Browse files

Merge branch 'ia/ssl/remove-old-ssl/OTP-7048'

* ia/ssl/remove-old-ssl/OTP-7048:
  Remove old ssl implementation and deprecated function ssl:peercert/1

Conflicts:
	lib/ssl/test/Makefile
  • Loading branch information...
2 parents 811e0de + 64a3651 commit 00202339445daae6ed931f28f932089d5c3dd455 @IngelaAndin IngelaAndin committed Oct 6, 2011
Showing with 80 additions and 13,987 deletions.
  1. +1 −1 erts/configure.in
  2. +2 −2 lib/ssl/Makefile
  3. +0 −26 lib/ssl/c_src/Makefile
  4. +0 −33 lib/ssl/c_src/Makefile.dist
  5. +0 −211 lib/ssl/c_src/Makefile.in
  6. +0 −147 lib/ssl/c_src/Makefile.win32
  7. +0 −45 lib/ssl/c_src/Makefile.win32.dist
  8. +0 −251 lib/ssl/c_src/debuglog.c
  9. +0 −50 lib/ssl/c_src/debuglog.h
  10. +0 −1,904 lib/ssl/c_src/esock.c
  11. +0 −273 lib/ssl/c_src/esock.h
  12. +0 −1,213 lib/ssl/c_src/esock_openssl.c
  13. +0 −328 lib/ssl/c_src/esock_osio.c
  14. +0 −34 lib/ssl/c_src/esock_osio.h
  15. +0 −222 lib/ssl/c_src/esock_poll.c
  16. +0 −60 lib/ssl/c_src/esock_poll.h
  17. +0 −642 lib/ssl/c_src/esock_posix_str.c
  18. +0 −28 lib/ssl/c_src/esock_posix_str.h
  19. +0 −110 lib/ssl/c_src/esock_ssl.h
  20. +0 −150 lib/ssl/c_src/esock_utils.c
  21. +0 −32 lib/ssl/c_src/esock_utils.h
  22. +0 −36 lib/ssl/c_src/esock_winsock.h
  23. +2 −2 lib/ssl/doc/src/Makefile
  24. +0 −709 lib/ssl/doc/src/old_ssl.xml
  25. +2 −3 lib/ssl/doc/src/refman.xml
  26. +3 −5 lib/ssl/doc/src/ssl.xml
  27. +1 −6 lib/ssl/src/Makefile
  28. +0 −453 lib/ssl/src/inet_ssl_dist.erl
  29. +1 −6 lib/ssl/src/ssl.app.src
  30. +59 −307 lib/ssl/src/ssl.erl
  31. +0 −1,188 lib/ssl/src/ssl_broker.erl
  32. +0 −38 lib/ssl/src/ssl_broker_int.hrl
  33. +0 −46 lib/ssl/src/ssl_broker_sup.erl
  34. +0 −1 lib/ssl/src/ssl_connection.erl
  35. +0 −99 lib/ssl/src/ssl_int.hrl
  36. +3 −0 lib/ssl/src/ssl_internal.hrl
  37. +0 −173 lib/ssl/src/ssl_prim.erl
  38. +0 −1,378 lib/ssl/src/ssl_server.erl
  39. +3 −4 lib/ssl/src/ssl_sup.erl
  40. +1 −12 lib/ssl/test/Makefile
  41. +0 −395 lib/ssl/test/old_ssl_active_SUITE.erl
  42. +0 −417 lib/ssl/test/old_ssl_active_once_SUITE.erl
  43. +0 −617 lib/ssl/test/old_ssl_dist_SUITE.erl
  44. +0 −117 lib/ssl/test/old_ssl_misc_SUITE.erl
  45. +0 −382 lib/ssl/test/old_ssl_passive_SUITE.erl
  46. +0 −191 lib/ssl/test/old_ssl_peer_cert_SUITE.erl
  47. +0 −185 lib/ssl/test/old_ssl_protocol_SUITE.erl
  48. +0 −153 lib/ssl/test/old_ssl_verify_SUITE.erl
  49. +0 −258 lib/ssl/test/old_transport_accept_SUITE.erl
  50. +1 −18 lib/ssl/test/ssl.cover
  51. +1 −47 lib/ssl/test/ssl_basic_SUITE.erl
  52. +0 −940 lib/ssl/test/ssl_test_MACHINE.erl
  53. +0 −39 lib/ssl/test/ssl_test_MACHINE.hrl
View
2 erts/configure.in
@@ -4325,7 +4325,7 @@ dnl The ones below should be moved to their respective lib
dnl
../lib/ic/c_src/$host/Makefile:../lib/ic/c_src/Makefile.in
../lib/os_mon/c_src/$host/Makefile:../lib/os_mon/c_src/Makefile.in
- ../lib/ssl/c_src/$host/Makefile:../lib/ssl/c_src/Makefile.in
+dnl ../lib/ssl/c_src/$host/Makefile:../lib/ssl/c_src/Makefile.in
../lib/crypto/c_src/$host/Makefile:../lib/crypto/c_src/Makefile.in
../lib/orber/c_src/$host/Makefile:../lib/orber/c_src/Makefile.in
../lib/runtime_tools/c_src/$host/Makefile:../lib/runtime_tools/c_src/Makefile.in
View
4 lib/ssl/Makefile
@@ -1,7 +1,7 @@
#
# %CopyrightBegin%
#
-# Copyright Ericsson AB 1999-2010. All Rights Reserved.
+# Copyright Ericsson AB 1999-2011. All Rights Reserved.
#
# The contents of this file are subject to the Erlang Public License,
# Version 1.1, (the "License"); you may not use this file except in
@@ -25,7 +25,7 @@ include $(ERL_TOP)/make/$(TARGET)/otp.mk
# Macros
#
-SUB_DIRECTORIES = src c_src doc/src examples/certs examples/src
+SUB_DIRECTORIES = src doc/src examples/certs examples/src
include vsn.mk
VSN = $(SSL_VSN)
View
26 lib/ssl/c_src/Makefile
@@ -1,26 +0,0 @@
-#
-# %CopyrightBegin%
-#
-# Copyright Ericsson AB 1999-2009. All Rights Reserved.
-#
-# The contents of this file are subject to the Erlang Public License,
-# Version 1.1, (the "License"); you may not use this file except in
-# compliance with the License. You should have received a copy of the
-# Erlang Public License along with this software. If not, it can be
-# retrieved online at http://www.erlang.org/.
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-#
-# %CopyrightEnd%
-#
-
-#
-
-#
-# Invoke with GNU make or clearmake -C gnu.
-#
-
-include $(ERL_TOP)/make/run_make.mk
View
33 lib/ssl/c_src/Makefile.dist
@@ -1,33 +0,0 @@
-#
-# %CopyrightBegin%
-#
-# Copyright Ericsson AB 1999-2009. All Rights Reserved.
-#
-# The contents of this file are subject to the Erlang Public License,
-# Version 1.1, (the "License"); you may not use this file except in
-# compliance with the License. You should have received a copy of the
-# Erlang Public License along with this software. If not, it can be
-# retrieved online at http://www.erlang.org/.
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-#
-# %CopyrightEnd%
-#
-
-# Makefile for SSL on Unix
-#
-# Placed in obj directory.
-#
-CC = gcc
-
-BINDIR = %BINDIR%
-LIBS = %LIBS%
-SSL_LIBDIR = %SSL_LIBDIR%
-OBJS = %OBJS%
-
-$(BINDIR)/ssl_esock: $(OBJS)
- $(CC) -L$(SSL_LIBDIR) -Wl,-R$(SSL_LIBDIR) -o $@ $^ \
- $(LIBS) -lssl -lcrypto
View
211 lib/ssl/c_src/Makefile.in
@@ -1,211 +0,0 @@
-#
-# %CopyrightBegin%
-#
-# Copyright Ericsson AB 1999-2011. All Rights Reserved.
-#
-# The contents of this file are subject to the Erlang Public License,
-# Version 1.1, (the "License"); you may not use this file except in
-# compliance with the License. You should have received a copy of the
-# Erlang Public License along with this software. If not, it can be
-# retrieved online at http://www.erlang.org/.
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-#
-# %CopyrightEnd%
-#
-
-#
-# Makefile only for Unix and Win32/Cygwin.
-#
-
-include $(ERL_TOP)/make/target.mk
-include $(ERL_TOP)/make/$(TARGET)/otp.mk
-# ----------------------------------------------------
-# SSL locations and include options from configure
-# ----------------------------------------------------
-SSL_LIBDIR = @SSL_LIBDIR@
-SSL_INCLUDE = @SSL_INCLUDE@
-SSL_CRYPTO_LIBNAME = @SSL_CRYPTO_LIBNAME@
-SSL_SSL_LIBNAME = @SSL_SSL_LIBNAME@
-
-# ----------------------------------------------------
-# Application version
-# ----------------------------------------------------
-include ../vsn.mk
-VSN=$(SSL_VSN)
-
-# ----------------------------------------------------
-# Commands
-# ----------------------------------------------------
-CC = @CC@
-LD = @LD@
-SHELL = /bin/sh
-LIBS = @LIBS@
-PLAIN_CFLAGS = @CFLAGS@
-
-# ----------------------------------------------------
-# Includes and libs
-# ----------------------------------------------------
-
-ALL_CFLAGS = @WFLAGS@ @CFLAGS@ @DEFS@ $(TYPE_FLAGS)
-TARGET = @host@
-
-ifeq ($(TYPE),debug)
-TYPEMARKER = .debug
-TYPE_FLAGS = -g -DDEBUG @DEBUG_FLAGS@
-else
-TYPEMARKER =
-TYPE_FLAGS = -O2
-endif
-
-PRIVDIR = ../priv
-BINDIR = $(PRIVDIR)/bin/$(TARGET)
-OBJDIR = $(PRIVDIR)/obj/$(TARGET)
-
-# ----------------------------------------------------
-# File suffixes
-# ----------------------------------------------------
-exe = @EXEEXT@
-obj = .@OBJEXT@
-
-# ----------------------------------------------------
-# Release directory specification
-# ----------------------------------------------------
-RELSYSDIR = $(RELEASE_PATH)/lib/ssl-$(VSN)
-
-# ----------------------------------------------------
-# Common Macros
-# ----------------------------------------------------
-OBJS = $(OBJDIR)/esock$(obj) \
- $(OBJDIR)/debuglog$(obj) \
- $(OBJDIR)/esock_poll$(obj) \
- $(OBJDIR)/esock_osio$(obj) \
- $(OBJDIR)/esock_utils$(obj) \
- $(OBJDIR)/esock_posix_str$(obj) \
- $(OBJDIR)/esock_openssl$(obj)
-
-PORT_PROGRAM = $(BINDIR)/ssl_esock$(exe)
-
-SKIP_BUILDING_BINARIES := false
-
-# Try to be BC for R10
-ifeq ($(findstring @SSL_,@SSL_DYNAMIC_ONLY@),@SSL_)
-DYNAMIC_CRYPTO_LIB=yes
-else
-DYNAMIC_CRYPTO_LIB=@SSL_DYNAMIC_ONLY@
-endif
-
-
-ifeq ($(DYNAMIC_CRYPTO_LIB),yes)
-
-ifneq ($(findstring win32,$(TARGET)),win32)
-SSL_MAKEFILE = $(OBJDIR)/Makefile
-else
-SSL_MAKEFILE =
-endif
-
-CC_R_FLAG=@CFLAG_RUNTIME_LIBRARY_PATH@
-
-ifeq ($(findstring @,$(CC_R_FLAG)),@)
-# Old erts configure used which hasn't replaced @CFLAG_RUNTIME_LIBRARY_PATH@;
-# we try our best here instead...
-
-ifeq ($(findstring darwin,$(TARGET)),darwin) # darwin: no flag
-CC_R_FLAG =
-else
-ifeq ($(findstring osf,$(TARGET)),osf) # osf1: -Wl,-rpath,
-CC_R_FLAG = -Wl,-rpath,
-else # Default: -Wl,-R
-CC_R_FLAG = -Wl,-R
-endif
-endif
-endif
-
-ifeq ($(strip $(CC_R_FLAG)),)
-CC_R_OPT =
-else
-CC_R_OPT = $(CC_R_FLAG)$(SSL_LIBDIR)
-endif
-
-SSL_CC_RUNTIME_LIBRARY_PATH=@SSL_CC_RUNTIME_LIBRARY_PATH@
-# Sigh...
-ifeq ($(findstring @,$(SSL_CC_RUNTIME_LIBRARY_PATH)),@)
-SSL_CC_RUNTIME_LIBRARY_PATH = $(CC_R_OPT)
-endif
-
-SSL_LINK_LIB=-L$(SSL_LIBDIR) -l$(SSL_SSL_LIBNAME) -l$(SSL_CRYPTO_LIBNAME)
-else
-# not dynamic crypto lib (default from R11B-5)
-NEED_KERBEROS=@SSL_LINK_WITH_KERBEROS@
-NEED_ZLIB=@SSL_LINK_WITH_ZLIB@
-SSL_MAKEFILE =
-CC_R_OPT =
-SSL_CC_RUNTIME_LIBRARY_PATH=
-SSL_LINK_LIB = $(SSL_LIBDIR)/lib$(SSL_SSL_LIBNAME).a $(SSL_LIBDIR)/lib$(SSL_CRYPTO_LIBNAME).a
-ifeq ($(NEED_KERBEROS),yes)
-SSL_LINK_LIB += @STATIC_KERBEROS_LIBS@
-endif
-ifeq ($(NEED_ZLIB),yes)
-SSL_LINK_LIB += @STATIC_ZLIB_LIBS@
-endif
-endif
-
-# ----------------------------------------------------
-# Targets
-# ----------------------------------------------------
-
-_create_dirs := $(shell mkdir -p $(OBJDIR) $(BINDIR))
-
-debug opt: $(OBJS) $(PORT_PROGRAM) $(SSL_MAKEFILE)
-
-$(OBJDIR)/esock_openssl$(obj): esock_openssl.c
- $(CC) -c -o $@ $(ALL_CFLAGS) $(SSL_INCLUDE) $<
-
-$(OBJDIR)/%$(obj): %.c
- $(CC) -c -o $@ $(ALL_CFLAGS) $<
-
-# Unix
-$(BINDIR)/ssl_esock: $(OBJS)
- $(CC) $(PLAIN_CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) $(SSL_CC_RUNTIME_LIBRARY_PATH) $(SSL_LINK_LIB)
-
-# Win32/Cygwin
-$(BINDIR)/ssl_esock.exe: $(OBJS)
- $(LD) $(SSL_CC_RUNTIME_LIBRARY_PATH) -L$(SSL_LIBDIR) -o $@ $^ -lwsock32 -l$(SSL_CRYPTO_LIBNAME) -l$(SSL_SSL_LIBNAME)
-
-# Unix only, and only when linking statically
-$(SSL_MAKEFILE):
- sed -e "s;%BINDIR%;../../bin/$(TARGET);" \
- -e "s;%SSL_LIBDIR%;$(SSL_LIBDIR);" \
- -e "s;%OBJS;$(OBJS);" \
- -e "s;%LIBS%;$(LIBS);" ./Makefile.dist \
- > $(OBJDIR)/Makefile
-
-
-clean:
- rm -f $(PORT_PROGRAM) $(OBJS) core *~ $(SSL_MAKEFILE)
-
-docs:
-
-# ----------------------------------------------------
-# Release Target
-# ----------------------------------------------------
-include $(ERL_TOP)/make/otp_release_targets.mk
-
-release_spec: opt
- $(INSTALL_DIR) $(RELSYSDIR)/priv/bin
- $(INSTALL_PROGRAM) $(PORT_PROGRAM) $(RELSYSDIR)/priv/bin
-ifneq ($(SSL_MAKEFILE),)
- $(INSTALL_DIR) $(RELSYSDIR)/priv/obj
- $(INSTALL_DATA) $(OBJS) $(RELSYSDIR)/priv/obj
- sed -e "s;%BINDIR%;../bin;" \
- -e "s;%SSL_LIBDIR%;$(SSL_LIBDIR);" \
- -e "s;%OBJS;$(OBJS);" \
- -e "s;%LIBS%;$(LIBS);" ./Makefile.dist \
- > $(RELSYSDIR)/priv/obj/Makefile
-endif
-
-release_docs_spec:
-
View
147 lib/ssl/c_src/Makefile.win32
@@ -1,147 +0,0 @@
-#
-# %CopyrightBegin%
-#
-# Copyright Ericsson AB 1999-2009. All Rights Reserved.
-#
-# The contents of this file are subject to the Erlang Public License,
-# Version 1.1, (the "License"); you may not use this file except in
-# compliance with the License. You should have received a copy of the
-# Erlang Public License along with this software. If not, it can be
-# retrieved online at http://www.erlang.org/.
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-#
-# %CopyrightEnd%
-#
-
-#
-# SSL - Makefile for Windows NT
-#
-# It is assumed that the following environment variables have been set:
-#
-# INCLUDE X:\MSDEV\INCLUDE
-# LIB X:\MSDEV\LIB
-#
-# so that standard include files, and the socket library can be found.
-#
-# When ssl_esock.exe is run, the PATH environment variable must contain
-# the name of a directory that contains ssleay32.dll and libeay32.dll,
-# and windows socket dll.
-#
-
-# Roots
-!ifndef OPENSSL_ROOT
-! error "Makefile.win32: ssl: OPENSSL_ROOT not set"
-!endif
-
-TARGET = win32
-
-BINDIR = ..\priv\bin\$(TARGET)
-OBJDIR = ..\priv\obj\$(TARGET)
-
-!if !exist($(BINDIR))
-! if [mkdir $(BINDIR)]
-! error "SSL: cannot create BINDIR"
-! endif
-!endif
-
-!if !exist($(OBJDIR))
-! if [mkdir $(OBJDIR)]
-! error "SSL: cannot create OBJDIR"
-! endif
-!endif
-
-# Includes
-#
-OPENSSL_INCLUDE = $(OPENSSL_ROOT)\inc32
-
-INCLUDES = /I. /I$(OPENSSL_INCLUDE)
-
-# Libraries
-#
-OPENSSL_LIBDIR = $(OPENSSL_ROOT)\out32dll
-OPENSSL_LIBS = \
- $(OPENSSL_LIBDIR)\ssleay32.lib \
- $(OPENSSL_LIBDIR)\libeay32.lib
-
-!ifdef ESOCK_WINSOCK2
-WINSOCK_LIB = ws2_32.lib
-DEFS = -DESOCK_WINSOCK2
-!else
-WINSOCK_LIB = wsock32.lib
-!endif
-
-# Compiler options
-#
-# NOTE: Size of fd_set is set in esock_winsock.h but can be overridden
-# with a -D option here.
-#
-OPTS = /MDd /G5 /Ox /O2 /Ob2 /Z7
-DEFS = -D__WIN32__ -DWIN32 $(DEFS)
-CFLAGS = $(INCLUDES) /nologo $(OPTS) $(DEFS)
-
-# Object files
-#
-SSL_BASE_OBJS = \
- $(OBJDIR)\esock.obj \
- $(OBJDIR)\debuglog.obj \
- $(OBJDIR)\esock_poll$(obj) \
- $(OBJDIR)\esock_osio.obj \
- $(OBJDIR)\esock_utils.obj \
- $(OBJDIR)\esock_posix_str.obj
-
-OPENSSL_OBJS = \
- $(OBJDIR)\esock_openssl.obj
-
-#
-# Targets
-#
-
-all: $(SSL_BASE_OBJS) $(OPENSSL_OBJS) $(BINDIR)\ssl_esock.exe
-
-clean:
- del $(BINDIR)\*.exe
- del $(OBJDIR)\*.obj
-
-# Inference rule .c.obj:
-#
-{.}.c{$(OBJDIR)}.obj:
- $(CC) $(CFLAGS) /c /Fo$@ $(*B).c
-
-# Binary
-#
-$(BINDIR)\ssl_esock.exe: $(SSL_BASE_OBJS) $(OPENSSL_OBJS)
- $(CC) /nologo $(SSL_BASE_OBJS) $(OPENSSL_OBJS) $(OPENSSL_LIBS) \
- $(WINSOCK_LIB) /Fe$(BINDIR)\ssl_esock.exe
-
-
-
-# Dependencies
-#
-$(OBJDIR)\esock.o: esock.h debuglog.h esock_ssl.h esock_osio.h \
- esock_utils.h esock_winsock.h
-$(OBJDIR)\debuglog.o: debuglog.h esock_ssl.h esock_utils.h
-$(OBJDIR)\esock_osio.o: esock_osio.h esock.h debuglog.h esock_utils.h \
- esock_winsock.h
-$(OBJDIR)\esock_utils.o: esock_utils.h
-$(OBJDIR)\esock_posix_str.o: esock_posix_str.h esock_winsock.h
-
-$(OBJDIR)\esock_openssl.o: esock.h esock_ssl.h debuglog.h esock_utils.h \
- $(OPENSSL_INCLUDE)\crypto.h \
- $(OPENSSL_INCLUDE)\ssl.h \
- $(OPENSSL_INCLUDE)\err.h
-
-
-
-
-
-
-
-
-
-
-
-
View
45 lib/ssl/c_src/Makefile.win32.dist
@@ -1,45 +0,0 @@
-#
-# %CopyrightBegin%
-#
-# Copyright Ericsson AB 1999-2009. All Rights Reserved.
-#
-# The contents of this file are subject to the Erlang Public License,
-# Version 1.1, (the "License"); you may not use this file except in
-# compliance with the License. You should have received a copy of the
-# Erlang Public License along with this software. If not, it can be
-# retrieved online at http://www.erlang.org/.
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-#
-# %CopyrightEnd%
-#
-
-# Makefile.win32.dist for SSL
-#
-# To be placed in obj directory.
-#
-
-CC = cl
-
-BINDIR = %BINDIR%
-
-OPENSSL_LIBS = \
- $(BINDIR)\ssleay32.lib \
- $(BINDIR)\libeay32.lib
-
-WINSOCK_LIB = ws2_32.lib
-
-SSL_BASE_OBJS = esock.obj debuglog.obj esock_osio.obj esock_utils.obj \
- esock_posix_str.obj
-
-OPENSSL_OBJS = esock_openssl.obj
-
-$(BINDIR)\ssl_esock.exe: $(SSL_BASE_OBJS) $(OPENSSL_OBJS)
- $(CC) /nologo $(SSL_BASE_OBJS) $(OPENSSL_OBJS) $(OPENSSL_LIBS) \
- $(WINSOCK_LIB) /Fe$(BINDIR)\ssl_esock.exe
-
-
-
View
251 lib/ssl/c_src/debuglog.c
@@ -1,251 +0,0 @@
-/*<copyright>
- * <year>1999-2008</year>
- * <holder>Ericsson AB, All Rights Reserved</holder>
- *</copyright>
- *<legalnotice>
- * The contents of this file are subject to the Erlang Public License,
- * Version 1.1, (the "License"); you may not use this file except in
- * compliance with the License. You should have received a copy of the
- * Erlang Public License along with this software. If not, it can be
- * retrieved online at http://www.erlang.org/.
- *
- * Software distributed under the License is distributed on an "AS IS"
- * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
- * the License for the specific language governing rights and limitations
- * under the License.
- *
- * The Initial Developer of the Original Code is Ericsson AB.
- *</legalnotice>
- */
-/*
- * Purpose: Various routines for debug printouts and logs.
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <stdarg.h>
-#include <string.h>
-#include <ctype.h>
-#include <time.h>
-#include "debuglog.h"
-#include "esock_utils.h"
-
-#ifndef __WIN32__
-static char tr_format_buf[256];
-static char *tr_format(const char *format);
-static int vfprintclistf(FILE *fp, const char *format, va_list args);
-#endif
-
-int debug = 0;
-int debugmsg = 0;
-FILE *ssllogfp = NULL;
-FILE *__locallogfp = NULL;
-
-void open_ssllog(char *path)
-{
- ssllogfp = openlog(path);
-}
-
-void close_ssllog(void)
-{
- if (ssllogfp)
- closelog(ssllogfp);
-}
-
-FILE *openlog(char *s)
-{
- FILE *fp;
- time_t t = time(NULL);
-
- if ((fp = fopen(s, "a"))) {
- setbuf(fp, NULL);
- fprintf(fp, "===== Opened [%s] %s", s, ctime(&t));
- }
- return fp;
-}
-
-void closelog(FILE *fp)
-{
- time_t t = time(NULL);
-
- if (fp) {
- fprintf(fp, "Closed %s", ctime(&t));
- fclose(fp);
- }
-}
-
-int __debugprintf(const char *format, ...)
-{
- va_list args;
- int ret;
-#ifndef __WIN32__
- char *newformat;
-
- va_start(args, format);
- newformat = tr_format(format);
- ret = vfprintf(stderr, newformat, args);
- if (newformat != format && newformat != tr_format_buf)
- esock_free(newformat);
-#else
- va_start(args, format);
- ret = vfprintf(stderr, format, args);
-#endif
- va_end(args);
- if (ssllogfp) {
- va_start(args, format);
- vfprintf(ssllogfp, format, args);
- va_end(args);
- }
- return ret;
-}
-
-int __debugprintclistf(const char *format, ...)
-{
- va_list args;
- int ret;
-#ifndef __WIN32__
- char *newformat;
-
- va_start(args, format);
- newformat = tr_format(format);
- ret = vfprintclistf(stderr, newformat, args);
- if (newformat != format && newformat != tr_format_buf)
- esock_free(newformat);
-#else
- va_start(args, format);
- ret = vfprintclistf(stderr, format, args);
-#endif
- if (ssllogfp)
- vfprintclistf(ssllogfp, format, args);
- va_end(args);
- return ret;
-}
-
-int __debuglogf(const char *format, ...)
-{
- va_list args;
- int ret;
-
- va_start(args, format);
- ret = vfprintf(__locallogfp, format, args);
- va_end(args);
- return ret;
-}
-
-#ifndef __WIN32__
-
-/* Insert `\r' before each `\n' i format */
-static char *tr_format(const char *format)
-{
- char *newformat, *s, *t;
- int len;
-
- len = strlen(format);
- if ((newformat = (len > 127) ? esock_malloc(len) : tr_format_buf)) {
- for (s = (char *)format, t = newformat; *s; *t++ = *s++)
- if (*s == '\n')
- *t++ = '\r';
- *t = '\0';
- } else
- newformat = (char *)format;
- return newformat;
-}
-
-#endif
-
-/* This function is for printing arrays of characters with formats
- * %FPa or %FPb, where F and P are the ordinary specifiers for
- * field width and precision, respectively.
- *
- * The conversion specifier `a' implies hex-string output, while
- * the `b' specifier provides character output (for non-printable
- * characters a `.' is written.
- *
- * The F specifier contains the width for each character. The
- * P specifier tells how many characters to print.
- *
- * Example: Suppose we have a function myprintf(char *format, ...)
- * that calls our vfprintclistf(), and that
- *
- * char buf[] = "h\r\n";
- * len = 3;
- *
- * Then
- *
- * myprintf("%.2b", buf) prints "h."
- * myprintf("%2.3b", buf) prints "h . . "
- * myprintf("%3.*a", len, buf) prints "68 0d 0a"
- *
- */
-
-static int vfprintclistf(FILE *fp, const char *format, va_list args)
-{
-
- int i, len, width, prec, written = 0;
- char *s, *prevs, *fstart;
- unsigned char *buf;
-
- if (!format || !*format)
- return 0;
-
- /* %{[0-9]*|\*}{.{[0-9]*|\*}{a|b} */
-
- prevs = (char *)format; /* format is const */
- s = strchr(format, '%');
- while (s && *s) {
- if (s - prevs > 0)
- written += fprintf(fp, "%.*s", s - prevs, prevs);
- width = prec = 0;
- fstart = s;
- s++;
- if (*s != '%') { /* otherwise it is not a format */
- if (*s == '*') { /* width in arg */
- s++;
- width = va_arg(args, int);
- } else if ((len = strspn(s, "0123456789"))) { /* const width */
- width = atoi(s);
- s += len;
- } else
- width = 0;
- if (*s == '.') { /* precision specified */
- s++;
- if (*s == '*') { /* precision in arg */
- s++;
- prec = va_arg(args, int);
- } else if ((len = strspn(s, "0123456789"))) { /* const prec */
- prec = atoi(s);
- s += len;
- } else /* no precision value, defaults to zero */
- prec = 0;
- } else
- prec = 0; /* no precision defaults to zero */
- if (*s == 'a' || *s == 'b') { /* only valid specifiers */
- buf = va_arg(args, unsigned char *);
- if (*s == 'a') {
- for (i = 0; i < prec; i++)
- written += fprintf(fp, "%*.2x", width, buf[i]);
- }else if (*s == 'b') {
- for (i = 0; i < prec; i++) {
- if (isprint(buf[i]))
- written += fprintf(fp, "%*c", width, buf[i]);
- else
- written += fprintf(fp, "%*c", width, '.');
- }
- }
- } else {
- fprintf(stderr, "fprintclistf: format \"%s\" invalid.\n",
- format);
- va_end(args);
- return written;
- }
- }
- s++;
- /* Now s points to the next character after the format */
- prevs = s;
- s = strchr(s, '%');
- }
- if (format + strlen(format) + 1 - prevs > 0)
- written += fprintf(fp, "%s", prevs);
- return written;
-}
-
View
50 lib/ssl/c_src/debuglog.h
@@ -1,50 +0,0 @@
-/*<copyright>
- * <year>1998-2008</year>
- * <holder>Ericsson AB, All Rights Reserved</holder>
- *</copyright>
- *<legalnotice>
- * The contents of this file are subject to the Erlang Public License,
- * Version 1.1, (the "License"); you may not use this file except in
- * compliance with the License. You should have received a copy of the
- * Erlang Public License along with this software. If not, it can be
- * retrieved online at http://www.erlang.org/.
- *
- * Software distributed under the License is distributed on an "AS IS"
- * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
- * the License for the specific language governing rights and limitations
- * under the License.
- *
- * The Initial Developer of the Original Code is Ericsson AB.
- *</legalnotice>
- */
-/*
- * Purpose: Debug functions and macros.
- *
- */
-
-#ifndef __DEBUGLOG_H_
-#define __DEBUGLOG_H_
-
-#include <stdio.h>
-#include "esock_ssl.h"
-
-#define DEBUGF(x) if (debug) __debugprintf x;
-#define DEBUGMSGF(x) if (debugmsg) __debugprintclistf x;
-#define LOGF(fp, x) if (fp) { __locallogfp = fp; __debuglogf x; }
-#define SSLDEBUGF() if (debug) { esock_ssl_print_errors_fp(stderr); \
- if (ssllogfp) esock_ssl_print_errors_fp(ssllogfp); }
-
-int debug;
-int debugmsg;
-FILE *ssllogfp;
-FILE *__locallogfp;
-
-void open_ssllog(char *path);
-void close_ssllog(void);
-FILE *openlog(char *);
-void closelog(FILE *);
-int __debugprintf(const char *, ...);
-int __debugprintclistf(const char *, ...);
-int __debuglogf(const char *, ...);
-
-#endif
View
1,904 lib/ssl/c_src/esock.c
@@ -1,1904 +0,0 @@
-/*<copyright>
- * <year>1999-2008</year>
- * <holder>Ericsson AB, All Rights Reserved</holder>
- *</copyright>
- *<legalnotice>
- * The contents of this file are subject to the Erlang Public License,
- * Version 1.1, (the "License"); you may not use this file except in
- * compliance with the License. You should have received a copy of the
- * Erlang Public License along with this software. If not, it can be
- * retrieved online at http://www.erlang.org/.
- *
- * Software distributed under the License is distributed on an "AS IS"
- * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
- * the License for the specific language governing rights and limitations
- * under the License.
- *
- * The Initial Developer of the Original Code is Ericsson AB.
- *</legalnotice>
- */
-
-/*
- * Purpose: Implementation of Secure Socket Layer (SSL).
- *
- * This is an "SSL proxy" for Erlang in the form of a port
- * program.
- *
- * The implementation has borrowed somewhat from the original
- * implementation of `socket' by Claes Wikström, and the former
- * implementation of `ssl_socket' by Helen Ariyan.
- *
- * All I/O is now non-blocking.
- *
- * When a connection (cp) is in the state JOINED we have the following
- * picture:
- *
- * proxy->fd fd
- * | |
- * proxy->eof | --------> wq -----------> | bp
- * | |
- * Erlang | | SSL
- * | |
- * proxy->bp | <------ proxy->wq --------- | eof
- * | |
- *
- * We read from Erlang (proxy->fd) and write to SSL (fd); and read from
- * SSL (fd) and write to Erlang (proxy->fd).
- *
- * The variables bp (broken pipe) and eof (end of file) take the
- * values 0 and 1.
- *
- * What has been read and cannot be immediately written is put in a
- * write queue (wq). A wq is emptied before reads are continued, which
- * means that at most one chunk that is read can be in a wq.
- *
- * The proxy-to-ssl part of a cp is valid iff
- *
- * !bp && (wq.len > 0 || !proxy->eof).
- *
- * The ssl-to-proxy part of a cp is valid iff
- *
- * !proxy->bp && (proxy->wq.len > 0 || !eof).
- *
- * The connection is valid if any of the above parts are valid, i.e.
- * invalid if both parts are invalid.
- *
- * Every SELECT_TIMEOUT second we try to write to those file
- * descriptors that have non-empty wq's (the only way to detect that a
- * far end has gone away is to write to it).
- *
- * STATE TRANSITIONS
- *
- * Below (*) means that the corresponding file descriptor is published
- * (i.e. kwown outside this port program) when the state is entered,
- * and thus cannot be closed without synchronization with the
- * ssl_server.
- *
- * Listen:
- *
- * STATE_NONE ---> (*) PASSIVE_LISTENING <---> ACTIVE_LISTENING
- *
- * Accept:
- *
- * STATE_NONE ---> SSL_ACCEPT ---> (*) CONNECTED ---> JOINED --->
- * ---> SSL_SHUTDOWN ---> DEFUNCT
- *
- * Connect:
- *
- * STATE_NONE ---> (*) WAIT_CONNECT ---> SSL_CONNECT ---> CONNECTED --->
- * ---> JOINED ---> SSL_SHUTDOWN ---> DEFUNCT
- *
- * In states where file descriptors has been published, and where
- * something goes wrong, the state of the connection is set to
- * DEFUNCT. A connection in such a state can only be closed by a CLOSE
- * message from Erlang (a reception of such a message is registered in
- * cp->closed). The possible states are: WAIT_CONNECT, SSL_CONNECT,
- * CONNECTED, JOINED, and SSL_SHUTDOWN.
- *
- * A connection in state SSL_ACCEPT can be closed and removed without
- * synchronization.
- *
- */
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-#ifdef __WIN32__
-#include "esock_winsock.h"
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <time.h>
-#include <ctype.h>
-#include <sys/types.h>
-#include <errno.h>
-
-#ifdef __WIN32__
-#include <process.h>
-#else
-#include <unistd.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <netinet/tcp.h>
-#include <sys/time.h>
-#include <netdb.h>
-#include <arpa/inet.h>
-#include <fcntl.h>
-#endif
-
-#ifndef INADDR_NONE
-#define INADDR_NONE 0xffffffff /* Should be in <netinet/in.h>. */
-#endif
-
-#include "esock.h"
-#include "debuglog.h"
-#include "esock_utils.h"
-#include "esock_ssl.h"
-#include "esock_osio.h"
-#include "esock_posix_str.h"
-#include "esock_poll.h"
-
-#define MAJOR_VERSION 2
-#define MINOR_VERSION 0
-#define MAXREPLYBUF 256
-#define RWBUFLEN (32*1024)
-#define IS_CLIENT 0
-#define IS_SERVER 1
-#define SELECT_TIMEOUT 2 /* seconds */
-
-#define psx_errstr() esock_posix_str(sock_errno())
-#define ssl_errstr() esock_ssl_errstr
-
-#define PROXY_TO_SSL_VALID(cp) (!(cp)->bp && \
- ((cp)->wq.len > 0 || !(cp)->proxy->eof))
-
-#define SSL_TO_PROXY_VALID(cp) (!(cp)->proxy->bp && \
- ((cp)->proxy->wq.len > 0 || !(cp)->eof))
-
-#define JOINED_STATE_INVALID(cp) (!(PROXY_TO_SSL_VALID(cp)) && \
- !(SSL_TO_PROXY_VALID(cp)))
-static int loop(void);
-static int set_poll_conns(Connection *cp, EsockPoll *ep, int verbose);
-static Connection *next_polled_conn(Connection *cp, Connection **cpnext,
- EsockPoll *ep, int set_wq_fds);
-
-static void leave_joined_state(Connection *cp);
-static void do_shutdown(Connection *cp);
-static void close_and_remove_connection(Connection *cp);
-static int reply(int cmd, char *fmt, ...);
-static int input(char *fmt, ...);
-static int put_pars(unsigned char *buf, char *fmt, va_list args);
-static int get_pars(unsigned char *buf, char *fmt, va_list args);
-static FD do_connect(char *lipstring, int lport, char *fipstring, int fport);
-static FD do_listen(char *ipstring, int lport, int backlog, int *aport);
-static FD do_accept(FD listensock, struct sockaddr *saddr, int *len);
-static void print_connections(void);
-static void dump_connections(void);
-static int check_num_sock_fds(FD fd);
-static void safe_close(FD fd);
-static Connection *new_connection(int state, FD fd);
-static Connection *get_connection(FD fd);
-static void remove_connection(Connection *conn);
-static Proxy *get_proxy_by_peerport(int port);
-static Proxy *new_proxy(FD fd);
-static void remove_proxy(Proxy *proxy);
-static void ensure_write_queue(WriteQueue *wq, int size);
-static void clean_up(void);
-
-static Connection *connections = NULL;
-static int num_sock_fds; /* On UNIX all file descriptors */
-static Proxy *proxies = NULL;
-static int proxy_listensock = INVALID_FD;
-static int proxy_listenport = 0;
-static int proxy_backlog = 128;
-static int proxysock_last_err = 0;
-static int proxysock_err_cnt = 0;
-static char rwbuf[RWBUFLEN];
-static unsigned char *ebuf = NULL; /* Set by read_ctrl() */
-
-static char *connstr[] = {
- "STATE_NONE",
- "ACTIVE_LISTENING",
- "PASSIVE_LISTENING",
- "CONNECTED",
- "WAIT_CONNECT",
- "SSL_CONNECT",
- "SSL_ACCEPT",
- "TRANSPORT_ACCEPT",
- "JOINED",
- "SSL_SHUTDOWN",
- "DEFUNCT"
-};
-
-static char *originstr[] = {
- "listen",
- "accept",
- "connect"
-};
-
-int main(int argc, char **argv)
-{
- char *logfile = NULL;
- int i;
- esock_version *vsn;
- char *ciphers;
-#ifdef __WIN32__
- int pid;
- WORD version;
- WSADATA wsa_data;
-
- set_binary_mode();
- setvbuf(stderr, NULL, _IONBF, 0);
- /* Two sockets for the stdin socket pipe (local thread). */
- num_sock_fds = 2;
-#else
- pid_t pid;
- num_sock_fds = 3; /* 0, 1, 2 */
-#endif
-
- pid = getpid();
- i = 1;
- while (i < argc) {
- if (strcmp(argv[i], "-d") == 0) {
- debug = 1;
- i++;
- } else if (strcmp(argv[i], "-dm") == 0) {
- debugmsg = 1;
- i++;
- } else if (strcmp(argv[i], "-pp") == 0) {
- i++;
- proxy_listenport = atoi(argv[i]);
- i++;
- } else if (strcmp(argv[i], "-pb") == 0) {
- i++;
- proxy_backlog = atoi(argv[i]);
- i++;
- } else if (strcmp(argv[i], "-pv") == 0) {
- i++;
- protocol_version = atoi(argv[i]);
- i++;
- } else if (strcmp(argv[i], "-dd") == 0) {
- i++;
- logfile = esock_malloc(strlen(argv[i]) + 64);
- sprintf(logfile, "%s/ssl_esock.%d.log", argv[i], (int)pid);
- i++;
- } else if (strcmp(argv[i], "-ersa") == 0) {
- ephemeral_rsa = 1;
- i++;
- } else if (strcmp(argv[i], "-edh") == 0) {
- ephemeral_dh = 1;
- i++;
- }
- }
- if (debug || debugmsg) {
- DEBUGF(("Starting ssl_esock\n"));
- if (logfile) {
- open_ssllog(logfile);
-#ifndef __WIN32__
- num_sock_fds++;
-#endif
- }
- atexit(close_ssllog);
- DEBUGF(("pid = %d\n", getpid()));
- }
- if (esock_ssl_init() < 0) {
- fprintf(stderr, "esock: Could not do esock_ssl_init\n");
- exit(EXIT_FAILURE);
- }
-
- atexit(esock_ssl_finish);
-
-#ifdef __WIN32__
- /* Start Windows' sockets */
- version = MAKEWORD(MAJOR_VERSION, MINOR_VERSION);
- if (WSAStartup(version, &wsa_data) != 0) {
- fprintf(stderr, "esock: Could not start up Windows' sockets\n");
- exit(EXIT_FAILURE);
- }
- atexit((void (*)(void))WSACleanup);
- if (LOBYTE(wsa_data.wVersion) < MAJOR_VERSION ||
- (LOBYTE(wsa_data.wVersion) == MAJOR_VERSION &&
- HIBYTE(wsa_data.wVersion) < MINOR_VERSION)) {
- fprintf(stderr, "esock: Windows socket version error. "
- "Requested version:"
- "%d.%d, version found: %d.%d\n", MAJOR_VERSION,
- MINOR_VERSION, LOBYTE(wsa_data.wVersion),
- HIBYTE(wsa_data.wVersion));
- exit(EXIT_FAILURE);
- }
- DEBUGF(("Using Windows socket version: %d.%d\n",
- LOBYTE(wsa_data.wVersion), HIBYTE(wsa_data.wVersion)));
- DEBUGF(("Maximum number of sockets available: %d\n",
- wsa_data.iMaxSockets));
-
- if (esock_osio_init() < 0) {
- fprintf(stderr, "esock: Could not init osio\n");
- exit(EXIT_FAILURE);
- }
- atexit(esock_osio_finish);
-#endif
-
- /* Create the local proxy listen socket and set it to non-blocking */
- proxy_listensock = do_listen("127.0.0.1", proxy_listenport,
- proxy_backlog, &proxy_listenport);
- if (proxy_listensock == INVALID_FD) {
- fprintf(stderr, "esock: Cannot create local listen socket\n");
- exit(EXIT_FAILURE);
- }
- SET_NONBLOCKING(proxy_listensock);
- DEBUGF(("Local proxy listen socket: fd = %d, port = %d\n",
- proxy_listensock, proxy_listenport));
-
- vsn = esock_ssl_version();
- ciphers = esock_ssl_ciphers();
-
- /* Report: port number of the local proxy listen socket, the native
- * os pid, the compile and lib versions of the ssl library, and
- * the list of available ciphers. */
- reply(ESOCK_PROXY_PORT_REP, "24sss", proxy_listenport, (int)pid,
- vsn->compile_version, vsn->lib_version, ciphers);
-
- atexit(clean_up);
-
- loop();
-
- if (logfile)
- esock_free(logfile);
- exit(EXIT_SUCCESS);
-}
-
-
-/*
- * Local functions
- *
- */
-
-static int loop(void)
-{
- EsockPoll pollfd;
- FD fd, msgsock, listensock, connectsock, proxysock;
- int cc, wc, fport, lport, pport, length, backlog, intref, op;
- int value;
- char *lipstring, *fipstring;
- char *flags;
- char *protocol_vsn, *cipher;
- unsigned char *cert, *bin;
- int certlen, binlen;
- struct sockaddr_in iserv_addr;
- int sret = 1;
- Connection *cp, *cpnext, *newcp;
- Proxy *pp;
- time_t last_time = 0, now = 0;
- int set_wq_fds;
-
- esock_poll_init(&pollfd);
-
- while(1) {
- esock_poll_zero(&pollfd);
- esock_poll_fd_set_read(&pollfd, proxy_listensock);
- esock_poll_fd_set_read(&pollfd, local_read_fd);
-
- set_wq_fds = 0;
-
- if (sret) /* sret == 1 the first time. */
- DEBUGF(("==========LOOP=============\n"));
-
- cc = set_poll_conns(connections, &pollfd, sret) + 1;
-
- if (sret) {
- print_connections();
- DEBUGF(("Before poll/select: %d descriptor%s (total %d)\n",
- cc, (cc == 1) ? "" : "s", num_sock_fds));
- }
-
- sret = esock_poll(&pollfd, SELECT_TIMEOUT);
- if (sret < 0) {
- DEBUGF(("select/poll error: %s\n", psx_errstr()));
- continue;
- }
-
- time(&now);
- if (now >= last_time + SELECT_TIMEOUT) {
- set_wq_fds = 1;
- last_time = now;
- }
- /*
- * First accept as many connections as possible on the
- * proxy listen socket. We record the peer port, which
- * is later used as a reference for joining a proxy
- * connection with a network connection.
- */
-
- if (esock_poll_fd_isset_read(&pollfd, proxy_listensock)) {
- while (1) {
- length = sizeof(iserv_addr);
- proxysock = do_accept(proxy_listensock,
- (struct sockaddr *)&iserv_addr,
- (int*)&length);
- if(proxysock == INVALID_FD) {
- if (sock_errno() != ERRNO_BLOCK) {
- /* We can here for example get the error
- * EMFILE, i.e. no more file descriptors
- * available, but we do not have any specific
- * connection to report the error to. We
- * increment the error counter and saves the
- * last err.
- */
- proxysock_err_cnt++;
- proxysock_last_err = sock_errno();
- DEBUGF(("accept error (proxy_listensock): %s\n",
- psx_errstr()));
- }
- break;
- } else {
- /* Get peer port number */
-/* length = sizeof(iserv_addr); */
-/* if (getpeername(proxysock, (struct sockaddr *)&iserv_addr, */
-/* &length) < 0) { */
-/* DEBUGF(("Can't get peername of proxy socket")); */
-/* safe_close(proxysock); */
-/* } else { */
- /* Add to pending proxy connections */
- SET_NONBLOCKING(proxysock);
- pp = new_proxy(proxysock);
- pp->peer_port = ntohs(iserv_addr.sin_port);
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("[PROXY_LISTEN_SOCK] conn accepted: "
- "proxyfd = %d, "
- "peer port = %d\n", proxysock, pp->peer_port));
-/* } */
- }
- }
- }
-
- /*
- * Read control messages from Erlang
- */
- if (esock_poll_fd_isset_read(&pollfd, local_read_fd)) {
- cc = read_ctrl(&ebuf);
- if ( cc < 0 ) {
- DEBUGF(("Read loop -1 or 0\n"));
- return -1;
- } else if (cc == 0) { /* not eof */
- DEBUGF(("GOT empty string \n"));
-
- } else {
-
- switch((int)*ebuf) {
-
- case ESOCK_SET_SEED_CMD:
- /*
- * ebuf = {cmd(1), binary(N) }
- */
- input("b", &binlen, &bin);
- DEBUGF(("[SET_SEED_CMD]\n"));
- esock_ssl_seed(bin, binlen);
- /* no reply */
- break;
-
- case ESOCK_GETPEERNAME_CMD:
- /*
- * ebuf = {cmd(1), fd(4)}
- */
- input("4", &fd);
- DEBUGF(("[GETPEERNAME_CMD] fd = %d\n", fd));
- cp = get_connection(fd);
- length = sizeof(iserv_addr);
- if (!cp) {
- sock_set_errno(ERRNO_NOTSOCK);
- reply(ESOCK_GETPEERNAME_ERR, "4s", fd, psx_errstr());
- } else if (getpeername(fd,
- (struct sockaddr *) &iserv_addr,
- &length) < 0) {
- reply(ESOCK_GETPEERNAME_ERR, "4s", fd, psx_errstr());
- } else {
- /*
- * reply = {cmd(1), fd(4), port(2),
- * ipstring(N), 0(1)}
- */
- reply(ESOCK_GETPEERNAME_REP, "42s", fd,
- ntohs(iserv_addr.sin_port),
- inet_ntoa(iserv_addr.sin_addr));
- }
- break;
-
- case ESOCK_GETSOCKNAME_CMD:
- /*
- * ebuf = {cmd(1), fd(4)}
- */
- input("4", &fd);
- DEBUGF(("[GETSOCKNAME_CMD] fd = %d\n", fd));
- cp = get_connection(fd);
- length = sizeof(iserv_addr);
- if (!cp) {
- sock_set_errno(ERRNO_NOTSOCK);
- reply(ESOCK_GETSOCKNAME_ERR, "4s", fd, psx_errstr());
- } else if (getsockname(fd,
- (struct sockaddr *)&iserv_addr,
- &length) < 0) {
- reply(ESOCK_GETSOCKNAME_ERR, "4s", fd, psx_errstr());
- } else {
- /*
- * reply = {cmd(1), fd(4), port(2),
- * ipstring(N), 0(1)}
- */
- reply(ESOCK_GETSOCKNAME_REP, "42s", fd,
- ntohs(iserv_addr.sin_port),
- inet_ntoa(iserv_addr.sin_addr));
- }
- break;
-
- case ESOCK_GETCONNINFO_CMD:
- /*
- * ebuf = {cmd(1), fd(4)}
- */
- input("4", &fd);
- DEBUGF(("[GETCONNINFO_CMD] fd = %d\n", fd));
- cp = get_connection(fd);
- if (!cp) {
- sock_set_errno(ERRNO_NOTSOCK);
- reply(ESOCK_GETCONNINFO_ERR, "4s", fd, psx_errstr());
- } else {
- if (esock_ssl_getprotocol_version(cp,
- &protocol_vsn) < 0)
- reply(ESOCK_GETCONNINFO_ERR, "4s", fd, psx_errstr());
- else if (esock_ssl_getcipher(cp, &cipher) < 0)
- reply(ESOCK_GETCONNINFO_ERR, "4s", fd, psx_errstr());
- else
- /*
- * reply = {cmd(1), fd(4), protocol(N), 0(1),
- * cipher(N), 0(1)}
- */
- reply(ESOCK_GETCONNINFO_REP, "4ss", fd,
- protocol_vsn, cipher);
- }
- break;
-
- case ESOCK_GETPEERCERT_CMD:
- /*
- * ebuf = {cmd(1), fd(4)}
- */
- input("4", &fd);
- DEBUGF(("[GETPEERCERT_CMD] fd = %d\n", fd));
- cp = get_connection(fd);
- if (!cp) {
- sock_set_errno(ERRNO_NOTSOCK);
- reply(ESOCK_GETPEERCERT_ERR, "4s", fd, psx_errstr());
- } else {
- if ((certlen = esock_ssl_getpeercert(cp, &cert)) < 0)
- reply(ESOCK_GETPEERCERT_ERR, "4s", fd, psx_errstr());
- else {
- /*
- * reply = {cmd(1), fd(4), certlen(4), cert(N)}
- */
- reply(ESOCK_GETPEERCERT_REP, "4b", fd,
- certlen, cert);
- esock_free(cert);
- }
- }
- break;
-
- case ESOCK_CONNECT_CMD:
- /*
- * ebuf = {cmd(1), intref(4),
- * lport(2), lipstring(N), 0(1), -- local
- * fport(2), fipstring(N), 0(1), -- foreign
- * flags(N), 0(1)}
- */
- input("42s2ss", &intref, &lport, &lipstring,
- &fport, &fipstring, &flags);
- DEBUGF(("[CONNECT_CMD] intref = %d, "
- "lipstring = %s lport = %d, "
- "fipstring = %s fport = %d, "
- "flags = %s\n", intref, lipstring, lport,
- fipstring, fport, flags));
- connectsock = do_connect(lipstring, lport,
- fipstring, fport);
- if(connectsock == INVALID_FD) {
- reply(ESOCK_CONNECT_SYNC_ERR, "4s", intref, psx_errstr());
- break;
- }
- DEBUGF((" fd = %d\n", connectsock));
- cp = new_connection(ESOCK_WAIT_CONNECT, connectsock);
- cp->origin = ORIG_CONNECT;
- length = strlen(flags);
- cp->flags = esock_malloc(length + 1);
- strcpy(cp->flags, flags);
- DEBUGF(("-> WAIT_CONNECT fd = %d\n", connectsock));
- /* Publish connectsock */
- reply(ESOCK_CONNECT_WAIT_REP, "44", intref, connectsock);
- break;
-
- case ESOCK_TERMINATE_CMD:
- /*
- * ebuf = {cmd(1)}
- */
- exit(EXIT_SUCCESS);
- break;
-
- case ESOCK_CLOSE_CMD:
- /*
- * ebuf = {cmd(1), fd(4)}
- */
- input("4", &fd);
- if ((cp = get_connection(fd))) {
- DEBUGF(("%s[CLOSE_CMD]: fd = %d\n",
- connstr[cp->state], fd));
- if (cp->proxy)
- cp->proxy->bp = 1;
- switch (cp->state) {
- case ESOCK_JOINED:
- cp->close = 1;
- if (JOINED_STATE_INVALID(cp))
- leave_joined_state(cp);
- break;
- case ESOCK_SSL_SHUTDOWN:
- cp->close = 1;
- DEBUGF((" close flag set\n"));
- break;
- default:
- DEBUGF(("-> (removal)\n"));
- close_and_remove_connection(cp);
- }
- } else
- DEBUGF(("[CLOSE_CMD]: ERROR: fd = %d not found\n", fd));
- break;
-
- case ESOCK_SET_SOCKOPT_CMD:
- /*
- * ebuf = {cmd(1), fd(4), op(1), on(1)}
- */
- input("411", &fd, &op, &value);
- switch(op) {
- case ESOCK_SET_TCP_NODELAY:
- if(setsockopt(fd, IPPROTO_TCP, TCP_NODELAY,
- (void *)&value, sizeof(value)) < 0) {
- DEBUGF(("Error: setsockopt TCP_NODELAY\n"));
- reply(ESOCK_IOCTL_ERR, "4s", fd, psx_errstr());
- } else {
- reply(ESOCK_IOCTL_OK, "4", fd);
- }
- break;
- default:
- DEBUGF(("Error: set_sock_opt - Not implemented\n"));
- sock_set_errno(ERRNO_OPNOTSUPP);
- reply(ESOCK_IOCTL_ERR, "4", fd, psx_errstr());
- break;
- }
- break;
-
- case ESOCK_LISTEN_CMD:
- /*
- * ebuf = {cmd(1), intref(4), lport(2), ipstring(N), 0(1),
- * backlog(2), flags(N), 0(1)}
- */
- input("42s2s", &intref, &lport, &lipstring, &backlog,
- &flags);
- DEBUGF(("[LISTEN_CMD] intref = %d, port = %d, "
- "ipstring = %s, backlog = %d, flags = %s\n",
- intref, lport, lipstring, backlog, flags));
-
- listensock = do_listen(lipstring, lport, backlog, &lport);
- if(listensock == INVALID_FD) {
- reply(ESOCK_LISTEN_SYNC_ERR, "4s", intref, psx_errstr());
- break;
- }
- cp = new_connection(ESOCK_PASSIVE_LISTENING, listensock);
- /* Flags may be an empty string */
- length = strlen(flags);
- cp->flags = esock_malloc(length + 1);
- strcpy(cp->flags, flags);
-
- cp->origin = ORIG_LISTEN;
- if (esock_ssl_listen_init(cp) < 0) {
- DEBUGF(("esock_ssl_listen_init() failed.\n"));
- reply(ESOCK_LISTEN_SYNC_ERR, "4s", intref,
- ssl_errstr());
- close_and_remove_connection(cp);
- break;
- }
- DEBUGF(("-> PASSIVE_LISTENING (fd = %d)\n", listensock));
- /* Publish listensock */
- reply(ESOCK_LISTEN_REP, "442", intref, listensock,
- ntohs(iserv_addr.sin_port));
- break;
-
- case ESOCK_TRANSPORT_ACCEPT_CMD:
- /*
- * ebuf = { op(1), fd(4), flags(N), 0(1)}
- */
- input("4s", &fd, &flags);
- DEBUGF(("[TRANSPORT_ACCEPT_CMD] listenfd = %d, flags = %s\n", fd,
- flags));
- cp = get_connection(fd);
- if (cp) {
- /* We store the flags in the listen socket's
- * connection, and overwrite previous flags.
- */
- if ((length = strlen(flags)) > 0) {
- if (cp->flags)
- cp->flags = esock_realloc(cp->flags,
- length + 1);
- else
- cp->flags = esock_malloc(length + 1);
- strcpy(cp->flags, flags);
- }
- if (cp->flags && cp->flags[0] != '\0') {
- cp->acceptors++;
- cp->state = ESOCK_ACTIVE_LISTENING;
- DEBUGF(("-> ACTIVE_LISTENING\n"));
- break;
- }
- DEBUGF(("ERROR: flags empty\n"));
- }
- reply(ESOCK_TRANSPORT_ACCEPT_ERR, "4s", fd, "ebadf");
- break;
-
- case ESOCK_SSL_ACCEPT_CMD:
- input("4s", &fd, &flags);
- DEBUGF(("[SSL_ACCEPT_CMD] fd = %d, flags = %s\n", fd, flags));
- cp = get_connection(fd);
- if (cp)
- cp->state = ESOCK_SSL_ACCEPT;
- //reply(ESOCK_SSL_ACCEPT_REP, "4", fd);
- break;
-
- case ESOCK_NOACCEPT_CMD:
- /*
- * ebuf = {cmd(1), fd(4)}
- */
- input("4", &fd);
- DEBUGF(("[NOACCEPT_CMD] listenfd = %d\n", fd));
- cp = get_connection(fd);
- if (cp && (--cp->acceptors <= 0)) {
- cp->acceptors = 0;
- cp->state = ESOCK_PASSIVE_LISTENING;
- esock_poll_clear_event(&pollfd, fd);
- DEBUGF(("-> PASSIVE_LISTENING\n"));
- }
- break;
-
- case ESOCK_PROXY_JOIN_CMD:
- /*
- * ebuf = {cmd(1), fd(4), portnum(2)}
- *
- * fd - file descriptor of a connection in state
- * CONNECTED
- * portnum - port number of the Erlang proxy peer
- */
- input("42", &fd, &pport);
- cp = get_connection(fd);
- pp = get_proxy_by_peerport(pport);
- if (cp && cp->state == ESOCK_CONNECTED && pp) {
- DEBUGF(("CONNECTED[PROXY_JOIN_CMD] fd = %d "
- "portnum = %d\n", fd, pport));
- cp->proxy = pp;
- pp->conn = cp;
- reply(ESOCK_PROXY_JOIN_REP, "4", fd);
- cp->state = ESOCK_JOINED;
- DEBUGF(("-> JOINED\n"));
- break;
- }
- if (!cp) {
- DEBUGF(("[PROXY_JOIN_CMD] ERROR: No connection "
- "having fd = %d\n", fd));
- reply(ESOCK_PROXY_JOIN_ERR, "4s", fd, "ebadsocket");
- } else if (cp->state != ESOCK_CONNECTED) {
- DEBUGF(("%s[PROXY_JOIN_CMD] ERROR: Bad state: "
- "fd = %d\n", connstr[cp->state], cp->fd));
- reply(ESOCK_PROXY_JOIN_ERR, "4s", fd, "ebadstate");
- } else {
- DEBUGF(("ERROR: No proxy: fd = %d, pport = %d\n",
- fd, pport));
- if (proxysock_err_cnt > 0) {
- proxysock_err_cnt--;
- reply(ESOCK_PROXY_JOIN_ERR, "4s", fd,
- esock_posix_str(proxysock_last_err));
- } else {
- reply(ESOCK_PROXY_JOIN_ERR, "4s", fd,
- "enoproxysocket");
- }
- cp->state = ESOCK_DEFUNCT;
- }
- break;
-
- case ESOCK_DUMP_STATE_CMD:
- dump_connections();
- break;
-
- case ESOCK_SET_DEBUG_CMD:
- /*
- * ebuf = {cmd(1), debug(1)}
- */
- input("1", &debug);
- break;
-
- case ESOCK_SET_DEBUGMSG_CMD:
- /*
- * ebuf = {cmd(1), debugmsg(1)}
- */
- input("1", &debugmsg);
- break;
-
- default:
- fprintf(stderr, "esock: default value in loop %c\n",
- *ebuf);
- exit(EXIT_FAILURE);
- break;
- }
- }
- }
-
- /* Go through all connections that have their file descriptors
- set. */
-
- /* Note: We may remove the current connection (cp). Thus we
- * must be careful not to read cp->next after cp has been
- * removed. */
- for (cp = next_polled_conn(connections, &cpnext, &pollfd, set_wq_fds);
- cp != NULL;
- cp = next_polled_conn(cpnext, &cpnext, &pollfd, set_wq_fds)
- ) {
-
- switch(cp->state) {
-
- case ESOCK_PASSIVE_LISTENING:
- DEBUGF(("-----------------------------------\n"));
- fprintf(stderr, "esock: Got connect request while PASSIVE\n");
- exit(EXIT_FAILURE);
- break;
-
- case ESOCK_ACTIVE_LISTENING:
- /* new connect from network */
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("ACTIVE_LISTENING - trying to accept on %d\n",
- cp->fd));
- length = sizeof(iserv_addr);
- msgsock = do_accept(cp->fd, (struct sockaddr*)&iserv_addr,
- (int*)&length);
- if(msgsock == INVALID_FD) {
- DEBUGF(("accept error: %s\n", psx_errstr()));
- reply(ESOCK_TRANSPORT_ACCEPT_ERR, "4s", cp->fd, psx_errstr());
- break;
- }
- SET_NONBLOCKING(msgsock);
- if (--cp->acceptors <= 0) {
- cp->acceptors = 0;
- cp->state = ESOCK_PASSIVE_LISTENING;
- DEBUGF(("-> PASSIVE_LISTENING\n"));
- }
- DEBUGF(("server accepted connection on fd %d\n", msgsock));
- newcp = new_connection(ESOCK_TRANSPORT_ACCEPT, msgsock);
- newcp->origin = ORIG_ACCEPT;
- reply(ESOCK_TRANSPORT_ACCEPT_REP, "44", cp->fd, msgsock);
- newcp->listen_fd = cp->fd; /* Needed for ESOCK_ACCEPT_ERR */
- length = strlen(cp->flags);
- /* XXX new flags are not needed */
- newcp->flags = esock_malloc(length + 1);
- strcpy(newcp->flags, cp->flags); /* XXX Why? */
- if (esock_ssl_accept_init(newcp, cp->opaque) < 0) {
- cp->errstr = ssl_errstr();
- break;
- }
- newcp->ssl_want = ESOCK_SSL_WANT_READ;
- break;
-
- case ESOCK_SSL_ACCEPT:
- /* SSL accept handshake. msgsock is *not* published yet. */
- msgsock = cp->fd;
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("SSL_ACCEPT fd = %d\n", msgsock));
- if (cp->errstr != NULL) { /* this means we got an error in ssl_accept_init */
- /* N.B.: The *listen fd* is reported. */
- reply(ESOCK_SSL_ACCEPT_ERR, "4s", msgsock, cp->errstr);
- close_and_remove_connection(cp);
- break;
- }
- if (esock_ssl_accept(cp) < 0) {
- if (sock_errno() != ERRNO_BLOCK) {
- /* Handshake failed. */
- reply(ESOCK_SSL_ACCEPT_ERR, "4s", msgsock,
- ssl_errstr());
- DEBUGF(("ERROR: handshake: %s\n", ssl_errstr()));
- close_and_remove_connection(cp);
- }
- } else {
- /* SSL handshake successful: publish */
- reply(ESOCK_SSL_ACCEPT_REP, "4", msgsock);
- DEBUGF(("-> CONNECTED\n"));
- DEBUGF((" Session was %sreused.\n",
- (esock_ssl_session_reused(cp)) ? "" : "NOT "));
- cp->state = ESOCK_CONNECTED;
- }
- break;
-
- case ESOCK_CONNECTED:
- /* Should not happen. We do not read or write until
- the connection is in state JOINED. */
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("CONNECTED: Error: should not happen. fd = %d\n",
- cp->fd));
- break;
-
- case ESOCK_JOINED:
- /*
- * Reading from Proxy, writing to SSL
- */
- if (esock_poll_fd_isset_write(&pollfd, cp->fd)) {
- /* If there is a write queue, write to ssl only */
- if (cp->wq.len > 0) {
- /* The write retry semantics of SSL_write in
- * the OpenSSL package is strange. Partial
- * writes never occur, only complete writes or
- * failures. A failure, however, still
- * consumes all data written, although not all
- * encrypted data could be written to the
- * underlying socket. To retry a write we have
- * to provide the same buf and length as in
- * the original call, in our case rwbuf and
- * the original buffer length. Hence the
- * strange memcpy(). Note that wq.offset will
- * always be zero when we use OpenSSL.
- */
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("JOINED: writing to ssl "
- "fd = %d, from write queue only, wc = %d\n",
- cp->fd, cp->wq.len - cp->wq.offset));
- memcpy(rwbuf, cp->wq.buf, cp->wq.len - cp->wq.offset);
-
- /* esock_ssl_write sets cp->eof, cp->bp when return
- * value is zero */
- wc = esock_ssl_write(cp, rwbuf,
- cp->wq.len - cp->wq.offset);
- if (wc < 0) {
- if (sock_errno() != ERRNO_BLOCK) {
- /* Assume broken SSL pipe */
- DEBUGF(("broken SSL pipe\n"));
- cp->bp = 1;
- shutdown(cp->proxy->fd, SHUTDOWN_READ);
- cp->proxy->eof = 1;
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- }
- } else if (wc == 0) {
- /* SSL broken pipe */
- DEBUGF(("broken SSL pipe\n"));
- cp->bp = 1;
- shutdown(cp->proxy->fd, SHUTDOWN_READ);
- cp->proxy->eof = 1;
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- } else {
- cp->wq.offset += wc;
- if (cp->wq.offset == cp->wq.len)
- cp->wq.len = 0;
- }
- }
- } else if (esock_poll_fd_isset_read(&pollfd, cp->proxy->fd)) {
- /* Read from proxy and write to SSL */
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("JOINED: reading from proxy, "
- "proxyfd = %d\n", cp->proxy->fd));
- cc = sock_read(cp->proxy->fd, rwbuf, RWBUFLEN);
- DEBUGF(("read from proxyfd = %d, cc = %d\n",
- cp->proxy->fd, cc));
- if (cc > 0) {
- /* esock_ssl_write sets cp->eof, cp->bp when return
- * value is zero */
- wc = esock_ssl_write(cp, rwbuf, cc);
- if (wc < 0) {
- if (sock_errno() != ERRNO_BLOCK) {
- /* Assume broken pipe */
- DEBUGF(("broken SSL pipe\n"));
- cp->bp = 1;
- shutdown(cp->proxy->fd, SHUTDOWN_READ);
- cp->proxy->eof = 1;
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- } else {
- /* add to write queue */
- DEBUGF(("adding all to write queue "
- "%d bytes\n", cc));
- ensure_write_queue(&cp->wq, cc);
- memcpy(cp->wq.buf, rwbuf, cc);
- cp->wq.len = cc;
- cp->wq.offset = 0;
- }
- } else if (wc == 0) {
- /* Broken SSL pipe */
- DEBUGF(("broken SSL pipe\n"));
- cp->bp = 1;
- shutdown(cp->proxy->fd, SHUTDOWN_READ);
- cp->proxy->eof = 1;
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- } else if (wc < cc) {
- /* add remainder to write queue */
- DEBUGF(("adding remainder to write queue "
- "%d bytes\n", cc - wc));
- ensure_write_queue(&cp->wq, cc - wc);
- memcpy(cp->wq.buf, rwbuf + wc, cc - wc);
- cp->wq.len = cc - wc;
- cp->wq.offset = 0;
- }
- } else {
- /* EOF proxy or error */
- DEBUGF(("proxy eof or error %d\n", errno));
- cp->proxy->eof = 1;
- if (cp->wq.len == 0) {
- esock_ssl_shutdown(cp);
- cp->bp = 1;
- }
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- }
- }
- /*
- * Reading from SSL, writing to proxy
- */
- if (esock_poll_fd_isset_write(&pollfd, cp->proxy->fd)) {
- /* If there is a write queue, write to proxy only */
- if (cp->proxy->wq.len > 0) {
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("JOINED: writing to proxyfd = %d, "
- "from write queue only, wc = %d\n",
- cp->proxy->fd, cp->proxy->wq.len -
- cp->proxy->wq.offset));
- wc = sock_write(cp->proxy->fd, cp->proxy->wq.buf +
- cp->proxy->wq.offset,
- cp->proxy->wq.len -
- cp->proxy->wq.offset);
- if (wc < 0) {
- if (sock_errno() != ERRNO_BLOCK) {
- /* Assume broken pipe */
- DEBUGF(("broken proxy pipe\n"));
- cp->proxy->bp = 1;
- /* There is no SSL shutdown for read */
- cp->eof = 1;
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- }
- } else {
- cp->proxy->wq.offset += wc;
- if (cp->proxy->wq.offset == cp->proxy->wq.len)
- cp->proxy->wq.len = 0;
- }
- }
- } else if (esock_poll_fd_isset_read(&pollfd, cp->fd)) {
- /* Read from SSL and write to proxy */
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("JOINED: read from ssl fd = %d\n",
- cp->fd));
- cc = esock_ssl_read(cp, rwbuf, RWBUFLEN);
- DEBUGF(("read from fd = %d, cc = %d\n", cp->fd, cc));
- if (cc > 0) {
- wc = sock_write(cp->proxy->fd, rwbuf, cc);
- if (wc < 0) {
- if (sock_errno() != ERRNO_BLOCK) {
- DEBUGF(("broken proxy pipe\n"));
- /* Assume broken pipe */
- cp->proxy->bp = 1;
- /* There is no SSL shutdown for read */
- cp->eof = 1;
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- } else {
- /* add all to write queue */
- DEBUGF(("adding to write queue %d bytes\n",
- cc));
- ensure_write_queue(&cp->proxy->wq, cc);
- memcpy(cp->proxy->wq.buf, rwbuf, cc);
- cp->proxy->wq.len = cc;
- cp->proxy->wq.offset = 0;
- }
- } else if (wc < cc) {
- /* add to write queue */
- DEBUGF(("adding to write queue %d bytes\n",
- cc - wc));
- ensure_write_queue(&cp->proxy->wq, cc - wc);
- memcpy(cp->proxy->wq.buf, rwbuf + wc, cc - wc);
- cp->proxy->wq.len = cc - wc;
- cp->proxy->wq.offset = 0;
- }
- } else if (cc == 0) {
- /* SSL eof */
- DEBUGF(("SSL eof\n"));
- cp->eof = 1;
- if (cp->proxy->wq.len == 0) {
- shutdown(cp->proxy->fd, SHUTDOWN_WRITE);
- cp->proxy->bp = 1;
- }
- if (JOINED_STATE_INVALID(cp)) {
- leave_joined_state(cp);
- break;
- }
- } else {
- /* This may very well happen when reading from SSL. */
- DEBUGF(("NOTE: readmask set, cc < 0, fd = %d, "
- "is ok\n", cp->fd));
- }
- }
- break;
-
- case ESOCK_SSL_SHUTDOWN:
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("SSL_SHUTDOWN: fd = %d\n", cp->fd));
- do_shutdown(cp);
- break;
-
- case ESOCK_DEFUNCT:
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("DEFUNCT: ERROR: should not happen. fd = %d\n",
- cp->fd));
- break;
-
- case ESOCK_WAIT_CONNECT:
- /* New connection shows up */
- connectsock = cp->fd;/* Is published */
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("WAIT_CONNECT fd = %d\n", connectsock));
-
- /* If the connection did succeed it's possible to
- * fetch the peer name (UNIX); or failure shows in
- * exceptmask (WIN32). Sorry for the mess below, but
- * we have to have balanced paren's in #ifdefs in
- * order not to confuse Emacs' indentation. */
- length = sizeof(iserv_addr);
- if (
-#ifdef __WIN32__
- esock_poll_fd_isset_exception(&pollfd, connectsock)
-#else
- getpeername(connectsock, (struct sockaddr *)&iserv_addr,
- &length) < 0
-#endif
- ) {
- sock_set_errno(ERRNO_CONNREFUSED);
- DEBUGF(("connect error: %s\n", psx_errstr()));
- reply(ESOCK_CONNECT_ERR, "4s", connectsock, psx_errstr());
- cp->state = ESOCK_DEFUNCT;
- break;
- }
- if (esock_ssl_connect_init(cp) < 0) {
- DEBUGF(("esock_ssl_connect_init() failed\n"));
- reply(ESOCK_CONNECT_ERR, "4s", connectsock, ssl_errstr());
- cp->state = ESOCK_DEFUNCT;
- break;
- }
- DEBUGF(("-> SSL_CONNECT\n"));
- cp->state = ESOCK_SSL_CONNECT;
- cp->ssl_want = ESOCK_SSL_WANT_WRITE;
- break;
-
- case ESOCK_SSL_CONNECT:
- /* SSL connect handshake. connectsock is published. */
- connectsock = cp->fd;
- DEBUGF(("-----------------------------------\n"));
- DEBUGF(("SSL_CONNECT fd = %d\n", connectsock));
- if (esock_ssl_connect(cp) < 0) {
- if (sock_errno() != ERRNO_BLOCK) {
- /* Handshake failed */
- DEBUGF(("ERROR: handshake: %s\n", ssl_errstr()));
- reply(ESOCK_CONNECT_ERR, "4s", connectsock,
- ssl_errstr());
- cp->state = ESOCK_DEFUNCT;
- }
- } else {
- /* SSL connect handshake successful */
- DEBUGF(("-> CONNECTED\n"));
- reply(ESOCK_CONNECT_REP, "4", connectsock);
- cp->state = ESOCK_CONNECTED;
- }
- break;
-
- default:
- DEBUGF(("ERROR: Connection in unknown state.\n"));
- }
- }
- }
-}
-
-static int set_poll_conns(Connection *cp, EsockPoll *ep, int verbose)
-{
- int i = 0;
-
- if (verbose)
- DEBUGF(("MASKS SET FOR FD: "));
- while (cp) {
- switch (cp->state) {
- case ESOCK_ACTIVE_LISTENING:
- if (verbose)
- DEBUGF(("%d (read) ", cp->fd));
- esock_poll_fd_set_read(ep, cp->fd);
- break;
- case ESOCK_WAIT_CONNECT:
- if (verbose)
- DEBUGF(("%d (write) ", cp->fd));
- esock_poll_fd_set_write(ep, cp->fd);
-#ifdef __WIN32__
- esock_poll_fd_set_exception(ep, cp->fd); /* Failure shows in exceptions */
-#endif
- break;
- case ESOCK_SSL_CONNECT:
- case ESOCK_SSL_ACCEPT:
- if (cp->ssl_want == ESOCK_SSL_WANT_READ) {
- if (verbose)
- DEBUGF(("%d (read) ", cp->fd));
- esock_poll_fd_set_read(ep, cp->fd);
- } else if (cp->ssl_want == ESOCK_SSL_WANT_WRITE) {
- if (verbose)
- DEBUGF(("%d (write) ", cp->fd));
- esock_poll_fd_set_write(ep, cp->fd);
- }
- break;
- case ESOCK_JOINED:
- if (!cp->bp) {
- if (cp->wq.len) {
- if (verbose)
- DEBUGF(("%d (write) ", cp->fd));
- esock_poll_fd_set_write(ep, cp->fd);
- } else if (!cp->proxy->eof) {
- if (verbose)
- DEBUGF(("%d (read) ", cp->proxy->fd));
- esock_poll_fd_set_read(ep, cp->proxy->fd);
- }
- }
- if (!cp->proxy->bp) {
- if (cp->proxy->wq.len) {
- if (verbose)
- DEBUGF(("%d (write) ", cp->proxy->fd));
- esock_poll_fd_set_write(ep, cp->proxy->fd);
- } else if (!cp->eof) {
- if (verbose)
- DEBUGF(("%d (read) ", cp->fd));
- esock_poll_fd_set_read(ep, cp->fd);
- }
- }
- break;
- case ESOCK_SSL_SHUTDOWN:
- if (cp->ssl_want == ESOCK_SSL_WANT_READ) {
- if (verbose)
- DEBUGF(("%d (read) ", cp->fd));
- esock_poll_fd_set_read(ep, cp->fd);
- } else if (cp->ssl_want == ESOCK_SSL_WANT_WRITE) {
- if (verbose)
- DEBUGF(("%d (write) ", cp->fd));
- esock_poll_fd_set_write(ep, cp->fd);
- }
- break;
- default:
- break;
- }
- i++;
- cp = cp->next;
- }
- if (verbose)
- DEBUGF(("\n"));
- return i;
-}
-
-
-static Connection *next_polled_conn(Connection *cp, Connection **cpnext,
- EsockPoll *ep, int set_wq_fds)
-{
- while(cp) {
- if (esock_poll_fd_isset_read(ep, cp->fd) ||
- (cp->proxy && esock_poll_fd_isset_read(ep, cp->proxy->fd)) ||
- (esock_poll_fd_isset_write(ep, cp->fd)) ||
- (cp->proxy && esock_poll_fd_isset_write(ep, cp->proxy->fd))
-#ifdef __WIN32__
- || esock_poll_fd_isset_exception(ep, cp->fd) /* Connect failure in WIN32 */
-#endif
- || (set_wq_fds && (cp->wq.len ||
- (cp->proxy && cp->proxy->wq.len)))
- || cp->errstr != NULL) {
- *cpnext = cp->next;
- return cp;
- }
- cp = cp->next;
- }
- *cpnext = NULL;
- return NULL;
-}
-
-static void leave_joined_state(Connection *cp)
-{
- shutdown(cp->proxy->fd, SHUTDOWN_ALL);
- if (((cp->bp || cp->eof) && cp->clean) ||
- (!cp->bp && !cp->eof)) {
- DEBUGF(("-> SSL_SHUTDOWN\n"));
- cp->state = ESOCK_SSL_SHUTDOWN;
- cp->ssl_want = ESOCK_SSL_WANT_WRITE;
- do_shutdown(cp);
- } else if (cp->close) {
- DEBUGF(("-> (removal)\n"));
- close_and_remove_connection(cp);
- } else {
- DEBUGF(("-> DEFUNCT\n"));
- cp->state = ESOCK_DEFUNCT;
- }
-}
-
-/* We are always in state SHUTDOWN here */
-static void do_shutdown(Connection *cp)
-{
- int ret;
-
- ret = esock_ssl_shutdown(cp);
- if (ret < 0) {
- if (sock_errno() == ERRNO_BLOCK) {
- return;
- } else {
- /* Something is wrong -- close and remove or move to DEFUNCT */
- DEBUGF(("Error in SSL shutdown\n"));
- if (cp->close) {
- DEBUGF(("-> (removal)\n"));
- close_and_remove_connection(cp);
- } else {
- DEBUGF(("-> DEFUNCT\n"));
- cp->state = ESOCK_DEFUNCT;
- }
- }
- } else if (ret == 0) {
- /* `close_notify' has been sent. Wait for reception of
- same. */
- return;
- } else if (ret == 1) {
- /* `close_notify' has been sent, and received. */
- if (cp->close) {
- DEBUGF(("-> (removal)\n"));
- close_and_remove_connection(cp);
- } else {
- DEBUGF(("-> DEFUNCT\n"));
- cp->state = ESOCK_DEFUNCT;
- }
- }
-}
-
-static void close_and_remove_connection(Connection *cp)
-{
- safe_close(cp->fd);
- remove_connection(cp);
-}
-
-static int reply(int cmd, char *fmt, ...)
-{
- static unsigned char replybuf[MAXREPLYBUF];
- unsigned char *buf = replybuf;
- va_list args;
- int len;
-
- va_start(args, fmt);
- len = put_pars(NULL, fmt, args);
- va_end(args);
- len++;
- if (len > sizeof(replybuf))
- buf = esock_malloc(len);
-
- PUT_INT8(cmd, buf);
- va_start(args, fmt);
- (void) put_pars(buf + 1, fmt, args);
- va_end(args);
- write_ctrl(buf, len);
- if (buf != replybuf)
- esock_free(buf);
- return len;
-}
-
-static int input(char *fmt, ...)
-{
- va_list args;
- int len;
-
- va_start(args, fmt);
- len = get_pars(ebuf + 1, fmt, args);
- va_end(args);
- return len + 1;
-}
-
-static int put_pars(unsigned char *buf, char *fmt, va_list args)
-{
- char *s, *str, *bin;
- int val, len, pos = 0;
-
- s = fmt;
- while (*s) {
- switch (*s) {
- case '1':
- val = va_arg(args, int);
- if (buf)
- PUT_INT8(val, buf + pos);
- pos++;
- break;
- case '2':
- val = va_arg(args, int);
- if (buf)
- PUT_INT16(val, buf + pos);
- pos += 2;
- break;
- case '4':
- val = va_arg(args, int);
- if (buf)
- PUT_INT32(val, buf + pos);
- pos += 4;
- break;
- case 's': /* string */
- str = va_arg(args, char *);
- if (buf)
- strcpy((char *)(buf + pos), str);
- pos += strlen(str) + 1;
- break;
- case 'b': /* binary */
- len = va_arg(args, int);
- if (buf)
- PUT_INT32(len, buf + pos);
- pos += 4;
- bin = va_arg(args, char *);
- if (buf)
- memcpy(buf + pos, bin, len);
- pos += len;
- break;
- default:
- fprintf(stderr, "esock: Invalid format character: %c\n", *s);
- exit(EXIT_FAILURE);
- break;
- }
- s++;
- }
- return pos;
-}
-
-
-static int get_pars(unsigned char *buf, char *fmt, va_list args)
-{
- int *ip;
- char *s, **strp, **bin;
- int pos = 0;
-
- s = fmt;
- while (*s) {
- switch (*s) {
- case '1':
- ip = va_arg(args, int *);
- *ip = GET_INT8(buf + pos);
- pos++;
- break;
- case '2':
- ip = va_arg(args, int *);
- *ip = GET_INT16(buf + pos);
- pos += 2;
- break;
- case '4':
- ip = va_arg(args, int *);
- *ip = GET_INT32(buf + pos);
- pos += 4;
- break;
- case 's':
- strp = va_arg(args, char **);
- *strp = (char *)(buf + pos);
- pos += strlen(*strp) + 1;
- break;
- case 'b':
- ip = va_arg(args, int *);
- *ip = GET_INT32(buf + pos);
- pos += 4;
- bin = va_arg(args, char **);
- *bin = (char *)(buf + pos);
- pos += *ip;
- break;
- default:
- fprintf(stderr, "esock: Invalid format character: %c\n", *s);
- exit(EXIT_FAILURE);
- break;
- }
- s++;
- }
- return pos;
-}
-
-static FD do_connect(char *lipstring, int lport, char *fipstring, int fport)
-{
- struct sockaddr_in sock_addr;
- long inaddr;
- FD fd;
-
- if ((fd = socket(AF_INET, SOCK_STREAM, 0)) == INVALID_FD) {
- DEBUGF(("Error calling socket()\n"));
- return fd;
- }
- if (check_num_sock_fds(fd) < 0)
- return INVALID_FD;
- DEBUGF((" fd = %d\n", fd));
-
- /* local */
- if ((inaddr = inet_addr(lipstring)) == INADDR_NONE) {
- DEBUGF(("Error in inet_addr(): lipstring = %s\n", lipstring));
- safe_close(fd);
- sock_set_errno(ERRNO_ADDRNOTAVAIL);
- return INVALID_FD;
- }
- memset(&sock_addr, 0, sizeof(sock_addr));
- sock_addr.sin_family = AF_INET;
- sock_addr.sin_addr.s_addr = inaddr;
- sock_addr.sin_port = htons(lport);
- if(bind(fd, (struct sockaddr*) &sock_addr, sizeof(sock_addr)) < 0) {
- DEBUGF(("Error in bind()\n"));
- safe_close(fd);
- /* XXX Set error code for bind error */
- return INVALID_FD;
- }
-
- /* foreign */
- if ((inaddr = inet_addr(fipstring)) == INADDR_NONE) {
- DEBUGF(("Error in inet_addr(): fipstring = %s\n", fipstring));
- safe_close(fd);
- sock_set_errno(ERRNO_ADDRNOTAVAIL);
- return INVALID_FD;
- }
- memset(&sock_addr, 0, sizeof(sock_addr));
- sock_addr.sin_family = AF_INET;
- sock_addr.sin_addr.s_addr = inaddr;
- sock_addr.sin_port = htons(fport);
-
- SET_NONBLOCKING(fd);
-
- if(connect(fd, (struct sockaddr*)&sock_addr, sizeof(sock_addr)) < 0) {
- if (sock_errno() != ERRNO_PROGRESS && /* UNIX */
- sock_errno() != ERRNO_BLOCK) { /* WIN32 */
- DEBUGF(("Error in connect()\n"));
- safe_close(fd);
- return INVALID_FD;
- }
- }
- return fd;
-}
-
-static FD do_listen(char *ipstring, int lport, int backlog, int *aport)
-{
- static int one = 1; /* Type must be int, not long */
- struct sockaddr_in sock_addr;
- long inaddr;
- int length;
- FD fd;
-
- if ((fd = socket(AF_INET, SOCK_STREAM, 0)) == INVALID_FD) {
- DEBUGF(("Error calling socket()\n"));
- return fd;
- }
- if (check_num_sock_fds(fd) < 0)
- return INVALID_FD;
- DEBUGF((" fd = %d\n", fd));
- if ((inaddr = inet_addr(ipstring)) == INADDR_NONE) {
- DEBUGF(("Error in inet_addr(): ipstring = %s\n", ipstring));
- safe_close(fd);
- sock_set_errno(ERRNO_ADDRNOTAVAIL);
- return INVALID_FD;
- }
- memset(&sock_addr, 0, sizeof(sock_addr));
- sock_addr.sin_family = AF_INET;
- sock_addr.sin_addr.s_addr = inaddr;
- sock_addr.sin_port = htons(lport);
-
- setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one));
-
- if(bind(fd, (struct sockaddr*) &sock_addr, sizeof(sock_addr)) < 0) {
- DEBUGF(("Error in bind()\n"));
- safe_close(fd);
- return INVALID_FD;
- }
- if (listen(fd, backlog) < 0) {
- DEBUGF(("Error in listen()\n"));
- safe_close(fd);
- return INVALID_FD;
- }
- /* find out assigned local port number */
- length = sizeof(sock_addr);
- if (getsockname(fd, (struct sockaddr *)&sock_addr, &length) < 0) {
- DEBUGF(("Error in getsockname()\n"));
- s