Thadeu Lima de Souza Cascardo [Thu, 2 May 2013 21:22:08 +0000 (18:22 -0300)]
Nenhum suporte a pop em nosso proxy.
Thadeu Lima de Souza Cascardo [Thu, 2 May 2013 21:19:42 +0000 (18:19 -0300)]
Remove gdbm do autoconf.
Nossos demos nao utilizam nenhuma base de dados.
Thadeu Lima de Souza Cascardo [Thu, 14 Apr 2011 02:47:07 +0000 (23:47 -0300)]
Proxy para ReceitaNET.
Algumas mudanças de nome no software para se alinhar mais ao seu novo
propósito, de ser um proxy para realizar a engenharia reversa do
protocolo do ReceitaNET.
Thadeu Lima de Souza Cascardo [Mon, 25 Oct 2010 21:39:28 +0000 (19:39 -0200)]
Increment version.
Thadeu Lima de Souza Cascardo [Mon, 25 Oct 2010 21:38:10 +0000 (19:38 -0200)]
Accept GNUTLS priority in configuration file.
This will allow sysadmins that require bad clients to connect using
priority "NORMAL:%COMPAT", for example. This was seem to be required by
Nokia phones, for example.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 20:43:22 +0000 (17:43 -0300)]
Increment version.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 20:42:36 +0000 (17:42 -0300)]
Use init functions from CentOS 5, instead of those from OpenSuSE.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 20:41:05 +0000 (17:41 -0300)]
Always wait for the SSL handshake before connecting to server.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 18:44:10 +0000 (15:44 -0300)]
Use version macro in source file name.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 18:38:22 +0000 (15:38 -0300)]
Increment version.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 18:37:43 +0000 (15:37 -0300)]
Only connect to server when SSL handshake is completed.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 18:37:16 +0000 (15:37 -0300)]
Push connect event when finishing SSL handshake successfully.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 18:36:37 +0000 (15:36 -0300)]
Push other events as well in pop connection handler.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 21:13:09 +0000 (18:13 -0300)]
We need glib2, not glib1.2 from the system.
GLib >= 2.0 in RPM systems is called glib2, not glib, which is the old
GLib 1.2. So we should build require at glib2-devel instead of
glib-devel.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 20:09:10 +0000 (17:09 -0300)]
Initial support for RPM packages.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 21:20:48 +0000 (18:20 -0300)]
Support very old GNUTLS versions.
In very old GNUTLS versions, we had to write any errors to errno,
instead of using GNUTLS functions to set a session specific error.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 21:08:44 +0000 (18:08 -0300)]
Although less safe, this GNUTLS call is present in older versions.
Use set_global_errno instead of set_errno, since the former is present
in older versions and we need to make it work for older systems.
However, this should only be used if a not recent enough version of
GNUTLS is found. We should work with autoconf to make that work for us.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 21:06:57 +0000 (18:06 -0300)]
Use equivalent but more common GNUTLS call.
Although set_default_priority is less flexible than priority_set_direct,
we were using the exact default priority as parameters. And
priority_set_direct is only present in more recent GNUTLS releases. So,
this is better for a release that is expected to work in some older
systems.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:39:08 +0000 (14:39 -0300)]
Report a SSL handshaking error as a CLOSE event.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:38:43 +0000 (14:38 -0300)]
If receive returns an error report it using CLOSE event.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:37:47 +0000 (14:37 -0300)]
Handle ERROR event as a CLOSE one and use masks not case to test events.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:35:44 +0000 (14:35 -0300)]
Block/ignore SIGPIPE.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:34:43 +0000 (14:34 -0300)]
FIX: use ssl connection as lower layer for pop connection, not channel
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 21:05:14 +0000 (18:05 -0300)]
Library linking flag should be in LIBS variable.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 20:54:58 +0000 (17:54 -0300)]
Allow sysadmin to set the default policy.
Instead of assuming the empty allow database as a default allow policy,
let the sysadmin pick up the default policy in the configuration file.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 20:54:36 +0000 (17:54 -0300)]
Do not use quotes for filenames.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 20:42:37 +0000 (17:42 -0300)]
User GDBM instead of QDBM.
This will make it easier to support CentOS 5 without extra requirements.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 18:39:47 +0000 (15:39 -0300)]
Added option server_ssl to indicate whether server is SSL enabled.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 18:12:10 +0000 (15:12 -0300)]
Added support for configuring certificate and key files.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 18:06:01 +0000 (15:06 -0300)]
Change anonymous SSL credentials to X.509 credentials.
We load files from the current directory, but must use files from the
configuration file.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:42:32 +0000 (14:42 -0300)]
Added separate header for SSL connection support.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:39:47 +0000 (14:39 -0300)]
Changed header protection macro name.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:38:24 +0000 (14:38 -0300)]
Added support for server-side SSL with anonymous credentials.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:25:18 +0000 (14:25 -0300)]
Add function to create client connection channel.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:09:28 +0000 (14:09 -0300)]
Added comment to fix address printing later.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:08:47 +0000 (14:08 -0300)]
Allow set_driver to fail and handle this case.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:01:03 +0000 (14:01 -0300)]
Split code so we can reuse it without copying it.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 16:53:19 +0000 (13:53 -0300)]
Rename functions so we can distinguish client and server SSL support.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 15:49:37 +0000 (12:49 -0300)]
Split SSL data initialization into GNUTLS session and others.
This will allow us to use another session initialization function later
and have server-side SSL support.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 01:36:50 +0000 (22:36 -0300)]
Remove no more needed files: nethook and null hook.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:14:21 +0000 (18:14 -0300)]
Use POP connection layer, reintroducing POP access control.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:14:01 +0000 (18:14 -0300)]
No nethook available anymore.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:13:26 +0000 (18:13 -0300)]
Check if connection to server is successfull.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:11:46 +0000 (18:11 -0300)]
Rewrite POP nethook as a connection layer.
It seemed the most simple thing to do so we could drop the nethook
interface entirely.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 18:35:34 +0000 (15:35 -0300)]
Remove dependency on nethook and null hook.
With SSL as a connection layer, it's very simple to implement a
reverse pass-through proxy simply plugging the two connections.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 19:58:27 +0000 (16:58 -0300)]
Close the other end of the connection too.
When the proxy is the one to close the connection, it should close both
ends, since there will be no event indicating one of the ends was
closed.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:28:32 +0000 (14:28 -0300)]
Handle close event in SSL layer watch.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:26:47 +0000 (14:26 -0300)]
Check for driver methods before calling them and reset them on close.
This may avoid some hickups when methods are improperly called.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:25:21 +0000 (14:25 -0300)]
Use close instead of shutdown.
The difference is that close will push the remaining data to be sent
before closing the connection.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:24:26 +0000 (14:24 -0300)]
Handle other socket events and push them forward.
Handle HUP event and the case where the other end has closed the
connection and read returns 0.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:45:24 +0000 (02:45 -0300)]
Only start logging after successfully starting server.
User GLib log messages instead of printing to stderr, but only set log
handler to syslog after successfully start waiting for connections.
Then, the user will get proper error messages at the console if proxy
cannot be started.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:27:16 +0000 (02:27 -0300)]
Add option to make program run in foreground.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:14:52 +0000 (02:14 -0300)]
Added some comments and reminders in connection system.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:09:34 +0000 (02:09 -0300)]
Update documentation to popproxy, instead of improxy.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:59:54 +0000 (01:59 -0300)]
Implement server port support and update copyright year and style.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:53:21 +0000 (01:53 -0300)]
Remove the ssl hook files, since we don't need them any more.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:51:22 +0000 (01:51 -0300)]
Use the null hook instead of the ssl hook.
This will allow us to remove the ssl hook entirely, since it's repeating
code from the ssl connection driver and complicates things more than
necessary.
We lose server port configuration now, but it should be plain easy to
get it back.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:49:54 +0000 (01:49 -0300)]
Make null hook use SSL connection driver and pop3s port by default.
This null hook should get parameters for both the port and SSL support.
Using URIs would be the best way to do it.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:45:46 +0000 (01:45 -0300)]
Export ssl connection driver in header and reorganize Makefile.am.
This includes hcconn_ssl.c effectively into the building system and
headers, allowing it to be used by other modules.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 22:07:09 +0000 (19:07 -0300)]
Added SSL client layer.
This layer should be easily migrated into a server layer too. It should
make things easier when communicating with SSL peers, since it's pretty
transparent to the peer proxy connection.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 01:40:05 +0000 (22:40 -0300)]
Fix memory leak: destroy channel layer when closing.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 23:47:16 +0000 (20:47 -0300)]
Separate iochannel implementation from HCConn interface.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 23:06:49 +0000 (20:06 -0300)]
Split copyright years in different lines.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 23:05:23 +0000 (20:05 -0300)]
Remove watch before closing connection.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 20:13:46 +0000 (17:13 -0300)]
Allow server to reuse bound address.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 20:04:26 +0000 (17:04 -0300)]
Split internal details of HCConn into header to allow other layers.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:56:19 +0000 (15:56 -0300)]
Remove unneeded server name information in ssl status.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:45:22 +0000 (15:45 -0300)]
Rename iochannel to hcconn.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:40:41 +0000 (15:40 -0300)]
BUG: write call was replaced by a read call
Instead of writing, we were reading from the socket. Fix it.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:36:24 +0000 (15:36 -0300)]
Only set socket as non blocking after sending connection notice.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:35:49 +0000 (15:35 -0300)]
Do not consider handshaking done if some error was returned.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:00:07 +0000 (15:00 -0300)]
Remove the write hook.
We never needed this and we shall never need it. As long as connection
system is able to buffer writes, we are OK.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 17:59:08 +0000 (14:59 -0300)]
Dispatch connect event.
The connect event is needed to do TLS handshaking. This is not the best
implementation, since we don't do async connections right now.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 17:49:13 +0000 (14:49 -0300)]
Change from GNet to HCConn.
Now, we use our own implementation of TCP connection and server, instead
of using GNet. There is some missing pieces and it doesn't work right
now, but it's easier to hack on and we don't depend on this library
anymore.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 17:47:56 +0000 (14:47 -0300)]
Let user set HCConn callback function and data.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 16:55:29 +0000 (13:55 -0300)]
Added connection structure to replace GNet.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 16:08:06 +0000 (13:08 -0300)]
Added watch for server connections.
Register a callback to be called when a server socket receives a
connection.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 15:37:55 +0000 (12:37 -0300)]
Added support for creating a TCP server.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 04:47:14 +0000 (01:47 -0300)]
Make some internal functions static.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 04:46:28 +0000 (01:46 -0300)]
Added library to do a TCP connection.
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 21:53:39 +0000 (18:53 -0300)]
Really remove unused files for popproxy
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 19:19:03 +0000 (16:19 -0300)]
Make server port configurable
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:35:37 +0000 (14:35 -0300)]
Tell automake to include the configuration file in distribution
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:31:33 +0000 (14:31 -0300)]
Remove protocol detection altogether
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:30:10 +0000 (14:30 -0300)]
Do not require jabber headers
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:29:13 +0000 (14:29 -0300)]
Remove jabber files from Makefile too
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:23:41 +0000 (14:23 -0300)]
Remove unneeded libraries for popproxy
Thadeu Lima de Souza Cascardo [Mon, 22 Jun 2009 15:21:14 +0000 (12:21 -0300)]
Stop leaking connections to the server when denying access.
Thadeu Lima de Souza Cascardo [Mon, 22 Jun 2009 14:22:08 +0000 (11:22 -0300)]
Close databases for every query to avoid concurrency.
This allows to manipulate the database while proxy is running. This also
solves the problem when a database exists but is empty. In this case,
consider as if it does not exist.
Thadeu Lima de Souza Cascardo [Mon, 22 Jun 2009 14:21:38 +0000 (11:21 -0300)]
Implement database listing.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 02:29:29 +0000 (23:29 -0300)]
Destroy SSL connection properly.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 02:27:24 +0000 (23:27 -0300)]
Added a manager that adds and removes users from allow and deny tables.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 01:51:33 +0000 (22:51 -0300)]
Deny map is deny.db, not allow.db.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 01:31:14 +0000 (22:31 -0300)]
Use QDBM to look up for user access permission.
Thadeu Lima de Souza Cascardo [Fri, 19 Jun 2009 22:24:13 +0000 (19:24 -0300)]
Added stub support for access control, with deny by default.
Thadeu Lima de Souza Cascardo [Thu, 11 Jun 2009 00:00:28 +0000 (21:00 -0300)]
Check for the user trying to authenticate.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 23:22:36 +0000 (20:22 -0300)]
Read line by line from client and write it to server.
Now, it is possible to look at a whole line in case we receive only part
of it in a given TCP segment.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 23:01:05 +0000 (20:01 -0300)]
Added buffer so we can buffer entire lines in a later patch.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 17:31:56 +0000 (14:31 -0300)]
Added a hook on top of the SSL layer, allowing to filter data.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 17:13:04 +0000 (14:13 -0300)]
Split SSL server support from SSL client support.