diff --git a/src/Makefile b/src/Makefile index 2f63618..0428b33 100644 --- a/src/Makefile +++ b/src/Makefile @@ -32,7 +32,7 @@ appclient.o: appclient.c appinterface.h appinterface.o: appinterface.c $(CC) $(libSystem_CFLAGS) -c appinterface.c -appserver.o: appserver.c appinterface.h +appserver.o: appserver.c appinterface.h ../config.h $(CC) $(libSystem_CFLAGS) -c appserver.c array.o: array.c diff --git a/src/appclient.c b/src/appclient.c index 43e0a43..c56a041 100644 --- a/src/appclient.c +++ b/src/appclient.c @@ -26,7 +26,9 @@ #include #include #include -#include +#ifdef WITH_SSL +# include +#endif #include "System.h" #include "appinterface.h" @@ -48,8 +50,10 @@ struct _AppClient char const * lastfunc; void ** lastargs; int32_t * lastret; +#ifdef WITH_SSL SSL_CTX * ssl_ctx; SSL * ssl; +#endif }; @@ -66,20 +70,22 @@ static int _appclient_timeout(AppClient * appclient) } +/* appclient_read */ +#ifdef WITH_SSL +# define READ(fd, ac, len) SSL_read(ac->ssl, &ac->buf_read[ac->buf_read_cnt], \ + len) +#else +# define READ(fd, ac, len) read(fd, &ac->buf_read[ac->buf_read_cnt], len) +#endif +static int _read_error(); + static int _appclient_read(int fd, AppClient * ac) { ssize_t len; if((len = (sizeof(ac->buf_read) - ac->buf_read_cnt)) < 0 - || (len = SSL_read(ac->ssl, - &ac->buf_read[ac->buf_read_cnt], - len)) <= 0) - { - /* FIXME */ - SSL_shutdown(ac->ssl); - close(fd); - return 1; - } + || (len = READ(fd, ac, len)) <= 0) + return _read_error(fd, ac); ac->buf_read_cnt += len; #ifdef DEBUG fprintf(stderr, "%s%d%s%zd%s", "appclient_read(", fd, ") ", len, @@ -89,13 +95,8 @@ static int _appclient_read(int fd, AppClient * ac) ac->buf_read, ac->buf_read_cnt, ac->lastfunc, ac->lastargs); if(len < 0 || len > ac->buf_read_cnt) - { - /* FIXME report error */ - SSL_shutdown(ac->ssl); - close(fd); - return 1; - } - if(len == 0) /* EAGAIN */ + return _read_error(fd, ac); + if(len == 0) /* try again */ return 0; ac->buf_read_cnt -= len; event_unregister_timeout(ac->event, @@ -103,7 +104,23 @@ static int _appclient_read(int fd, AppClient * ac) return 1; } +static int _read_error(int fd, AppClient * ac) +{ + /* FIXME catch error */ +#ifdef WITH_SSL + SSL_shutdown(ac->ssl); +#endif + close(fd); + return 1; +} + +/* appclient_write */ +#ifdef WITH_SSL +# define WRITE(fd, ac, len) SSL_write(ac->ssl, ac->buf_write, len) +#else +# define WRITE(fd, ac, len) write(fd, ac->buf_write, len) +#endif static int _appclient_write(int fd, AppClient * ac) { ssize_t len; @@ -113,16 +130,18 @@ static int _appclient_write(int fd, AppClient * ac) fprintf(stderr, "%s%d%s%zd%s", "appclient_write(", fd, ") ", len, " bytes\n"); #endif - if((len = SSL_write(ac->ssl, ac->buf_write, len)) <= 0) + if((len = WRITE(fd, ac, len)) <= 0) { +#ifdef WITH_SSL SSL_shutdown(ac->ssl); +#endif return 1; } memmove(ac->buf_write, &ac->buf_write[len], len); ac->buf_write_cnt-=len; if(ac->buf_write_cnt > 0) - return 0; - event_register_io_read(ac->event, fd, + return 0; /* there is more to write */ + event_register_io_read(ac->event, fd, /* read the answer */ (EventIOFunc)_appclient_read, ac); return 1; } @@ -167,11 +186,15 @@ AppClient * appclient_new_event(char * app, Event * event) appclient->event = event; appclient->buf_read_cnt = 0; appclient->buf_write_cnt = 0; +#ifdef WITH_SSL appclient->ssl = NULL; if((appclient->ssl_ctx = SSL_CTX_new(SSLv3_client_method())) == NULL || SSL_CTX_set_cipher_list(appclient->ssl_ctx, SSL_DEFAULT_CIPHER_LIST) != 1 || _new_connect(appclient, app) != 0) +#else + if(_new_connect(appclient, app) != 0) +#endif { appclient_delete(appclient); return NULL; @@ -192,19 +215,26 @@ static int _new_connect(AppClient * appclient, char * app) if(_connect_addr("Session", &sa.sin_addr.s_addr) != 0) return 1; if(connect(appclient->fd, (struct sockaddr *)&sa, sizeof(sa)) != 0 +#ifdef WITH_SSL || (appclient->ssl = SSL_new(appclient->ssl_ctx)) == NULL - || SSL_set_fd(appclient->ssl, appclient->fd) != 1) + || SSL_set_fd(appclient->ssl, appclient->fd) != 1 +#endif + ) return 1; +#ifdef WITH_SSL SSL_set_connect_state(appclient->ssl); +#endif if(appclient_call(appclient, &port, "port", app) != 0 || port < 0) return 1; if(port == 0) return 0; +#ifdef WITH_SSL SSL_shutdown(appclient->ssl); SSL_free(appclient->ssl); appclient->ssl = NULL; +#endif close(appclient->fd); appclient->fd = -1; #ifdef DEBUG @@ -219,11 +249,16 @@ static int _new_connect(AppClient * appclient, char * app) return 1; sa.sin_port = htons(port); if(connect(appclient->fd, (struct sockaddr *)&sa, sizeof(sa)) != 0 +#ifdef WITH_SSL || (appclient->ssl = SSL_new(appclient->ssl_ctx)) == NULL - || SSL_set_fd(appclient->ssl, appclient->fd) != 1) + || SSL_set_fd(appclient->ssl, appclient->fd) != 1 +#endif + ) return 1; +#ifdef WITH_SSL SSL_set_connect_state(appclient->ssl); +#endif return 0; } @@ -258,10 +293,12 @@ void appclient_delete(AppClient * appclient) appinterface_delete(appclient->interface); if(appclient->fd != -1) close(appclient->fd); +#ifdef WITH_SSL if(appclient->ssl != NULL) SSL_free(appclient->ssl); if(appclient->ssl_ctx != NULL) SSL_CTX_free(appclient->ssl_ctx); +#endif free(appclient); } diff --git a/src/appinterface.c b/src/appinterface.c index 59139c7..c7b94e2 100644 --- a/src/appinterface.c +++ b/src/appinterface.c @@ -24,7 +24,9 @@ #include #include #include -#include +#ifdef WITH_SSL +# include +#endif #include "System.h" #include "appinterface.h" @@ -115,7 +117,9 @@ static int _new_vfs(AppInterface * appinterface); AppInterface * appinterface_new(char const * app) { +#ifdef WITH_SSL static int ssl_init = 0; +#endif AppInterface * appinterface; /* FIXME read this from available Servers configuration, or imagine a * solution to negociate it directly */ @@ -132,12 +136,14 @@ AppInterface * appinterface_new(char const * app) }; size_t i; +#ifdef WITH_SSL if(ssl_init == 0) { SSL_library_init(); SSL_load_error_strings(); ssl_init = 1; } +#endif #ifdef DEBUG fprintf(stderr, "%s%s%s", "appinterface_new(", app, ");\n"); #endif diff --git a/src/appserver.c b/src/appserver.c index 9738f49..8f85d98 100644 --- a/src/appserver.c +++ b/src/appserver.c @@ -25,10 +25,12 @@ #endif #include #include -#include +#ifdef WITH_SSL +# include +#endif + #include "System.h" #include "appinterface.h" - #include "../config.h" @@ -52,7 +54,9 @@ typedef struct _AppServerClient size_t buf_read_cnt; char buf_write[ASC_BUFSIZE]; size_t buf_write_cnt; +#ifdef WITH_SSL SSL * ssl; +#endif } AppServerClient; @@ -61,7 +65,11 @@ typedef struct _AppServerClient static void _appserverclient_delete(AppServerClient * appserverclient); static AppServerClient * _appserverclient_new(int fd, uint32_t addr, - uint16_t port, SSL_CTX * ssl_ctx) + uint16_t port +#ifdef WITH_SSL + , SSL_CTX * ssl_ctx +#endif + ) { AppServerClient * asc; @@ -73,6 +81,7 @@ static AppServerClient * _appserverclient_new(int fd, uint32_t addr, asc->port = port; asc->buf_read_cnt = 0; asc->buf_write_cnt = 0; +#ifdef WITH_SSL if((asc->ssl = SSL_new(ssl_ctx)) == NULL || SSL_set_fd(asc->ssl, fd) != 1) { @@ -80,6 +89,7 @@ static AppServerClient * _appserverclient_new(int fd, uint32_t addr, return NULL; } SSL_set_accept_state(asc->ssl); +#endif asc->fd = fd; return asc; } @@ -89,8 +99,10 @@ static AppServerClient * _appserverclient_new(int fd, uint32_t addr, static void _appserverclient_delete(AppServerClient * appserverclient) { /* FIXME find a way to properly report error */ +#ifdef WITH_SSL if(appserverclient->ssl != NULL) SSL_free(appserverclient->ssl); +#endif if(appserverclient->fd != -1) close(appserverclient->fd); free(appserverclient); @@ -106,7 +118,9 @@ struct _AppServer AppInterface * interface; Event * event; int event_free; +#ifdef WITH_SSL SSL_CTX * ssl_ctx; +#endif AppServerClientArray * clients; }; @@ -116,7 +130,7 @@ static int _appserver_accept(int fd, AppServer * appserver); static int _appserver_read(int fd, AppServer * appserver); static int _appserver_write(int fd, AppServer * appserver); -/* _appserver_accept */ +/* appserver_accept */ static int _appserver_accept(int fd, AppServer * appserver) { struct sockaddr_in sa; @@ -130,8 +144,11 @@ static int _appserver_accept(int fd, AppServer * appserver) #endif if((newfd = accept(fd, (struct sockaddr *)&sa, &sa_size)) == -1) return 1; - if((asc = _appserverclient_new(newfd, sa.sin_addr.s_addr, sa.sin_port, - appserver->ssl_ctx)) == NULL) + if((asc = _appserverclient_new(newfd, sa.sin_addr.s_addr, sa.sin_port +#ifdef WITH_SSL + , appserver->ssl_ctx +#endif + )) == NULL) { /* FIXME report error */ close(newfd); @@ -144,8 +161,15 @@ static int _appserver_accept(int fd, AppServer * appserver) } -/* _appserver_read */ +/* appserver_read */ +#ifdef WITH_SSL +# define READ(fd, asc, len) SSL_read(asc->ssl, \ + &asc->buf_read[asc->buf_read_cnt], len) +#else +# define READ(fd, asc, len) read(fd, &asc->buf_read[asc->buf_read_cnt], len) +#endif static int _read_process(AppServer * appserver, AppServerClient * asc); + static int _appserver_read(int fd, AppServer * appserver) { AppServerClient * asc = NULL; @@ -163,11 +187,11 @@ static int _appserver_read(int fd, AppServer * appserver) if(asc == NULL) return 1; if((len = sizeof(asc->buf_read) - asc->buf_read_cnt) <= 0 - || (len = SSL_read(asc->ssl, - &asc->buf_read[asc->buf_read_cnt], - len)) <= 0) + || (len = READ(fd, asc, len)) <= 0) { +#ifdef WITH_SSL SSL_shutdown(asc->ssl); +#endif /* FIXME do all this in appserverclient_delete() or something * like appserver_remove_client() */ if(asc->buf_write_cnt > 0) @@ -199,6 +223,7 @@ static int _read_process(AppServer * appserver, AppServerClient * asc) } static int _appserver_receive(AppServer * appserver, AppServerClient * asc); + static int _read_logged(AppServer * appserver, AppServerClient * asc) { if(_appserver_receive(appserver, asc) != 0) @@ -234,7 +259,13 @@ static int _appserver_receive(AppServer * appserver, AppServerClient * asc) } -/* _appserver_write */ +/* appserver_write */ +#ifdef WITH_SSL +# define WRITE(fd, asc) SSL_write(asc->ssl, asc->buf_write, asc->buf_write_cnt) +#else +# define WRITE(fd, asc) write(fd, asc->buf_write, asc->buf_write_cnt) +#endif + static int _appserver_write(int fd, AppServer * appserver) { AppServerClient * asc; @@ -255,9 +286,7 @@ static int _appserver_write(int fd, AppServer * appserver) #ifdef DEBUG fprintf(stderr, "sending result: %zu long\n", asc->buf_write_cnt); #endif - if(asc->buf_write_cnt == 0 - || (len = SSL_write(asc->ssl, asc->buf_write, - asc->buf_write_cnt)) <= 0) + if(asc->buf_write_cnt == 0 || (len = WRITE(fd, asc)) <= 0) return 1; /* FIXME what here?!? */ memmove(asc->buf_write, &asc->buf_write[len], len); asc->buf_write_cnt-=len; @@ -295,21 +324,26 @@ static int _new_server(AppServer * appserver, int options); AppServer * appserver_new_event(char const * app, int options, Event * event) { AppServer * appserver; +#ifdef WITH_SSL char crt[256]; if(snprintf(crt, sizeof(crt), "%s%s%s", PREFIX "/etc/AppServer/", app, ".crt") >= sizeof(crt)) return NULL; +#endif if((appserver = malloc(sizeof(AppServer))) == NULL) return NULL; appserver->interface = NULL; appserver->event = event; appserver->event_free = 0; +#ifdef WITH_SSL appserver->ssl_ctx = NULL; +#endif if((appserver->clients = AppServerClientarray_new()) == NULL || (appserver->interface = appinterface_new_server(app)) == NULL || _new_server(appserver, options) != 0 +#ifdef WITH_SSL || (appserver->ssl_ctx = SSL_CTX_new( SSLv3_server_method())) == NULL || SSL_CTX_set_cipher_list(appserver->ssl_ctx, @@ -317,7 +351,9 @@ AppServer * appserver_new_event(char const * app, int options, Event * event) || SSL_CTX_use_certificate_file(appserver->ssl_ctx, crt, SSL_FILETYPE_PEM) == 0 || SSL_CTX_use_PrivateKey_file(appserver->ssl_ctx, crt, - SSL_FILETYPE_PEM) == 0) + SSL_FILETYPE_PEM) == 0 +#endif + ) { appserver_delete(appserver); return NULL; @@ -356,8 +392,10 @@ void appserver_delete(AppServer * appserver) if(appserver->event_free) event_delete(appserver->event); array_delete(appserver->clients); +#ifdef WITH_SSL if(appserver->ssl_ctx != NULL) SSL_CTX_free(appserver->ssl_ctx); +#endif free(appserver); } diff --git a/src/project.conf b/src/project.conf index 36cb723..5093122 100644 --- a/src/project.conf +++ b/src/project.conf @@ -12,4 +12,4 @@ sources=appclient.c,appinterface.c,appserver.c,array.c,buffer.c,config.c,event.c depends=appinterface.h [appserver.c] -depends=appinterface.h +depends=appinterface.h,../config.h