tail->transmit_cont)
msg->transmit_cont (ps->pending_msgs_tail->transmit_cont_cls,&(ps->peercontext)->identity,GNUNET_OK);
remove_http_message(ps, msg);
}
const struct GNUNET_MessageHeader *message)
{
struct Session *ps = cls;
- struct HTTP_PeerContext *pc = ps->peercontext;
GNUNET_assert(ps != NULL);
+
+ struct HTTP_PeerContext *pc = ps->peercontext;
GNUNET_assert(pc != NULL);
-#if DEBUG_HTTP
+
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Connection %X: Forwarding message to transport service, type %u and size %u from `%s' (`%s')\n",
ps,
GNUNET_assert(cls !=NULL);
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
char * force = GNUNET_malloc(40);
if (force_address == GNUNET_YES)
strcpy(force,"forced addr.");
}
else
{
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"No existing session found & and no address given: no way to send this message to peer `%s'!\n", GNUNET_i2s(target));
#endif
return GNUNET_SYSERR;
asc (asc_cls, NULL);
return;
}
- res = GNUNET_asprintf(&ret,"http://%s:%u/",address,port);
+ res = GNUNET_asprintf(&ret,"%s://%s:%u/", PROTOCOL_PREFIX, address,port);
GNUNET_free (address);
GNUNET_assert(res != 0);
asc (asc_cls, ret);
if (0!=STAT(file, &fstat))
return NULL;
- text = GNUNET_malloc (fstat.st_size);
+ text = GNUNET_malloc (fstat.st_size+1);
gn_file = GNUNET_DISK_file_open(file,GNUNET_DISK_OPEN_READ, GNUNET_DISK_PERM_USER_READ);
if (gn_file==NULL)
{
if (plugin->multi_handle!=NULL)
{
mret = curl_multi_cleanup(plugin->multi_handle);
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
if ( CURLM_OK != mret)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"curl multihandle clean up failed\n");
#endif
GNUNET_free_non_null (plugin->bind4_address);
GNUNET_free_non_null (plugin->bind6_address);
- GNUNET_free_non_null(plugin->bind_hostname);
+ GNUNET_free_non_null (plugin->bind_hostname);
+ GNUNET_free_non_null (plugin->crypto_init);
GNUNET_free (plugin);
GNUNET_free (api);
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Unload http plugin complete...\n");
#endif
return NULL;
char * cert_file;
GNUNET_assert(cls !=NULL);
-#if DEBUG_HTTP
+#if DEBUG_HTTPS
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Starting https plugin...\n");
#endif
plugin->bind4_address = NULL;
}
}
+
+ /* Get crypto init string from config */
+ if (GNUNET_CONFIGURATION_have_value (env->cfg,
+ "transport-https", "CRYPTO_INIT"))
+ {
+ GNUNET_CONFIGURATION_get_value_string (env->cfg,
+ "transport-https",
+ "CRYPTO_INIT",
+ &plugin->crypto_init);
+ }
+ else
+ {
+ GNUNET_asprintf(&plugin->crypto_init,"NORMAL");
+ }
+
+ /* Get private key file from config */
+ if (GNUNET_CONFIGURATION_have_value (env->cfg,
+ "transport-https", "CERT_FILE"))
+ {
+ GNUNET_CONFIGURATION_get_value_string (env->cfg,
+ "transport-https",
+ "CERT_FILE",
+ &cert_file);
+ }
+ else
+ {
+ GNUNET_asprintf(&cert_file,"https.cert");
+ }
/* Get private key file from config */
if (GNUNET_CONFIGURATION_have_value (env->cfg,
GNUNET_asprintf(&cert_file,"https.cert");
}
- /* Reading ipv4 addresse to bind to from config file */
+ /* Should plugin use ipv6? */
if ((plugin->use_ipv6==GNUNET_YES) && (GNUNET_CONFIGURATION_have_value (env->cfg,
"transport-https", "BINDTO6")))
{
- GNUNET_break (GNUNET_OK ==
- GNUNET_CONFIGURATION_get_value_string (env->cfg,
+ if (GNUNET_OK == GNUNET_CONFIGURATION_get_value_string (env->cfg,
"transport-https",
"BINDTO6",
- &plugin->bind_hostname));
-
- plugin->bind6_address = GNUNET_malloc(sizeof(struct sockaddr_in6));
- plugin->bind6_address->sin6_family = AF_INET6;
- plugin->bind6_address->sin6_port = htons (port);
-
- if (inet_pton(AF_INET6,plugin->bind_hostname, &plugin->bind6_address->sin6_addr)<=0)
+ &plugin->bind_hostname))
{
- GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
- "http",
- _("Misconfigured address to bind to in configuration!\n"),
- "transport-https");
- GNUNET_free(plugin->bind6_address);
- GNUNET_free(plugin->bind_hostname);
- plugin->bind_hostname = NULL;
- plugin->bind6_address = NULL;
+ plugin->bind6_address = GNUNET_malloc(sizeof(struct sockaddr_in6));
+ plugin->bind6_address->sin6_family = AF_INET6;
+ plugin->bind6_address->sin6_port = htons (port);
+
+ if (inet_pton(AF_INET6,plugin->bind_hostname, &plugin->bind6_address->sin6_addr)<=0)
+ {
+ GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
+ "http",
+ _("Misconfigured address to bind to in configuration!\n"),
+ "transport-https");
+ GNUNET_free(plugin->bind6_address);
+ GNUNET_free(plugin->bind_hostname);
+ plugin->bind_hostname = NULL;
+ plugin->bind6_address = NULL;
+ }
}
}
if ((plugin->key==NULL) || (plugin->cert==NULL))
{
char * cmd;
+ int ret = 0;
GNUNET_asprintf(&cmd,"gnunet-transport-certificate-creation %s %s", key_file, cert_file);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No usable TLS certificate found, creating certificate \n");
- system(cmd);
+ ret = system(cmd);
+
+ if (ret != 0)
+ {
+ GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
+ "https",
+ _("Could not create a new TLS certificate, shell script `%s' failed!\n"),cmd,
+ "transport-https");
+ GNUNET_free (key_file);
+ GNUNET_free (cert_file);
+ libgnunet_plugin_transport_https_done(api);
+ GNUNET_free (cmd);
+ return NULL;
+ }
+
GNUNET_free (cmd);
plugin->key = load_certificate( key_file );
if ((plugin->key==NULL) || (plugin->cert==NULL))
{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No usable TLS certificate found and creating one failed! \n");
+ GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
+ "https",
+ _("No usable TLS certificate found and creating one failed! \n"),
+ "transport-https");
GNUNET_free (key_file);
GNUNET_free (cert_file);
libgnunet_plugin_transport_https_done(api);
GNUNET_assert((plugin->key!=NULL) && (plugin->cert!=NULL));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "TLS certificate loaded\n", key_file, cert_file);
+
GNUNET_assert ((port > 0) && (port <= 65535));
plugin->port_inbound = port;
gn_timeout = GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT;
port,
&mhd_accept_cb,
plugin , &mdh_access_cb, plugin,
+ /*MHD_OPTION_HTTPS_PRIORITIES, "NORMAL:",*/
+ /*MHD_OPTION_HTTPS_PRIORITIES, "PERFORMANCE:",*/
+ /* MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL", */
+ /*MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL",*/
+ MHD_OPTION_HTTPS_PRIORITIES, plugin->crypto_init,
MHD_OPTION_HTTPS_MEM_KEY, plugin->key,
MHD_OPTION_HTTPS_MEM_CERT, plugin->cert,
MHD_OPTION_SOCK_ADDR, tmp,
port,
&mhd_accept_cb,
plugin , &mdh_access_cb, plugin,
+ /*MHD_OPTION_HTTPS_PRIORITIES, "NORMAL:",*/
+ /*MHD_OPTION_HTTPS_PRIORITIES, "PERFORMANCE:",*/
+ /* MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL", */
+ /*MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL",*/
+ MHD_OPTION_HTTPS_PRIORITIES, plugin->crypto_init,
MHD_OPTION_HTTPS_MEM_KEY, plugin->key,
MHD_OPTION_HTTPS_MEM_CERT, plugin->cert,
MHD_OPTION_SOCK_ADDR, (struct sockaddr_in *)plugin->bind4_address,
if (plugin->http_server_task_v4 != GNUNET_SCHEDULER_NO_TASK)
{
-#if DEBUG_HTTP
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Starting MHD with IPv4 bound to %s with port %u\n",(plugin->bind_hostname!=NULL) ? plugin->bind_hostname : "every address",port);
+#if DEBUG_HTTPS
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Starting HTTPS Server with IPv4 bound to %s with port %u\n",(plugin->bind_hostname!=NULL) ? plugin->bind_hostname : "every address",port);
#endif
}
else if ((plugin->http_server_task_v6 != GNUNET_SCHEDULER_NO_TASK) && (plugin->http_server_task_v4 != GNUNET_SCHEDULER_NO_TASK))
{
-#if DEBUG_HTTP
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Starting MHD with IPv6 bound to %s with port %u\n",(plugin->bind_hostname!=NULL) ? plugin->bind_hostname : "every address", port);
+#if DEBUG_HTTPS
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Starting HTTPS Server with IPv6 bound to %s with port %u\n",(plugin->bind_hostname!=NULL) ? plugin->bind_hostname : "every address", port);
#endif
}
else if ((plugin->http_server_task_v6 != GNUNET_SCHEDULER_NO_TASK) && (plugin->http_server_task_v4 == GNUNET_SCHEDULER_NO_TASK))
{
-#if DEBUG_HTTP
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Starting MHD with IPv4 and IPv6 bound to %s with port %u\n",(plugin->bind_hostname!=NULL) ? plugin->bind_hostname : "every address", port);
+#if DEBUG_HTTPS
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Starting HTTPS Server with IPv4 and IPv6 bound to %s with port %u\n",(plugin->bind_hostname!=NULL) ? plugin->bind_hostname : "every address", port);
#endif
}
else
{
-#if DEBUG_HTTP
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"No MHD was started, transport plugin not functional!\n");
-#endif
+ char * tmp = NULL;
+ if ((plugin->use_ipv6 == GNUNET_YES) && (plugin->use_ipv4 == GNUNET_YES))
+ GNUNET_asprintf(&tmp,"with IPv4 and IPv6 enabled");
+ if ((plugin->use_ipv6 == GNUNET_NO) && (plugin->use_ipv4 == GNUNET_YES))
+ GNUNET_asprintf(&tmp,"with IPv4 enabled");
+ if ((plugin->use_ipv6 == GNUNET_YES) && (plugin->use_ipv4 == GNUNET_NO))
+ GNUNET_asprintf(&tmp,"with IPv6 enabled");
+ if ((plugin->use_ipv6 == GNUNET_NO) && (plugin->use_ipv4 == GNUNET_NO))
+ GNUNET_asprintf(&tmp,"with NO IP PROTOCOL enabled");
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,"HTTPS Server with %s could not be started on port %u! https plugin failed!\n",tmp, port);
+ GNUNET_free(tmp);
libgnunet_plugin_transport_https_done (api);
return NULL;
}
return api;
}
-/* end of plugin_transport_http.c */
+/* end of plugin_transport_https.c */
projects / oweals / gnunet.git / blobdiff