2 ** Copyright (C) 2006 Thadeu Lima de Souza Cascardo <cascardo@minaslivre.org>
3 ** Copyright (C) 2009 Thadeu Lima de Souza Cascardo <cascardo@minaslivre.org>
5 ** This program is free software; you can redistribute it and/or modify
6 ** it under the terms of the GNU General Public License as published by
7 ** the Free Software Foundation; either version 2 of the License, or
8 ** (at your option) any later version.
10 ** This program is distributed in the hope that it will be useful,
11 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
12 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 ** GNU General Public License for more details.
15 ** You should have received a copy of the GNU General Public License
16 ** along with this program; if not, write to the Free Software
17 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
25 #include <gnutls/gnutls.h>
26 #include <netinet/in.h>
27 #include <arpa/inet.h>
32 #include "hcconn_ssl.h"
33 #include "tcp_connect.h"
37 #define CONFFILE SYSCONFDIR "/rnetproxy.conf"
48 server_conn_new (char *server, char *port, int ssl)
54 fd = hc_tcp_connect (server, port);
57 g_warning ("Could not connect to server at %s:%s.", server, port);
60 conn = hc_conn_new (NULL, NULL);
61 r = hc_conn_set_driver_channel (conn, fd);
70 ssl_conn = hc_conn_new (NULL, NULL);
71 r = hc_conn_set_driver_ssl_client (ssl_conn, conn);
74 hc_conn_close (ssl_conn);
82 client_conn_new (int fd, struct rnet_address *address)
88 conn = hc_conn_new (NULL, NULL);
89 r = hc_conn_set_driver_channel (conn, fd);
97 ssl_conn = hc_conn_new (NULL, NULL);
98 hc_conn_set_driver_ssl_server (ssl_conn, conn);
99 if (address && address->priority)
100 hc_conn_ssl_server_set_priority (ssl_conn, address->priority);
104 hc_conn_close (ssl_conn);
105 hc_conn_close (conn);
108 rnet_conn = hc_conn_new (NULL, NULL);
109 r = hc_conn_set_driver_rnet (rnet_conn, ssl_conn);
112 hc_conn_close (rnet_conn);
113 hc_conn_close (ssl_conn);
120 push_other (HCConn *conn, HCEvent event, gpointer data)
127 while ((r = hc_conn_read (conn, buffer, sizeof (buffer))) > 0)
128 hc_conn_write (data, buffer, r);
131 hc_conn_close (conn);
132 hc_conn_close (data);
138 ssl_connected (HCConn *client_conn, HCEvent event, gpointer data)
140 struct rnet_address *address = data;
142 if (event != HC_EVENT_CONNECT)
144 g_debug ("Did not get connect event when trying to handshake:"
146 hc_conn_close (client_conn);
149 server_conn = server_conn_new (address->server, address->port,
151 if (server_conn == NULL)
153 g_debug ("Failure to create connection to server.");
154 hc_conn_close (client_conn);
157 hc_conn_set_callback (client_conn, push_other, server_conn);
158 hc_conn_set_callback (server_conn, push_other, client_conn);
162 new_client (int fd, struct sockaddr *addr, socklen_t saddr, gpointer data)
165 struct rnet_address *address = data;
168 g_critical ("Server has received an error event.");
172 /* FIXME: Should be independent of address type. */
173 g_message ("Received connection from %s.",
174 inet_ntoa (((struct sockaddr_in *) addr)->sin_addr));
176 client_conn = client_conn_new (fd, address);
177 if (client_conn == NULL)
182 hc_conn_set_callback (client_conn, ssl_connected, address);
186 static gchar *configfile;
187 static gboolean foreground;
189 static GOptionEntry opt_entries[] =
191 { "config-file", 'c', 0, G_OPTION_ARG_FILENAME, &configfile,
192 "Configuration file location", "file" },
193 { "foreground", 'f', 0, G_OPTION_ARG_NONE, &foreground,
194 "Run in foreground", 0 },
198 int main (int argc, char **argv)
201 GOptionContext *opt_ctx;
207 gchar *server_address;
210 gchar *server_priority;
214 struct rnet_address rnet_address;
216 signal (SIGPIPE, SIG_IGN);
218 gnutls_global_init ();
220 configfile = CONFFILE;
221 opt_ctx = g_option_context_new ("");
222 g_option_context_add_main_entries (opt_ctx, opt_entries, NULL);
225 if (!g_option_context_parse (opt_ctx, &argc, &argv, &error))
227 g_critical ("Could not parse command line options: %s.",
229 g_error_free (error);
232 g_option_context_free (opt_ctx);
234 keyfile = g_key_file_new ();
237 if (g_key_file_load_from_file (keyfile, configfile,
238 G_KEY_FILE_NONE, &error) == FALSE)
240 g_critical ("Could not load configuration file %s: %s.",
241 configfile, error->message);
242 g_error_free (error);
247 certfile = g_key_file_get_string (keyfile, "global", "certfile",
249 if (certfile == NULL && error != NULL)
251 g_critical ("No certification file specified: %s.",
253 g_error_free (error);
257 ssl_keyfile = g_key_file_get_string (keyfile, "global", "keyfile",
259 if (ssl_keyfile == NULL && error != NULL)
261 ssl_keyfile = g_strdup (certfile);
262 g_error_free (error);
267 conf_address = g_key_file_get_string (keyfile, "global", "address",
269 if (conf_address == NULL && error != NULL)
271 conf_address = g_strdup ("0.0.0.0");
272 g_error_free (error);
275 port = g_key_file_get_string (keyfile, "global", "port", &error);
276 if (port == NULL && error != NULL)
278 port = g_strdup ("110");
279 g_error_free (error);
282 server_address = g_key_file_get_string (keyfile, "global", "server",
284 if (server_address == NULL && error != NULL)
286 server_address = g_strdup ("127.0.0.1");
287 g_error_free (error);
290 server_port = g_key_file_get_string (keyfile, "global", "server_port",
292 if (server_port == NULL && error != NULL)
294 server_port = g_strdup ("995");
295 g_error_free (error);
298 server_ssl = g_key_file_get_boolean (keyfile, "global", "server_ssl",
300 if (server_ssl == 0 && error != NULL)
303 g_error_free (error);
306 server_priority = g_key_file_get_string (keyfile, "global", "priority",
308 if (server_priority == NULL && error != NULL)
310 server_priority = g_strdup ("NORMAL");
311 g_error_free (error);
315 policy = g_key_file_get_string (keyfile, "global", "policy",
317 if (policy == NULL && error != NULL)
319 policy = g_strdup ("deny");
320 g_error_free (error);
323 if (!strcmp (policy, "allow"))
324 ACCESS_DEFAULT = ACCESS_ALLOW;
328 rnet_address.server = server_address;
329 rnet_address.port = server_port;
330 rnet_address.ssl = server_ssl;
331 rnet_address.priority = server_priority;
333 server_fd = hc_tcp_server (port);
336 g_critical ("Could not create server.");
339 hc_server_add_watch (server_fd, new_client, &rnet_address);
343 g_message ("Listening at %s:%s.", conf_address, port);
344 if (ACCESS_DEFAULT == ACCESS_ALLOW)
345 g_message ("Authorizing users by default.");
350 g_free (conf_address);
353 hc_conn_ssl_server_init_credentials (certfile, ssl_keyfile);
356 g_free (ssl_keyfile);
358 g_main_loop_run (g_main_loop_new (g_main_context_default (), TRUE));
360 gnutls_global_deinit ();
362 g_free (server_address);
363 g_free (server_port);