X-Git-Url: http://git.cascardo.eti.br/?a=blobdiff_plain;f=popproxy.c;h=e2a58a3083bf7de43ad698c119fde904eef9f6fa;hb=6bdbe19b3392de5d9be1ba7d3a9f0e79a1260c5d;hp=f5f88bdaa06016d2daa657efca38d1ef14e60e52;hpb=09b4a881253d4703312045b8dc61900725cac3ec;p=cascardo%2Frnetproxy.git

diff --git a/popproxy.c b/popproxy.c
index f5f88bd..e2a58a3 100644
--- a/popproxy.c
+++ b/popproxy.c
@@ -25,6 +25,7 @@
 #include <gnutls/gnutls.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
+#include <signal.h>
 #include "log.h"
 #include "pop.h"
 
@@ -32,6 +33,8 @@
 #include "hcconn_ssl.h"
 #include "tcp_connect.h"
 
+#include "usermap.h"
+
 #define CONFFILE SYSCONFDIR "/popproxy.conf"
 
 struct pop_address
@@ -99,7 +102,7 @@ client_conn_new (int fd)
       return NULL;
     }
   pop_conn = hc_conn_new (NULL, NULL);
-  r = hc_conn_set_driver_pop (pop_conn, conn);
+  r = hc_conn_set_driver_pop (pop_conn, ssl_conn);
   if (r != 0)
     {
       hc_conn_close (pop_conn);
@@ -127,11 +130,34 @@ push_other (HCConn *conn, HCEvent event, gpointer data)
     }
 }
 
+static void
+ssl_connected (HCConn *client_conn, HCEvent event, gpointer data)
+{
+  struct pop_address *address = data;
+  HCConn *server_conn;
+  if (event != HC_EVENT_CONNECT)
+    {
+      g_debug ("Did not get connect event when trying to handshake:"
+               " got %d", event);
+      hc_conn_close (client_conn);
+      return;
+    }
+  server_conn = server_conn_new (address->server, address->port,
+                                 address->ssl);
+  if (server_conn == NULL)
+    {
+      g_debug ("Failure to create connection to server.");
+      hc_conn_close (client_conn);
+      return;
+    }
+  hc_conn_set_callback (client_conn, push_other, server_conn);
+  hc_conn_set_callback (server_conn, push_other, client_conn);
+}
+
 static void
 new_client (int fd, struct sockaddr *addr, socklen_t saddr, gpointer data)
 {
   HCConn *client_conn;
-  HCConn *server_conn;
   struct pop_address *address = data;
   if (fd < 0)
     {
@@ -143,21 +169,13 @@ new_client (int fd, struct sockaddr *addr, socklen_t saddr, gpointer data)
   g_message ("Received connection from %s.",
              inet_ntoa (((struct sockaddr_in *) addr)->sin_addr));
 
-  server_conn = server_conn_new (address->server, address->port,
-                                 address->ssl);
-  if (server_conn == NULL)
-    {
-      return;
-    }
   client_conn = client_conn_new (fd);
   if (client_conn == NULL)
     {
-      hc_conn_close (server_conn);
       return;
     }
 
-  hc_conn_set_callback (client_conn, push_other, server_conn);
-  hc_conn_set_callback (server_conn, push_other, client_conn);
+  hc_conn_set_callback (client_conn, ssl_connected, address);
 
 }
 
@@ -187,8 +205,11 @@ int main (int argc, char **argv)
   int server_ssl;
   gchar *certfile;
   gchar *ssl_keyfile;
+  gchar *policy;
   struct pop_address pop_address;
 
+  signal (SIGPIPE, SIG_IGN);
+
   gnutls_global_init ();
 
   configfile = CONFFILE;
@@ -277,6 +298,19 @@ int main (int argc, char **argv)
       g_error_free (error);
     }
 
+  error = NULL;
+  policy = g_key_file_get_string (keyfile, "global", "policy",
+                                  &error);
+  if (policy == NULL && error != NULL)
+    {
+      policy = g_strdup ("deny");
+      g_error_free (error);
+    }
+
+  if (!strcmp (policy, "allow"))
+    ACCESS_DEFAULT = ACCESS_ALLOW;
+  g_free (policy);
+
 
   pop_address.server = server_address;
   pop_address.port = server_port;
@@ -293,6 +327,8 @@ int main (int argc, char **argv)
   pop_log_init ();
 
   g_message ("Listening at %s:%s.", conf_address, port);
+  if (ACCESS_DEFAULT == ACCESS_ALLOW)
+    g_message ("Authorizing users by default.");
 
   if (!foreground)
     daemon (0, 0);