Add log_ssl() and some cleanups
This commit is contained in:
@@ -2,14 +2,15 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <stdarg.h>
|
#include <stdarg.h>
|
||||||
#include <pthread.h>
|
#include <pthread.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
#include "log_trace.h"
|
#include "log_trace.h"
|
||||||
#include "confparser.h"
|
#include "confparser.h"
|
||||||
|
|
||||||
static FILE *fderr = NULL;
|
static FILE *fderr = NULL;
|
||||||
static FILE *fdout = NULL;
|
static FILE *fdout = NULL;
|
||||||
static pthread_once_t once = PTHREAD_ONCE_INIT;
|
static pthread_once_t once = PTHREAD_ONCE_INIT;
|
||||||
static void open_logs(void)
|
|
||||||
|
|
||||||
|
static void open_logs(void)
|
||||||
{
|
{
|
||||||
if (conf.rmps.errlog)
|
if (conf.rmps.errlog)
|
||||||
fderr = fopen(conf.rmps.errlog, "a");
|
fderr = fopen(conf.rmps.errlog, "a");
|
||||||
@@ -17,6 +18,12 @@ static void open_logs(void)
|
|||||||
fdout = fopen(conf.rmps.logfile, "a");
|
fdout = fopen(conf.rmps.logfile, "a");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void log_ssl()
|
||||||
|
{
|
||||||
|
ERR_print_errors_fp(fderr);
|
||||||
|
fflush(fderr);
|
||||||
|
}
|
||||||
|
|
||||||
void log_trace(LOG_LEVEL lvl, char *fmt, ... )
|
void log_trace(LOG_LEVEL lvl, char *fmt, ... )
|
||||||
{
|
{
|
||||||
LOG_LEVEL cur_lvl = conf.rmps.loglevel - '0';
|
LOG_LEVEL cur_lvl = conf.rmps.loglevel - '0';
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ typedef enum {
|
|||||||
VERBOSE, /* Errors, warnings, events & more? */
|
VERBOSE, /* Errors, warnings, events & more? */
|
||||||
} LOG_LEVEL;
|
} LOG_LEVEL;
|
||||||
|
|
||||||
|
void log_ssl();
|
||||||
void log_trace(LOG_LEVEL lvl, char *fmt, ... );
|
void log_trace(LOG_LEVEL lvl, char *fmt, ... );
|
||||||
|
|
||||||
#endif /* LOG_TRACE_H */
|
#endif /* LOG_TRACE_H */
|
||||||
|
|||||||
17
rmps.c
17
rmps.c
@@ -6,10 +6,7 @@
|
|||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
|
||||||
/* included for openssl and sockets */
|
/* included for openssl */
|
||||||
#include <sys/socket.h>
|
|
||||||
#include <arpa/inet.h>
|
|
||||||
#include <resolv.h>
|
|
||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
|
||||||
@@ -233,21 +230,17 @@ static SSL_CTX* init_server_ctx(const char *cipherlist)
|
|||||||
void load_certificates(SSL_CTX* ctx, const char *certfile,
|
void load_certificates(SSL_CTX* ctx, const char *certfile,
|
||||||
const char *keyfile, const char *cafile)
|
const char *keyfile, const char *cafile)
|
||||||
{
|
{
|
||||||
long ssl_errnum;
|
|
||||||
char ssl_errstr[2048];
|
|
||||||
/* set the local certificate from certfile */
|
/* set the local certificate from certfile */
|
||||||
if (SSL_CTX_use_certificate_file(ctx, certfile, SSL_FILETYPE_PEM) <= 0) {
|
if (SSL_CTX_use_certificate_file(ctx, certfile, SSL_FILETYPE_PEM) <= 0) {
|
||||||
ssl_errnum = ERR_get_error();
|
log_trace(ERROR, "Failed to load certfile! SSL error below:");
|
||||||
ERR_error_string_n(ssl_errnum, ssl_errstr, sizeof(ssl_errstr));
|
log_ssl();
|
||||||
log_trace(ERROR, "Failed to load certfile! SSL error below:\n%s", ssl_errstr);
|
|
||||||
log_trace(INFO, "RMPS failed to start, shutting down...");
|
log_trace(INFO, "RMPS failed to start, shutting down...");
|
||||||
atexit(cleanup);
|
atexit(cleanup);
|
||||||
}
|
}
|
||||||
/* set the private key from KeyFile (may be the same as CertFile) */
|
/* set the private key from KeyFile (may be the same as CertFile) */
|
||||||
if (SSL_CTX_use_PrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM) <= 0) {
|
if (SSL_CTX_use_PrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM) <= 0) {
|
||||||
ssl_errnum = ERR_get_error();
|
log_trace(ERROR, "Failed to load keyfile! SSL error below:");
|
||||||
ERR_error_string_n(ssl_errnum, ssl_errstr, sizeof(ssl_errstr));
|
log_ssl();
|
||||||
log_trace(ERROR, "Failed to load keyfile! SSL error below:\n%s", ssl_errstr);
|
|
||||||
log_trace(INFO, "RMPS failed to start, shutting down...");
|
log_trace(INFO, "RMPS failed to start, shutting down...");
|
||||||
atexit(cleanup);
|
atexit(cleanup);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -50,14 +50,13 @@ static void* servlet(void *args) /* Serve the connection -- threadable */
|
|||||||
ret = SSL_accept(agent->ssl);
|
ret = SSL_accept(agent->ssl);
|
||||||
/* We check for unclean (ret < 0) and clean (ret == 0) failures */
|
/* We check for unclean (ret < 0) and clean (ret == 0) failures */
|
||||||
if (ret <= 0) {
|
if (ret <= 0) {
|
||||||
char ret_str[1024];
|
log_trace(WARNING, "SSL_accept() failed. Reason below:");
|
||||||
ERR_error_string_n(SSL_get_error(agent->ssl, ret), ret_str, sizeof(ret_str));
|
log_ssl();
|
||||||
log_trace(WARNING, "SSL_accept() failed. Reason below:\n%s", ret_str);
|
|
||||||
} else {
|
} else {
|
||||||
show_certs(agent->ssl);
|
show_certs(agent->ssl);
|
||||||
do {
|
do {
|
||||||
buf.meta.type = GET_MEMORY;
|
buf.meta.type = GET_MEMORY;
|
||||||
sleep(1);
|
//sleep(1);
|
||||||
SSL_write(agent->ssl, &buf, sizeof(buf));
|
SSL_write(agent->ssl, &buf, sizeof(buf));
|
||||||
bytes = SSL_read(agent->ssl, &buf, sizeof(buf));
|
bytes = SSL_read(agent->ssl, &buf, sizeof(buf));
|
||||||
if (bytes > 0) {
|
if (bytes > 0) {
|
||||||
@@ -76,15 +75,11 @@ static void* servlet(void *args) /* Serve the connection -- threadable */
|
|||||||
if (SSL_get_shutdown(agent->ssl) == SSL_RECEIVED_SHUTDOWN)
|
if (SSL_get_shutdown(agent->ssl) == SSL_RECEIVED_SHUTDOWN)
|
||||||
log_trace(VERBOSE, "SSL_RECEIVED_SHUTDOWN from agent [%s]", agent->ip);
|
log_trace(VERBOSE, "SSL_RECEIVED_SHUTDOWN from agent [%s]", agent->ip);
|
||||||
else {
|
else {
|
||||||
char ssl_errstr[2048];
|
log_trace(VERBOSE, "Client didn't send data! SSL error below:");
|
||||||
long ssl_errnum = ERR_get_error();
|
log_ssl();
|
||||||
ERR_error_string_n(ssl_errnum, ssl_errstr, sizeof(ssl_errstr));
|
|
||||||
ERR_print_errors_fp(stderr);
|
|
||||||
log_trace( VERBOSE,
|
|
||||||
"Client didn't send data! SSL error below:\n%s",
|
|
||||||
ssl_errstr);
|
|
||||||
sprintf(reply, "%s", "Where's the data, m8?");
|
sprintf(reply, "%s", "Where's the data, m8?");
|
||||||
SSL_write(agent->ssl, reply, strlen(reply));
|
/* TODO: We crash here if we Ctrl + C the client, check why */
|
||||||
|
//SSL_write(agent->ssl, reply, strlen(reply));
|
||||||
}
|
}
|
||||||
log_trace(INFO, "Agent [%s] disconnected.", agent->ip);
|
log_trace(INFO, "Agent [%s] disconnected.", agent->ip);
|
||||||
} while (bytes);
|
} while (bytes);
|
||||||
@@ -123,7 +118,7 @@ void ssl_pt_mutex(int srv, SSL_CTX *ctx, int poolsize)
|
|||||||
socklen_t len = sizeof(addr);
|
socklen_t len = sizeof(addr);
|
||||||
SSL *ssl;
|
SSL *ssl;
|
||||||
int agent = accept(srv, (struct sockaddr*)&addr, &len);
|
int agent = accept(srv, (struct sockaddr*)&addr, &len);
|
||||||
log_trace( VERBOSE,
|
log_trace( INFO,
|
||||||
"Connection: %s:%d",
|
"Connection: %s:%d",
|
||||||
inet_ntop(AF_INET, &addr.sin_addr, address, sizeof(address)),
|
inet_ntop(AF_INET, &addr.sin_addr, address, sizeof(address)),
|
||||||
ntohs(addr.sin_port)
|
ntohs(addr.sin_port)
|
||||||
|
|||||||
Reference in New Issue
Block a user