diff --git a/ConsoleServer.cpp b/ConsoleServer.cpp index a6f1a4a..e85eaf3 100644 --- a/ConsoleServer.cpp +++ b/ConsoleServer.cpp @@ -5,15 +5,15 @@ namespace core { - ConsoleServer::ConsoleServer(EPoll &ePoll, IPAddress address) : TCPServer(ePoll, address) { - coreutils::Log(this); - } - + ConsoleServer::ConsoleServer(EPoll &ePoll, IPAddress address) : TLSServer(ePoll, address) { + coreutils::Log(this); + } + void ConsoleServer::logSend(std::string out) { for(auto *session : sessions) ((ConsoleSession *)session)->writeLog(out); } - + TCPSession * ConsoleServer::getSocketAccept(EPoll &ePoll) { return new ConsoleSession(ePoll, *this); } diff --git a/ConsoleServer.h b/ConsoleServer.h index cc27b71..b84fa35 100644 --- a/ConsoleServer.h +++ b/ConsoleServer.h @@ -2,9 +2,10 @@ #define __ConsoleServer_h__ #include "includes" -#include "TCPServer.h" +#include "TLSServer.h" #include "Command.h" #include "EPoll.h" +#include "LogListener.h" namespace core { @@ -15,7 +16,7 @@ namespace core { /// /// - class ConsoleServer : public TCPServer, coreutils::LogListener { + class ConsoleServer : public TLSServer, public coreutils::LogListener { public: diff --git a/Socket.cpp b/Socket.cpp index 8feac65..51012f0 100644 --- a/Socket.cpp +++ b/Socket.cpp @@ -7,7 +7,6 @@ namespace core { Socket::Socket(EPoll &ePoll) : ePoll(ePoll) { coreutils::Log(coreutils::LOG_DEBUG_2) << "BMASocket object created."; - coreutils::Log(coreutils::LOG_DEBUG_3) << "Buffer size set to default (4096)."; buffer = (char *)malloc(4096); length = 4096; } @@ -23,15 +22,12 @@ namespace core { if(descriptor < 3) throw coreutils::Exception("Descriptor out of range", __FILE__, __LINE__); this->descriptor = descriptor; - onTLSInit(); } int Socket::getDescriptor() { return descriptor; } - void Socket::onTLSInit() {} - void Socket::setBufferSize(int length) { buffer = (char *)realloc(buffer, length); this->length = length; @@ -42,7 +38,7 @@ namespace core { } void Socket::onUnregistered() { - // onDisconnected(); + } void Socket::eventReceived(struct epoll_event event) { diff --git a/Socket.h b/Socket.h index f1e00a8..ad4fa93 100644 --- a/Socket.h +++ b/Socket.h @@ -109,8 +109,6 @@ namespace core { virtual void onConnected(); ///< Called when socket is open and ready to communicate. - virtual void onTLSInit(); - /// /// /// diff --git a/TCPServer.cpp b/TCPServer.cpp index f98a3a9..2addf43 100644 --- a/TCPServer.cpp +++ b/TCPServer.cpp @@ -11,16 +11,16 @@ namespace core { int yes = 1; setsockopt(getDescriptor(), SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)); if(bind(getDescriptor(), address.getPointer(), address.addressLength) < 0) - throw coreutils::Exception("Error on bind to socket: " + std::to_string(errno)); + throw coreutils::Exception("Error on bind to socket: " + std::to_string(errno)); if(listen(getDescriptor(), 10) < 0) - throw coreutils::Exception("Error on listen to socket"); + throw coreutils::Exception("Error on listen to socket"); ePoll.registerSocket(this); } - + TCPServer::~TCPServer() { close(getDescriptor()); } - + void TCPServer::onDataReceived(std::string data) { TCPSession *session = accept(); if(session) sessions.push_back(session); @@ -29,24 +29,24 @@ namespace core { TCPSession * TCPServer::accept() { TCPSession *session = getSocketAccept(ePoll); session->setDescriptor(::accept(getDescriptor(), (struct sockaddr *)&session->ipAddress.addr, &session->ipAddress.addressLength)); - -// if(blackList && blackList->contains(session->ipAddress.getClientAddress())) { -// session->shutdown(); -// Log(LOG_WARN) << "Client at IP address " << session->ipAddress.getClientAddress() << " is blacklisted and was denied a connection."; -// return NULL; -// } -// -// if(whiteList && !whiteList->contains(session->ipAddress.getClientAddress())) { -// session->shutdown(); -// Log(LOG_WARN) << "Client at IP address " << session->ipAddress.getClientAddress() << " is not authorized and was denied a connection."; -// return NULL; -// } + // if(blackList && blackList->contains(session->ipAddress.getClientAddress())) { + // session->shutdown(); + // Log(LOG_WARN) << "Client at IP address " << session->ipAddress.getClientAddress() << " is blacklisted and was denied a connection."; + // return NULL; + // } + // + // if(whiteList && !whiteList->contains(session->ipAddress.getClientAddress())) { + // session->shutdown(); + // Log(LOG_WARN) << "Client at IP address " << session->ipAddress.getClientAddress() << " is not authorized and was denied a connection."; + // return NULL; + // } + // ePoll.registerSocket(session); coreutils::Log(coreutils::LOG_DEBUG_2) << "Session started on socket " << session->getDescriptor() << "."; return session; } - + void TCPServer::removeFromSessionList(TCPSession *session) { std::vector::iterator cursor; for(cursor = sessions.begin(); cursor < sessions.end(); ++cursor) diff --git a/TLSServer.cpp b/TLSServer.cpp index c1747b9..dcee0d6 100644 --- a/TLSServer.cpp +++ b/TLSServer.cpp @@ -7,13 +7,17 @@ namespace core { static pthread_mutex_t *lockarray; + + static unsigned long thread_id(void) { + return ((unsigned long) pthread_self()); + } - //static void lock_callback(int mode, int type, const char *file, int line) { - // if(mode & CRYPTO_LOCK) - // pthread_mutex_lock(&(lockarray[type])); - // else - // pthread_mutex_unlock(&(lockarray[type])); - //} + static void lock_callback(int mode, int type, const char *file, int line) { + if(mode & CRYPTO_LOCK) + pthread_mutex_lock(&(lockarray[type])); + else + pthread_mutex_unlock(&(lockarray[type])); + } TLSServer::TLSServer(EPoll &ePoll, IPAddress address) : TCPServer(ePoll, address) { @@ -24,8 +28,8 @@ namespace core { for(int i = 0; i < CRYPTO_num_locks(); ++i) pthread_mutex_init(&(lockarray[i]), NULL); -// CRYPTO_set_id_callback((unsigned long (*)())thread_id); -// CRYPTO_set_locking_callback((void ()(int, int, const char *, int))lock_callback); + CRYPTO_set_id_callback((unsigned long (*)())thread_id); + CRYPTO_set_locking_callback((void (*)(int, int, const char *, int))lock_callback); SSLeay_add_ssl_algorithms(); RAND_load_file("/dev/hwrng", 1024); diff --git a/TLSServer.h b/TLSServer.h index 592a3cd..c854613 100644 --- a/TLSServer.h +++ b/TLSServer.h @@ -42,10 +42,10 @@ namespace core { SSL_CTX *ctx; private: - - char *sip_cacert = (char *)"/home/barant/testkeys/certs/pbxca.crt"; - char *sip_cert = (char *)"/home/barant/testkeys/certs/pbxserver.crt"; - char *sip_key = (char *)"/home/barant/testkeys/certs/pbxserver.key"; + + char *sip_cacert = (char *)"../testkeys/certs/pbxca.crt"; + char *sip_cert = (char *)"../testkeys/certs/pbxserver.crt"; + char *sip_key = (char *)"../testkeys/certs/pbxserver.key"; }; diff --git a/TLSSession.cpp b/TLSSession.cpp index d5bddd1..aea480f 100644 --- a/TLSSession.cpp +++ b/TLSSession.cpp @@ -25,54 +25,54 @@ namespace core { X509_free(ssl_client_cert); if(SSL_get_verify_result(ssl) != X509_V_OK) throw std::string("Certificate verification failed."); - coreutils::Log(coreutils::LOG_DEBUG_3) << "Certificate verified successfully."; + coreutils::Log(coreutils::LOG_DEBUG_3) << "Certificate verified successfully."; } else coreutils::Log(coreutils::LOG_DEBUG_3) << "No client certificate."; } - TLSSession::TLSSession(EPoll &ePoll, TCPServer &server) : TCPSession(ePoll, server) {} - -// void TLSSession::init() { -// -// initialized = true; -// -// int ret; -// -// coreutils::Log(coreutils::LOG_DEBUG_3) << "TLS socket initializing..."; -// -// fcntl(getDescriptor(), F_SETFL, fcntl(getDescriptor(), F_GETFL, 0) | O_NONBLOCK); -// -// if(!(ssl = SSL_new(((TLSService &)service).ctx))) -// throw std::string("Error creating new TLS socket."); -// -// SSL_set_info_callback(ssl, handshake_complete); -// -// if((ret = SSL_set_fd(ssl, getDescriptor())) == 0) -// throw std::string("Error setting TLS socket descriptor."); -// -//// if(!SSL_set_generate_session_id(ssl, generate_session_id)) -//// throw std::string("Error setting session identifier callback."); -// -// switch (SSL_get_error(ssl, SSL_accept(ssl))) { -// case SSL_ERROR_SSL: -// coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_SSL on ssl_accept. errno=" << errno; -// break; -// case SSL_ERROR_WANT_READ: -// coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_WANT_READ on ssl_accept."; -// break; -// case SSL_ERROR_WANT_WRITE: -// coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_WANT_WRITE on ssl_accept."; -// break; -// case SSL_ERROR_SYSCALL: -// coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_SYSCALL on ssl_accept. errno=" << errno; -// shutdown(); -// break; -// default: -// coreutils::Log(coreutils::LOG_DEBUG_3) << "Unknown ERROR on ssl_accept."; -// break; -// } -// } + TLSSession::TLSSession(EPoll &ePoll, TCPServer &server) : TCPSession(ePoll, server) { + + initialized = true; + + int ret; + + coreutils::Log(coreutils::LOG_DEBUG_3) << "TLS socket initializing on socket " << getDescriptor() << "..."; + + fcntl(getDescriptor(), F_SETFL, fcntl(getDescriptor(), F_GETFL, 0) | O_NONBLOCK); + + ssl = SSL_new(static_cast(server).ctx); + if(ssl <= 0) + throw std::string("Error creating new TLS socket."); + + SSL_set_info_callback(ssl, handshake_complete); + + if((ret = SSL_set_fd(ssl, getDescriptor())) == 0) + throw std::string("Error setting TLS socket descriptor."); + + if(!SSL_set_generate_session_id(ssl, generate_session_id)) + throw std::string("Error setting session identifier callback."); + + switch (SSL_get_error(ssl, SSL_accept(ssl))) { + case SSL_ERROR_SSL: + coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_SSL on ssl_accept. errno=" << errno; + break; + case SSL_ERROR_WANT_READ: + coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_WANT_READ on ssl_accept."; + break; + case SSL_ERROR_WANT_WRITE: + coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_WANT_WRITE on ssl_accept."; + break; + case SSL_ERROR_SYSCALL: + coreutils::Log(coreutils::LOG_DEBUG_3) << "ERROR_SYSCALL on ssl_accept. errno=" << errno; + shutdown(); + break; + default: + coreutils::Log(coreutils::LOG_DEBUG_3) << "Unknown ERROR on ssl_accept."; + break; + } + + } TLSSession::~TLSSession() { diff --git a/TerminalSession.cpp b/TerminalSession.cpp index 3b6e797..0cc995d 100644 --- a/TerminalSession.cpp +++ b/TerminalSession.cpp @@ -1,8 +1,8 @@ #include "TerminalSession.h" namespace core { - - TerminalSession::TerminalSession(EPoll &ePoll, TCPServer &server) : TCPSession(ePoll, server) { + + TerminalSession::TerminalSession(EPoll &ePoll, TCPServer &server) : TLSSession(ePoll, server) { } TerminalSession::~TerminalSession() { @@ -10,8 +10,8 @@ namespace core { int TerminalSession::getLines() { struct winsize size; - ioctl(getDescriptor(), TIOCGWINSZ, &size); - return size.ws_row; + ioctl(getDescriptor(), TIOCGWINSZ, &size); + return size.ws_row; } void TerminalSession::clear() { diff --git a/TerminalSession.h b/TerminalSession.h index 5c0ebea..69de50b 100644 --- a/TerminalSession.h +++ b/TerminalSession.h @@ -2,7 +2,7 @@ #define __Terminal_h__ #include "includes" -#include "TCPSession.h" +#include "TLSSession.h" #include "TCPServer.h" namespace core { @@ -27,7 +27,7 @@ namespace core { static const char esc = 0x1b; - class TerminalSession : public TCPSession { + class TerminalSession : public TLSSession { public: TerminalSession(EPoll &ePoll, TCPServer &server); diff --git a/compile b/compile index c7b61d0..a4f4037 100755 --- a/compile +++ b/compile @@ -5,7 +5,7 @@ do filename="${file%.*}" list="$list $filename.o" echo -n "Compiling $filename..." - g++ -c -I../CoreUtils $file & + g++ -g -c -I../CoreUtils $file if [ $? = '0' ] then echo "OK"