#include <time.h>
#define GNUNET_GNS_PROXY_PORT 7777
+#define MAX_MHD_CONNECTIONS 300
#define MHD_UNIX_SOCK_FILE "mhd_unix_sock.sock"
/* The non SSL httpd daemon handle */
static struct MHD_Daemon *httpd;
+/* Number of current mhd connections */
+static unsigned int total_mhd_connections;
+
/* The cURL multi handle */
static CURLM *curl_multi;
curl_multi_remove_handle (curl_multi, ctask->curl);
curl_easy_cleanup (ctask->curl);
GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
+ total_mhd_connections--;
return MHD_CONTENT_READER_END_OF_STREAM;
}
curl_multi_remove_handle (curl_multi, ctask->curl);
curl_easy_cleanup (ctask->curl);
GNUNET_SCHEDULER_add_now (&run_mhd, ctask->mhd);
+ total_mhd_connections--;
return MHD_CONTENT_READER_END_WITH_ERROR;
}
key_buf_size = sizeof (pgc->key);
cert_buf_size = sizeof (pgc->cert);
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Exporting certificate...\n");
gnutls_x509_crt_export (request, GNUTLS_X509_FMT_PEM,
pgc->cert, &cert_buf_size);
pgc->key, &key_buf_size);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n");
gnutls_x509_crt_deinit (request);
return pgc;
}
+/*
+ * Accept policy for mhdaemons
+ *
+ * @param cls NULL
+ * @param addr the sockaddr
+ * @param addrlen the sockaddr length
+ * @return MHD_NO if sockaddr is wrong or #conns too high
+ */
+static int
+accept_cb (void* cls, const struct sockaddr *addr, socklen_t addrlen)
+{
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "In MHD accept policy cb\n");
+
+ if (addr != NULL)
+ {
+ if (addr->sa_family == AF_UNIX)
+ return MHD_NO;
+ }
+
+ if (total_mhd_connections >= MAX_MHD_CONNECTIONS)
+ return MHD_NO;
+
+ total_mhd_connections++;
+
+ return MHD_YES;
+}
+
+
/**
* Adds a socket to an SSL MHD instance
* It is important the the domain name is
if (NULL == hd)
{
- /* Start new MHD */
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "No previous SSL instance found... starting new one for %s\n",
- domain);
pgc = generate_gns_certificate (domain);
hd->is_ssl = GNUNET_YES;
strcpy (hd->domain, domain);
hd->proxy_cert = pgc;
+
+ /* Start new MHD */
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "No previous SSL instance found... starting new one for %s\n",
+ domain);
+
hd->daemon = MHD_start_daemon (MHD_USE_DEBUG | MHD_USE_SSL, 4444,
- NULL, NULL,
+ &accept_cb, NULL,
&create_response, hd,
MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket),
MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128,
mhd_httpd_head = NULL;
mhd_httpd_tail = NULL;
+ total_mhd_connections = 0;
mhd_unix_socket = GNUNET_NETWORK_socket_create (AF_UNIX,
SOCK_STREAM,
hd->is_ssl = GNUNET_NO;
strcpy (hd->domain, "");
httpd = MHD_start_daemon (MHD_USE_DEBUG, 4444, //Dummy port
- NULL, NULL,
+ &accept_cb, NULL,
&create_response, hd,
MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (mhd_unix_socket),
MHD_OPTION_CONNECTION_LIMIT, (unsigned int) 128,
projects / oweals / gnunet.git / commitdiff