static GArray*
read_config_file (GError **err)
{
GError *e = NULL;
gboolean ret;
GArray *array;
gchar *conf, *contents;
gchar **lines, **l;
g_assert (!err || !*err);
if (!err)
err = &e;
conf = find_config_file (TRUE, err);
if (conf == NULL)
return NULL;
ret = g_file_get_contents (conf, &contents, NULL, err);
g_free (conf);
if (!ret)
return FALSE;
lines = g_strsplit (contents, "\n", -1);
g_free (contents);
array = g_array_new (TRUE, TRUE, sizeof (gchar**));
for (l = lines; *l; l++)
g_array_append_val (array, *l);
/* We took ownership of the individual lines */
g_free (lines);
return array;
}
/**
* gnutls_verify_stored_pubkey:
* @db_name: A file specifying the stored keys (use NULL for the default)
* @tdb: A storage structure or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @cert_type: The type of the certificate
* @cert: The raw (der) data of the certificate
* @flags: should be 0.
*
* This function will try to verify a raw public-key or a public-key provided via
* a raw (DER-encoded) certificate using a list of stored public keys.
* The @service field if non-NULL should be a port number.
*
* The @db_name variable if non-null specifies a custom backend for
* the retrieval of entries. If it is NULL then the
* default file backend will be used. In POSIX-like systems the
* file backend uses the $HOME/.gnutls/known_hosts file.
*
* Note that if the custom storage backend is provided the
* retrieval function should return %GNUTLS_E_CERTIFICATE_KEY_MISMATCH
* if the host/service pair is found but key doesn't match,
* %GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with
* the given key is found, and 0 if it was found. The storage
* function should return 0 on success.
*
* As of GnuTLS 3.6.6 this function also verifies raw public keys.
*
* Returns: If no associated public key is found
* then %GNUTLS_E_NO_CERTIFICATE_FOUND will be returned. If a key
* is found but does not match %GNUTLS_E_CERTIFICATE_KEY_MISMATCH
* is returned. On success, %GNUTLS_E_SUCCESS (0) is returned,
* or a negative error value on other errors.
*
* Since: 3.0.13
**/
int
gnutls_verify_stored_pubkey(const char *db_name,
gnutls_tdb_t tdb,
const char *host,
const char *service,
gnutls_certificate_type_t cert_type,
const gnutls_datum_t * cert,
unsigned int flags)
{
gnutls_datum_t pubkey = { NULL, 0 }; // Holds the pubkey in subjectPublicKeyInfo format (DER encoded)
int ret;
char local_file[MAX_FILENAME];
bool need_free;
if (db_name == NULL && tdb == NULL) {
ret = find_config_file(local_file, sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
db_name = local_file;
}
if (tdb == NULL)
tdb = &default_tdb;
/* Import the public key depending on the provided certificate type */
switch (cert_type) {
case GNUTLS_CRT_X509:
/* Extract the pubkey from the cert. This function does a malloc
* deep down the call chain. We are responsible for freeing. */
ret = _gnutls_x509_raw_crt_to_raw_pubkey(cert, &pubkey);
if (ret < 0) {
_gnutls_free_datum(&pubkey);
return gnutls_assert_val(ret);
}
need_free = true;
break;
case GNUTLS_CRT_RAWPK:
pubkey.data = cert->data;
pubkey.size = cert->size;
need_free = false;
break;
default:
return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
}
// Verify our pubkey against the database
ret = tdb->verify(db_name, host, service, &pubkey);
if (ret < 0 && ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH)
ret = gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
if (need_free) {
_gnutls_free_datum(&pubkey);
}
return ret;
}
/**
* gnutls_store_pubkey:
* @db_name: A file specifying the stored keys (use NULL for the default)
* @tdb: A storage structure or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @cert_type: The type of the certificate
* @cert: The data of the certificate
* @expiration: The expiration time (use 0 to disable expiration)
* @flags: should be 0.
*
* This function will store the provided certificate to
* the list of stored public keys. The key will be considered valid until
* the provided expiration time.
*
* The @store variable if non-null specifies a custom backend for
* the storage of entries. If it is NULL then the
* default file backend will be used.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.0
**/
int
gnutls_store_pubkey(const char* db_name,
gnutls_tdb_t tdb,
const char* host,
const char* service,
gnutls_certificate_type_t cert_type,
const gnutls_datum_t * cert,
time_t expiration,
unsigned int flags)
{
FILE* fd = NULL;
gnutls_datum_t pubkey = { NULL, 0 };
int ret;
char local_file[MAX_FILENAME];
if (cert_type != GNUTLS_CRT_X509 && cert_type != GNUTLS_CRT_OPENPGP)
return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
if (db_name == NULL && tdb == NULL)
{
ret = _gnutls_find_config_path(local_file, sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
_gnutls_debug_log("Configuration path: %s\n", local_file);
mkdir(local_file, 0700);
ret = find_config_file(local_file, sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
db_name = local_file;
}
if (tdb == NULL)
tdb = &default_tdb;
if (cert_type == GNUTLS_CRT_X509)
ret = x509_crt_to_raw_pubkey(cert, &pubkey);
else
ret = pgp_crt_to_raw_pubkey(cert, &pubkey);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
_gnutls_debug_log("Configuration file: %s\n", db_name);
tdb->store(db_name, host, service, expiration, &pubkey);
ret = 0;
cleanup:
gnutls_free(pubkey.data);
if (fd != NULL) fclose(fd);
return ret;
}
/* searches for configuration file and directories, stores them and ensures
* existence of some of them */
void
set_config_paths(void)
{
LOG_FUNC_ENTER;
find_home_dir();
find_config_dir();
find_config_file();
store_config_paths();
create_config_dir();
}
/**
* gnutls_store_commitment:
* @db_name: A file specifying the stored keys (use NULL for the default)
* @tdb: A storage structure or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @hash_algo: The hash algorithm type
* @hash: The raw hash
* @expiration: The expiration time (use 0 to disable expiration)
* @flags: should be 0.
*
* This function will store the provided hash commitment to
* the list of stored public keys. The key with the given
* hash will be considered valid until the provided expiration time.
*
* The @store variable if non-null specifies a custom backend for
* the storage of entries. If it is NULL then the
* default file backend will be used.
*
* Note that this function is not thread safe with the default backend.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.0
**/
int
gnutls_store_commitment(const char *db_name,
gnutls_tdb_t tdb,
const char *host,
const char *service,
gnutls_digest_algorithm_t hash_algo,
const gnutls_datum_t * hash,
time_t expiration, unsigned int flags)
{
FILE *fd = NULL;
int ret;
char local_file[MAX_FILENAME];
const mac_entry_st *me = hash_to_entry(hash_algo);
if (me == NULL || _gnutls_digest_is_secure(me) == 0)
return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
if (_gnutls_hash_get_algo_len(me) != hash->size)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
if (db_name == NULL && tdb == NULL) {
ret =
_gnutls_find_config_path(local_file,
sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
_gnutls_debug_log("Configuration path: %s\n", local_file);
mkdir(local_file, 0700);
ret = find_config_file(local_file, sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
db_name = local_file;
}
if (tdb == NULL)
tdb = &default_tdb;
_gnutls_debug_log("Configuration file: %s\n", db_name);
tdb->cstore(db_name, host, service, expiration,
(gnutls_digest_algorithm_t)me->id, hash);
ret = 0;
if (fd != NULL)
fclose(fd);
return ret;
}
void
cfg_discover_paths(void)
{
LOG_FUNC_ENTER;
find_home_dir();
find_config_dir();
find_data_dir();
find_config_file();
store_config_paths();
setup_dirs();
}
/**
* gnutls_verify_stored_pubkey:
* @db_name: A file specifying the stored keys (use NULL for the default)
* @tdb: A storage structure or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @cert_type: The type of the certificate
* @cert: The raw (der) data of the certificate
* @flags: should be 0.
*
* This function will try to verify the provided (raw or DER-encoded) certificate
* using a list of stored public keys. The @service field if non-NULL should
* be a port number.
*
* The @retrieve variable if non-null specifies a custom backend for
* the retrieval of entries. If it is NULL then the
* default file backend will be used. In POSIX-like systems the
* file backend uses the $HOME/.gnutls/known_hosts file.
*
* Note that if the custom storage backend is provided the
* retrieval function should return %GNUTLS_E_CERTIFICATE_KEY_MISMATCH
* if the host/service pair is found but key doesn't match,
* %GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with
* the given key is found, and 0 if it was found. The storage
* function should return 0 on success.
*
* Returns: If no associated public key is found
* then %GNUTLS_E_NO_CERTIFICATE_FOUND will be returned. If a key
* is found but does not match %GNUTLS_E_CERTIFICATE_KEY_MISMATCH
* is returned. On success, %GNUTLS_E_SUCCESS (0) is returned,
* or a negative error value on other errors.
*
* Since: 3.0.13
**/
int
gnutls_verify_stored_pubkey(const char *db_name,
gnutls_tdb_t tdb,
const char *host,
const char *service,
gnutls_certificate_type_t cert_type,
const gnutls_datum_t * cert,
unsigned int flags)
{
gnutls_datum_t pubkey = { NULL, 0 };
int ret;
char local_file[MAX_FILENAME];
if (cert_type != GNUTLS_CRT_X509
&& cert_type != GNUTLS_CRT_OPENPGP)
return
gnutls_assert_val
(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
if (db_name == NULL && tdb == NULL) {
ret = find_config_file(local_file, sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
db_name = local_file;
}
if (tdb == NULL)
tdb = &default_tdb;
if (cert_type == GNUTLS_CRT_X509)
ret = x509_crt_to_raw_pubkey(cert, &pubkey);
else
ret = pgp_crt_to_raw_pubkey(cert, &pubkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = tdb->verify(db_name, host, service, &pubkey);
if (ret < 0 && ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH)
ret = gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
cleanup:
gnutls_free(pubkey.data);
return ret;
}
static gboolean
write_config_file (GArray *array, GError **err)
{
GError *e = NULL;
gchar *conf, *contents;
g_assert (!err || !*err);
if (!err)
err = &e;
conf = find_config_file (FALSE, err);
if (conf == NULL)
return FALSE;
contents = g_strjoinv ("\n", (gchar**)(array->data));
bastile_util_write_file_private (conf, contents, err);
g_free (contents);
return *err ? FALSE : TRUE;
}
void cb_menu(fltk::Widget *wid, long user_data)
{
if(!dir) return;
char cmd[FL_PATH_MAX];
EDE_Config pGlobalConfig(find_config_file("ede.conf", false));
// we can't use Fl_String here, because gcc3.2.3 bug, so we will use
// plain char with stupid FL_PATH_MAX
switch(user_data) {
case 1: {
char term[FL_PATH_MAX];
pGlobalConfig.get("Terminal", "Terminal", term, 0, sizeof(term));
if(pGlobalConfig.error() && !term[0] || (strlen(term) == 0))
strncpy(term, "xterm", sizeof(term));
snprintf(cmd, sizeof(cmd)-1, "cd %s; %s\n", dir, term);
}
break;
case 2: {
char browser[FL_PATH_MAX];
pGlobalConfig.get("Web", "Browser", browser, 0, sizeof(browser));
if(pGlobalConfig.error() && !browser[0] || (strlen(browser) == 0))
strncpy(browser, "mozilla", sizeof(browser));
snprintf(cmd, sizeof(cmd)-1, "%s %s\n", browser, dir);
}
break;
case 0:
fltk::exit_modal();
default:
return;
}
fltk::start_child_process(cmd, false);
}
ac_rtld_config::ac_rtld_config() {
int mapfile_fd;
config_loaded = false;
hashtable = NULL;
/* Our config file exists? */
mapfile_fd = find_config_file ("ac_rtld.relmap");
if (mapfile_fd >= 0) {
if (hash_initialize(&hashtable) == FINE) {
if (process_map_file(mapfile_fd, hashtable) == FINE) {
config_loaded = true;
} else {
hash_delete(&hashtable);
}
}
close(mapfile_fd);
}
}
int main(int argc, char **argv)
{
int port = 0;
int messagenumber = 5;
char local_addr[256];
int c;
int mclient = 1;
char peer_address[129] = "\0";
int peer_port = PEER_DEFAULT_PORT;
char rest_api_separator = ':';
int use_null_cipher=0;
set_logfile("stdout");
set_execdir();
set_system_parameters(0);
ns_bzero(local_addr, sizeof(local_addr));
while ((c = getopt(argc, argv, "d:p:l:n:L:m:e:r:u:w:i:k:z:W:C:E:F:vsyhcxXgtTSAPDNOUHMRIGB")) != -1) {
switch (c){
case 'B':
random_disconnect = 1;
break;
case 'G':
extra_requests = 1;
break;
case 'F':
STRCPY(cipher_suite,optarg);
break;
case 'I':
no_permissions = 1;
break;
case 'M':
mobility = 1;
break;
case 'H':
shatype = SHATYPE_SHA256;
break;
case 'E':
{
char* fn = find_config_file(optarg,1);
if(!fn) {
fprintf(stderr,"ERROR: file %s not found\n",optarg);
exit(-1);
}
STRCPY(ca_cert_file,fn);
}
break;
case 'O':
dos = 1;
break;
case 'C':
rest_api_separator=*optarg;
break;
case 'D':
mandatory_channel_padding = 1;
break;
case 'N':
negative_test = 1;
break;
case 'R':
negative_protocol_test = 1;
break;
case 'z':
RTP_PACKET_INTERVAL = atoi(optarg);
break;
case 'A':
use_short_term = 1;
break;
case 'u':
STRCPY(g_uname, optarg);
break;
case 'w':
STRCPY(g_upwd, optarg);
break;
case 'g':
dont_fragment = 1;
break;
case 'd':
STRCPY(client_ifname, optarg);
break;
case 'x':
default_address_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6;
break;
case 'X':
default_address_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4;
break;
case 'l':
clmessage_length = atoi(optarg);
break;
case 's':
do_not_use_channel = 1;
break;
case 'n':
messagenumber = atoi(optarg);
break;
case 'p':
port = atoi(optarg);
break;
case 'L':
STRCPY(local_addr, optarg);
break;
case 'e':
STRCPY(peer_address, optarg);
break;
case 'r':
peer_port = atoi(optarg);
break;
case 'v':
clnet_verbose = TURN_VERBOSE_NORMAL;
break;
case 'h':
hang_on = 1;
break;
case 'c':
no_rtcp = 1;
break;
case 'm':
mclient = atoi(optarg);
break;
case 'y':
c2c = 1;
break;
case 't':
use_tcp = 1;
break;
case 'P':
passive_tcp = 1;
/* implies 'T': */
/* no break */
case 'T':
relay_transport = STUN_ATTRIBUTE_TRANSPORT_TCP_VALUE;
break;
case 'U':
use_null_cipher = 1;
/* implies 'S' */
/* no break */
case 'S':
use_secure = 1;
break;
case 'W':
g_use_auth_secret_with_timestamp = 1;
STRCPY(g_auth_secret,optarg);
break;
case 'i':
{
char* fn = find_config_file(optarg,1);
if(!fn) {
fprintf(stderr,"ERROR: file %s not found\n",optarg);
exit(-1);
}
STRCPY(cert_file,fn);
free(fn);
}
break;
case 'k':
{
char* fn = find_config_file(optarg,1);
if(!fn) {
fprintf(stderr,"ERROR: file %s not found\n",optarg);
exit(-1);
}
STRCPY(pkey_file,fn);
free(fn);
}
break;
default:
fprintf(stderr, "%s\n", Usage);
exit(1);
}
}
if(g_use_auth_secret_with_timestamp) {
if(use_short_term) {
fprintf(stderr,"ERROR: You cannot use authentication secret (REST API) with short-term credentials mechanism.\n");
exit(-1);
}
{
char new_uname[1025];
const unsigned long exp_time = 3600 * 24; /* one day */
if(g_uname[0]) {
snprintf(new_uname,sizeof(new_uname),"%lu%c%s",(unsigned long)time(NULL) + exp_time,rest_api_separator, (char*)g_uname);
} else {
snprintf(new_uname,sizeof(new_uname),"%lu", (unsigned long)time(NULL) + exp_time);
}
STRCPY(g_uname,new_uname);
}
{
u08bits hmac[MAXSHASIZE];
unsigned int hmac_len;
switch(shatype) {
case SHATYPE_SHA256:
hmac_len = SHA256SIZEBYTES;
break;
default:
hmac_len = SHA1SIZEBYTES;
};
hmac[0]=0;
if(stun_calculate_hmac(g_uname, strlen((char*)g_uname), (u08bits*)g_auth_secret, strlen(g_auth_secret), hmac, &hmac_len, shatype)>=0) {
size_t pwd_length = 0;
char *pwd = base64_encode(hmac,hmac_len,&pwd_length);
if(pwd) {
if(pwd_length>0) {
ns_bcopy(pwd,g_upwd,pwd_length);
g_upwd[pwd_length]=0;
}
}
free(pwd);
}
}
}
if(is_TCP_relay()) {
dont_fragment = 0;
no_rtcp = 1;
c2c = 1;
use_tcp = 1;
do_not_use_channel = 1;
}
if(port == 0) {
if(use_secure)
port = DEFAULT_STUN_TLS_PORT;
else
port = DEFAULT_STUN_PORT;
}
if (clmessage_length < (int) sizeof(message_info))
clmessage_length = (int) sizeof(message_info);
const int max_header = 100;
if(clmessage_length > (int)(STUN_BUFFER_SIZE-max_header)) {
fprintf(stderr,"Message length was corrected to %d\n",(STUN_BUFFER_SIZE-max_header));
clmessage_length = (int)(STUN_BUFFER_SIZE-max_header);
}
if (optind >= argc) {
fprintf(stderr, "%s\n", Usage);
exit(-1);
}
if (!c2c) {
if (make_ioa_addr((const u08bits*) peer_address, peer_port, &peer_addr) < 0)
return -1;
if(peer_addr.ss.sa_family == AF_INET6)
default_address_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6;
}
/* SSL Init ==>> */
if(use_secure) {
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
const char *csuite = "ALL"; //"AES256-SHA" "DH"
if(use_null_cipher)
csuite = "eNULL";
else if(cipher_suite[0])
csuite=cipher_suite;
if(use_tcp) {
root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite);
root_tls_ctx_num++;
root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(SSLv3_client_method());
SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite);
root_tls_ctx_num++;
root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(TLSv1_client_method());
SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite);
root_tls_ctx_num++;
#if defined(SSL_TXT_TLSV1_1)
root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(TLSv1_1_client_method());
SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite);
root_tls_ctx_num++;
#if defined(SSL_TXT_TLSV1_2)
root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(TLSv1_2_client_method());
SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite);
root_tls_ctx_num++;
#endif
#endif
} else {
#if defined(TURN_NO_DTLS)
fprintf(stderr,"ERROR: DTLS is not supported.\n");
exit(-1);
#else
if(OPENSSL_VERSION_NUMBER < 0x10000000L) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "WARNING: OpenSSL version is rather old, DTLS may not be working correctly.\n");
}
root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(DTLSv1_client_method());
SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite);
root_tls_ctx_num++;
#endif
}
int sslind = 0;
for(sslind = 0; sslind<root_tls_ctx_num; sslind++) {
if(cert_file[0]) {
if (!SSL_CTX_use_certificate_chain_file(root_tls_ctx[sslind], cert_file)) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no certificate found!\n");
exit(-1);
}
}
if (!SSL_CTX_use_PrivateKey_file(root_tls_ctx[sslind], pkey_file,
SSL_FILETYPE_PEM)) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no private key found!\n");
exit(-1);
}
if(cert_file[0]) {
if (!SSL_CTX_check_private_key(root_tls_ctx[sslind])) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: invalid private key!\n");
exit(-1);
}
}
if (ca_cert_file[0]) {
if (!SSL_CTX_load_verify_locations(root_tls_ctx[sslind], ca_cert_file, NULL )) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR,
"ERROR: cannot load CA from file: %s\n",
ca_cert_file);
}
/* Set to require peer (client) certificate verification */
SSL_CTX_set_verify(root_tls_ctx[sslind], SSL_VERIFY_PEER, NULL );
/* Set the verification depth to 9 */
SSL_CTX_set_verify_depth(root_tls_ctx[sslind], 9);
} else {
SSL_CTX_set_verify(root_tls_ctx[sslind], SSL_VERIFY_NONE, NULL );
}
if(!use_tcp)
SSL_CTX_set_read_ahead(root_tls_ctx[sslind], 1);
}
}
start_mclient(argv[optind], port, client_ifname, local_addr, messagenumber, mclient);
return 0;
}
bool CONFIG::parse_config()
{
LEX *lc = NULL;
int token, i, pass;
int res_type = 0;
enum parse_state state = p_none;
RES_ITEM *items = NULL;
int level = 0;
static bool first = true;
int errstat;
const char *cf = m_cf;
LEX_ERROR_HANDLER *scan_error = m_scan_error;
int err_type = m_err_type;
if (first && (errstat=rwl_init(&res_lock)) != 0) {
berrno be;
Jmsg1(NULL, M_ABORT, 0, _("Unable to initialize resource lock. ERR=%s\n"),
be.bstrerror(errstat));
}
first = false;
char *full_path = (char *)alloca(MAX_PATH + 1);
if (!find_config_file(cf, full_path, MAX_PATH +1)) {
Jmsg0(NULL, M_ABORT, 0, _("Config filename too long.\n"));
}
cf = full_path;
/* Make two passes. The first builds the name symbol table,
* and the second picks up the items.
*/
Dmsg0(900, "Enter parse_config()\n");
for (pass=1; pass <= 2; pass++) {
Dmsg1(900, "parse_config pass %d\n", pass);
if ((lc = lex_open_file(lc, cf, scan_error)) == NULL) {
berrno be;
/* We must create a lex packet to print the error */
lc = (LEX *)malloc(sizeof(LEX));
memset(lc, 0, sizeof(LEX));
if (scan_error) {
lc->scan_error = scan_error;
} else {
lex_set_default_error_handler(lc);
}
lex_set_error_handler_error_type(lc, err_type) ;
bstrncpy(lc->str, cf, sizeof(lc->str));
lc->fname = lc->str;
scan_err2(lc, _("Cannot open config file \"%s\": %s\n"),
lc->str, be.bstrerror());
free(lc);
return 0;
}
lex_set_error_handler_error_type(lc, err_type) ;
while ((token=lex_get_token(lc, T_ALL)) != T_EOF) {
Dmsg3(900, "parse state=%d pass=%d got token=%s\n", state, pass,
lex_tok_to_str(token));
switch (state) {
case p_none:
if (token == T_EOL) {
break;
} else if (token == T_UTF8_BOM) {
/* We can assume the file is UTF-8 as we have seen a UTF-8 BOM */
break;
} else if (token == T_UTF16_BOM) {
scan_err0(lc, _("Currently we cannot handle UTF-16 source files. "
"Please convert the conf file to UTF-8\n"));
return 0;
} else if (token != T_IDENTIFIER) {
scan_err1(lc, _("Expected a Resource name identifier, got: %s"), lc->str);
return 0;
}
for (i=0; resources[i].name; i++) {
if (strcasecmp(resources[i].name, lc->str) == 0) {
items = resources[i].items;
if (!items) {
break;
}
state = p_resource;
res_type = resources[i].rcode;
init_resource(this, res_type, items, pass);
break;
}
}
if (state == p_none) {
scan_err1(lc, _("expected resource name, got: %s"), lc->str);
return 0;
}
break;
case p_resource:
switch (token) {
case T_BOB:
level++;
break;
case T_IDENTIFIER:
if (level != 1) {
scan_err1(lc, _("not in resource definition: %s"), lc->str);
return 0;
}
for (i=0; items[i].name; i++) {
if (strcasecmp(items[i].name, lc->str) == 0) {
/* If the ITEM_NO_EQUALS flag is set we do NOT
* scan for = after the keyword */
if (!(items[i].flags & ITEM_NO_EQUALS)) {
token = lex_get_token(lc, T_SKIP_EOL);
Dmsg1 (900, "in T_IDENT got token=%s\n", lex_tok_to_str(token));
if (token != T_EQUALS) {
scan_err1(lc, _("expected an equals, got: %s"), lc->str);
return 0;
}
}
Dmsg1(800, "calling handler for %s\n", items[i].name);
/* Call item handler */
items[i].handler(lc, &items[i], i, pass);
i = -1;
break;
}
}
if (i >= 0) {
Dmsg2(900, "level=%d id=%s\n", level, lc->str);
Dmsg1(900, "Keyword = %s\n", lc->str);
scan_err1(lc, _("Keyword \"%s\" not permitted in this resource.\n"
"Perhaps you left the trailing brace off of the previous resource."), lc->str);
return 0;
}
break;
case T_EOB:
level--;
state = p_none;
Dmsg0(900, "T_EOB => define new resource\n");
if (res_all.hdr.name == NULL) {
scan_err0(lc, _("Name not specified for resource"));
return 0;
}
save_resource(res_type, items, pass); /* save resource */
break;
case T_EOL:
break;
default:
scan_err2(lc, _("unexpected token %d %s in resource definition"),
token, lex_tok_to_str(token));
return 0;
}
break;
default:
scan_err1(lc, _("Unknown parser state %d\n"), state);
return 0;
}
}
if (state != p_none) {
scan_err0(lc, _("End of conf file reached with unclosed resource."));
return 0;
}
if (debug_level >= 900 && pass == 2) {
int i;
for (i=m_r_first; i<=m_r_last; i++) {
dump_resource(i, m_res_head[i-m_r_first], prtmsg, NULL);
}
}
lc = lex_close_file(lc);
}
Dmsg0(900, "Leave parse_config()\n");
return 1;
}
static int read_config_file(void) {
_cleanup_fclose_ FILE *fp = NULL;
char *config_path = NULL;
char line[BUFSIZ];
int lineno = 0;
config_path = find_config_file();
if (config_path == NULL) {
log_warn("unable to determine location of config file. "
"Skipping.\n");
return 0;
}
fp = fopen(config_path, "r");
if (fp == NULL) {
if (errno == ENOENT)
/* ignore error when file isn't found */
return 0;
log_error("failed to open %s: %s", config_path, strerror(errno));
return -errno;
}
while (fgets(line, sizeof(line), fp) != NULL) {
char *key, *value;
size_t len;
++lineno;
len = strtrim(line);
if (len == 0 || line[0] == '#')
continue;
key = value = line;
strsep(&value, "=");
strtrim(key);
strtrim(value);
if (streq(key, "User")) {
char *v = strdup(value);
if (v == NULL)
log_error("failed to allocate memory\n");
else
arg_username = v;
} else if (streq(key, "Password")) {
char *v = strdup(value);
if (v == NULL)
log_error("failed to allocate memory\n");
else
arg_password = v;
} else if (streq(key, "Cookies")) {
char *v = shell_expand(value);
if (v == NULL)
log_error("failed to allocate memory\n");
else
arg_cookiefile = v;
} else
log_warn("unknown config entry '%s' on line %d", key, lineno);
}
return 0;
}
/**
* gnutls_store_pubkey:
* @db_name: A file specifying the stored keys (use NULL for the default)
* @tdb: A storage structure or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @cert_type: The type of the certificate
* @cert: The data of the certificate
* @expiration: The expiration time (use 0 to disable expiration)
* @flags: should be 0.
*
* This function will store a raw public-key or a public-key provided via
* a raw (DER-encoded) certificate to the list of stored public keys. The key
* will be considered valid until the provided expiration time.
*
* The @tdb variable if non-null specifies a custom backend for
* the storage of entries. If it is NULL then the
* default file backend will be used.
*
* Unless an alternative @tdb is provided, the storage format is a textual format
* consisting of a line for each host with fields separated by '|'. The contents of
* the fields are a format-identifier which is set to 'g0', the hostname that the
* rest of the data applies to, the numeric port or host name, the expiration
* time in seconds since the epoch (0 for no expiration), and a base64
* encoding of the raw (DER) public key information (SPKI) of the peer.
*
* As of GnuTLS 3.6.6 this function also accepts raw public keys.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.0.13
**/
int
gnutls_store_pubkey(const char *db_name,
gnutls_tdb_t tdb,
const char *host,
const char *service,
gnutls_certificate_type_t cert_type,
const gnutls_datum_t * cert,
time_t expiration, unsigned int flags)
{
gnutls_datum_t pubkey = { NULL, 0 }; // Holds the pubkey in subjectPublicKeyInfo format (DER encoded)
int ret;
char local_file[MAX_FILENAME];
bool need_free;
if (db_name == NULL && tdb == NULL) {
ret =
_gnutls_find_config_path(local_file,
sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
_gnutls_debug_log("Configuration path: %s\n", local_file);
mkdir(local_file, 0700);
ret = find_config_file(local_file, sizeof(local_file));
if (ret < 0)
return gnutls_assert_val(ret);
db_name = local_file;
}
if (tdb == NULL)
tdb = &default_tdb;
/* Import the public key depending on the provided certificate type */
switch (cert_type) {
case GNUTLS_CRT_X509:
/* Extract the pubkey from the cert. This function does a malloc
* deep down the call chain. We are responsible for freeing. */
ret = _gnutls_x509_raw_crt_to_raw_pubkey(cert, &pubkey);
if (ret < 0) {
_gnutls_free_datum(&pubkey);
return gnutls_assert_val(ret);
}
need_free = true;
break;
case GNUTLS_CRT_RAWPK:
pubkey.data = cert->data;
pubkey.size = cert->size;
need_free = false;
break;
default:
return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
}
_gnutls_debug_log("Configuration file: %s\n", db_name);
tdb->store(db_name, host, service, expiration, &pubkey);
if (need_free) {
_gnutls_free_datum(&pubkey);
}
return GNUTLS_E_SUCCESS;
}
void sim_pulse(struct device *in)
{
struct buffer buf;
buffer_init(&buf);
struct dynamic_store store;
dump_dynamic_init(&store, in);
struct istruct out_i;
inter_init(&out_i);
struct istruct out_v;
inter_init(&out_v);
struct istruct out_G;
inter_init(&out_G);
struct istruct lost_charge;
inter_init(&lost_charge);
char config_file_name[200];
if (find_config_file
(config_file_name, in->inputpath, in->simmode, "pulse") != 0) {
ewe("%s %s %s\n", _("no pulse config file found"),
in->inputpath, in->simmode);
}
printf("%s\n", config_file_name);
pulse_load_config(&pulse_config, in, config_file_name);
int number = strextract_int(config_file_name);
ntricks_externv_set_load(pulse_config.pulse_Rload);
in->go_time = FALSE;
in->time = 0.0;
time_init(in);
//time_load_mesh(in,number);
time_load_mesh(in, number);
//time_mesh_save();
//getchar();
//struct istruct pulseout;
//inter_init(&pulseout);
int ittr = 0;
int step = 0;
in->Psun = time_get_sun();
light_solve_and_update(in, &(in->mylight), time_get_sun(),
time_get_laser());
double V = 0.0;
if (pulse_config.pulse_sim_mode == pulse_load) {
sim_externalv(in, time_get_voltage());
ntricks_externv_newton(in, time_get_voltage(), FALSE);
} else if (pulse_config.pulse_sim_mode == pulse_open_circuit) {
in->Vapplied = in->Vbi;
pulse_newton_sim_voc(in);
pulse_newton_sim_voc_fast(in, FALSE);
} else {
ewe(_("pulse mode not known\n"));
}
device_timestep(in);
in->go_time = TRUE;
double extracted_through_contacts = 0.0;
double i0 = 0;
carrier_count_reset(in);
reset_np_save(in);
do {
in->Psun = time_get_sun();
light_solve_and_update(in, &(in->mylight), time_get_sun(),
time_get_laser() + time_get_fs_laser());
dump_dynamic_add_data(&store, in, in->time);
if (pulse_config.pulse_sim_mode == pulse_load) {
i0 = ntricks_externv_newton(in, time_get_voltage(),
TRUE);
} else if (pulse_config.pulse_sim_mode == pulse_open_circuit) {
V = in->Vapplied;
pulse_newton_sim_voc_fast(in, TRUE);
} else {
ewe(_("pulse mode not known\n"));
}
if (get_dump_status(dump_print_text) == TRUE) {
printf_log("%s=%e %s=%d %.1e ", _("pulse time"),
in->time, _("step"), step, in->last_error);
printf_log("Vtot=%lf %s = %e mA (%e A/m^2)\n", V,
_("current"), get_I(in) / 1e-3, get_J(in));
}
ittr++;
gui_send_data("pulse");
dump_write_to_disk(in);
plot_now(in, "pulse.plot");
inter_append(&out_i, in->time, i0);
inter_append(&out_v, in->time, V);
inter_append(&out_G, in->time, in->Gn[0]);
inter_append(&lost_charge, in->time,
extracted_through_contacts -
fabs(get_extracted_n(in) +
get_extracted_p(in)) / 2.0);
device_timestep(in);
step++;
if (time_run() == FALSE)
break;
//getchar();
} while (1);
struct istruct out_flip;
dump_dynamic_save(in->outputpath, &store);
dump_dynamic_free(&store);
buffer_malloc(&buf);
buf.y_mul = 1e3;
buf.x_mul = 1e6;
strcpy(buf.title, _("Time - current"));
strcpy(buf.type, _("xy"));
strcpy(buf.x_label, _("Time"));
strcpy(buf.y_label, _("Current"));
strcpy(buf.x_units, _("us"));
strcpy(buf.y_units, _("m"));
buf.logscale_x = 0;
buf.logscale_y = 0;
buffer_add_info(&buf);
buffer_add_xy_data(&buf, out_i.x, out_i.data, out_i.len);
buffer_dump_path(in->outputpath, "pulse_i.dat", &buf);
buffer_free(&buf);
inter_copy(&out_flip, &out_i, TRUE);
inter_mul(&out_flip, -1.0);
buffer_malloc(&buf);
buf.y_mul = 1e3;
buf.x_mul = 1e6;
strcpy(buf.title, _("Time - -current"));
strcpy(buf.type, _("xy"));
strcpy(buf.x_label, _("Time"));
strcpy(buf.y_label, _("-Current"));
strcpy(buf.x_units, _("us"));
strcpy(buf.y_units, _("mA"));
buf.logscale_x = 0;
buf.logscale_y = 0;
buffer_add_info(&buf);
buffer_add_xy_data(&buf, out_flip.x, out_flip.data, out_flip.len);
buffer_dump_path(in->outputpath, "pulse_i_pos.dat", &buf);
buffer_free(&buf);
inter_free(&out_flip);
buffer_malloc(&buf);
buf.y_mul = 1.0;
buf.x_mul = 1e6;
strcpy(buf.title, _("Time - Voltage"));
strcpy(buf.type, _("xy"));
strcpy(buf.x_label, _("Time"));
strcpy(buf.y_label, _("Volts"));
strcpy(buf.x_units, _("us"));
strcpy(buf.y_units, _("Voltage"));
buf.logscale_x = 0;
buf.logscale_y = 0;
buffer_add_info(&buf);
buffer_add_xy_data(&buf, out_v.x, out_v.data, out_v.len);
buffer_dump_path(in->outputpath, "pulse_v.dat", &buf);
buffer_free(&buf);
buffer_malloc(&buf);
buf.y_mul = 1.0;
buf.x_mul = 1e6;
strcpy(buf.title, _("Time - Photogeneration rate"));
strcpy(buf.type, _("xy"));
strcpy(buf.x_label, _("Time"));
strcpy(buf.y_label, _("Generation rate"));
strcpy(buf.x_units, _("s"));
strcpy(buf.y_units, _("m^{-3} s^{-1}"));
buf.logscale_x = 0;
buf.logscale_y = 0;
buffer_add_info(&buf);
buffer_add_xy_data(&buf, out_G.x, out_G.data, out_G.len);
buffer_dump_path(in->outputpath, "pulse_G.dat", &buf);
buffer_free(&buf);
//sprintf(outpath,"%s%s",in->outputpath,"pulse_lost_charge.dat");
//inter_save(&lost_charge,outpath);
in->go_time = FALSE;
inter_free(&out_G);
inter_free(&out_i);
inter_free(&out_v);
time_memory_free();
}
int main(int argc, char **argv)
{
int port = 0;
int messagenumber = 5;
char local_addr[256];
char c;
int mclient = 1;
unsigned char ifname[1025] = "\0";
char peer_address[129] = "\0";
int peer_port = PEER_DEFAULT_PORT;
set_execdir();
srandom((unsigned int) time(NULL));
memset(local_addr, 0, sizeof(local_addr));
while ((c = getopt(argc, argv, "d:p:l:n:L:m:e:r:u:w:i:k:z:vsyhcxgtS")) != -1) {
switch (c){
case 'z':
RTP_PACKET_INTERVAL = atoi(optarg);
break;
case 'u':
STRCPY(g_uname, optarg);
break;
case 'w':
STRCPY(g_upwd, optarg);
break;
case 'g':
dont_fragment = 1;
break;
case 'd':
STRCPY(ifname, optarg);
break;
case 'x':
default_address_family
= STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6;
break;
case 'l':
clmessage_length = atoi(optarg);
break;
case 's':
use_send_method = 1;
break;
case 'n':
messagenumber = atoi(optarg);
break;
case 'p':
port = atoi(optarg);
break;
case 'L':
STRCPY(local_addr, optarg);
break;
case 'e':
STRCPY(peer_address, optarg);
break;
case 'r':
peer_port = atoi(optarg);
break;
case 'v':
clnet_verbose = 1;
break;
case 'h':
hang_on = 1;
break;
case 'c':
no_rtcp = 1;
break;
case 'm':
mclient = atoi(optarg);
break;
case 'y':
c2c = 1;
break;
case 't':
use_tcp = 1;
break;
case 'S':
use_secure = 1;
break;
case 'i':
{
char* fn = find_config_file(optarg,1);
if(!fn) {
fprintf(stderr,"ERROR: file %s not found\n",optarg);
exit(-1);
}
strcpy(cert_file,fn);
free(fn);
break;
}
case 'k':
{
char* fn = find_config_file(optarg,1);
if(!fn) {
fprintf(stderr,"ERROR: file %s not found\n",optarg);
exit(-1);
}
STRCPY(pkey_file,fn);
free(fn);
break;
}
default:
fprintf(stderr, "%s\n", Usage);
exit(1);
}
}
if(port == 0) {
if(use_secure)
port = DEFAULT_STUN_TLS_PORT;
else
port = DEFAULT_STUN_PORT;
}
if (clmessage_length < (int) sizeof(message_info))
clmessage_length = (int) sizeof(message_info);
if (optind >= argc) {
fprintf(stderr, "%s\n", Usage);
exit(-1);
}
if (!c2c) {
if (make_ioa_addr((const u08bits*) peer_address, peer_port, &peer_addr) < 0)
return -1;
}
/* SSL Init ==>> */
if(use_secure) {
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
if(use_tcp) {
root_tls_ctx = SSL_CTX_new(TLSv1_client_method());
} else {
#if !defined(BIO_CTRL_DGRAM_QUERY_MTU)
fprintf(stderr,"ERROR: DTLS is not supported.\n");
exit(-1);
#else
if(OPENSSL_VERSION_NUMBER < 0x10000000L) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "WARNING: OpenSSL version is rather old, DTLS may not be working correctly.\n");
}
root_tls_ctx = SSL_CTX_new(DTLSv1_client_method());
#endif
}
SSL_CTX_set_cipher_list(root_tls_ctx, "DEFAULT");
if (!SSL_CTX_use_certificate_file(root_tls_ctx, cert_file,
SSL_FILETYPE_PEM)) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no certificate found!\n");
exit(-1);
}
if (!SSL_CTX_use_PrivateKey_file(root_tls_ctx, pkey_file,
SSL_FILETYPE_PEM)) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no private key found!\n");
exit(-1);
}
if (!SSL_CTX_check_private_key(root_tls_ctx)) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: invalid private key!\n");
exit(-1);
}
SSL_CTX_set_verify_depth(root_tls_ctx, 2);
SSL_CTX_set_read_ahead(root_tls_ctx, 1);
}
start_mclient(argv[optind], port, ifname, local_addr, messagenumber, mclient);
return 0;
}
