bool Plugin::onLoad(LightBird::IApi *api)
{
int error;
const char *err_pos = NULL;
this->api = api;
try
{
ASSERT_INIT(gnutls_global_init(), "global");
if (!gnutls_check_version(GNUTLS_CHECK_VERSION))
throw Properties("error", "Bad GnuTLS version").add("version required", GNUTLS_CHECK_VERSION);
gnutls_global_set_audit_log_function(Plugin::log);
this->_loadConfiguration();
this->_loadPrivateKey();
this->_loadCertificate();
this->_loadDHParams();
ASSERT_INIT(gnutls_certificate_allocate_credentials(&this->x509_cred), "credentials");
ASSERT(gnutls_certificate_set_x509_key(this->x509_cred, &this->crt, 1, this->key));
ASSERT_INIT(gnutls_priority_init(&this->priority, this->priorityStrings.data(), &err_pos), "priority");
gnutls_certificate_set_dh_params(this->x509_cred, this->dhParams);
}
catch (Properties p)
{
if (err_pos)
p.add("error position", err_pos).add("priority string", this->priorityStrings);
LOG_FATAL("Unable to initialize GnuTLS", p.toMap(), "Plugin", "onLoad");
this->_deinit();
return (false);
}
this->api->contexts().declareInstance("handshake", (this->handshake = new Handshake(this->api, this->handshakeTimeout)));
this->api->contexts().declareInstance("record", (this->record = new Record(this->api)));
return (true);
}
int main()
{
gnutls_global_init();
gnutls_global_set_log_function(logfn);
gnutls_global_set_audit_log_function(auditfn);
gnutls_global_set_log_level(-99);
nonblock = 0;
debug = 0;
run_tests(1000);
gnutls_global_deinit();
}
Tls_globals::Tls_globals()
{
int result = gnutls_global_init();
if (result != GNUTLS_E_SUCCESS)
{
std::string msg("Unable to initialize the TLS Library: [");
msg.append(gnutls_strerror(result));
msg.append("]");
throw LJ__Exception(msg);
}
gnutls_global_set_log_level(10);
gnutls_global_set_log_function(&tls_debug_logger);
gnutls_global_set_audit_log_function(&tls_audit_logger);
if (nullptr == gnutls_check_version("3.0.23"))
{
throw logjam::Tls_exception("gnutls version 3.0.23 or higher is required.", 0);
}
}
int main(int argc, const char* argv[])
{
int dropMode = 0;
int serverFinishedPermute = 0;
int serverHelloPermute = 0;
int clientFinishedPermute = 0;
int batch = 0;
int arg;
nonblock = 0;
debug = 0;
timeout_seconds = 120;
retransmit_milliseconds = 100;
full = 0;
run_to_end = 1;
job_limit = 1;
#define NEXT_ARG(name) \
do { \
if (++arg >= argc) { \
fprintf(stderr, "No argument for -" #name "\n"); \
exit(8); \
} \
} while (0);
#define FAIL_ARG(name) \
do { \
fprintf(stderr, "Invalid argument for -" #name "\n"); \
exit(8); \
} while (0);
for (arg = 1; arg < argc; arg++) {
if (strcmp("-die", argv[arg]) == 0) {
run_to_end = 0;
} else if (strcmp("-batch", argv[arg]) == 0) {
batch = 1;
} else if (strcmp("-d", argv[arg]) == 0) {
char* end;
int level = strtol(argv[arg+1], &end, 10);
if (*end == '\0') {
debug = level;
arg++;
} else {
debug++;
}
} else if (strcmp("-nb", argv[arg]) == 0) {
nonblock = 1;
} else if (strcmp("-timeout", argv[arg]) == 0) {
char* end;
int val;
NEXT_ARG(timeout);
val = strtol(argv[arg], &end, 10);
if (*end == '\0') {
timeout_seconds = val;
} else {
FAIL_ARG(timeout);
}
} else if (strcmp("-retransmit", argv[arg]) == 0) {
char* end;
int val;
NEXT_ARG(retransmit);
val = strtol(argv[arg], &end, 10);
if (*end == '\0') {
retransmit_milliseconds = val;
} else {
FAIL_ARG(retransmit);
}
} else if (strcmp("-j", argv[arg]) == 0) {
char* end;
int val;
NEXT_ARG(timeout);
val = strtol(argv[arg], &end, 10);
if (*end == '\0') {
job_limit = val;
} else {
FAIL_ARG(j);
}
} else if (strcmp("-full", argv[arg]) == 0) {
full = 1;
} else if (strcmp("-shello", argv[arg]) == 0) {
NEXT_ARG(shello);
if (!parse_permutation(argv[arg], full ? permutation_names5 : permutation_names3, &serverHelloPermute)) {
FAIL_ARG(shell);
}
} else if (strcmp("-sfinished", argv[arg]) == 0) {
NEXT_ARG(sfinished);
if (!parse_permutation(argv[arg], permutation_names2, &serverFinishedPermute)) {
FAIL_ARG(sfinished);
}
} else if (strcmp("-cfinished", argv[arg]) == 0) {
NEXT_ARG(cfinished);
if (!parse_permutation(argv[arg], full ? permutation_names5 : permutation_names3, &clientFinishedPermute)) {
FAIL_ARG(cfinished);
}
} else {
int drop;
int filter_count = full ? 12 : 8;
const char** local_filter_names = full ? filter_names_full : filter_names;
for (drop = 0; drop < filter_count; drop++) {
if (strcmp(local_filter_names[drop], argv[arg]) == 0) {
dropMode |= (1 << drop);
break;
}
}
if (drop == filter_count) {
fprintf(stderr, "Unknown packet %s\n", argv[arg]);
exit(8);
}
}
}
setlinebuf(stdout);
gnutls_global_init();
cred_init();
gnutls_global_set_log_function(logfn);
gnutls_global_set_audit_log_function(auditfn);
gnutls_global_set_log_level(debug);
if (dropMode || serverFinishedPermute || serverHelloPermute || clientFinishedPermute) {
return run_one_test(dropMode, serverFinishedPermute, serverHelloPermute, clientFinishedPermute);
} else {
job_pids = calloc(sizeof(int), job_limit);
if (batch) {
return run_tests_from_id_list(job_limit);
} else {
return run_all_tests(job_limit);
}
}
}
/** CryWrap entry point.
* This is the main entry point - controls the whole program and so
* on...
*/
int main(int argc, char **argv, char **envp)
{
crywrap_config_t *config;
int server_socket;
openlog(__CRYWRAP__, LOG_PID, LOG_DAEMON);
gnutls_global_set_audit_log_function(tls_audit_log_func);
if (gnutls_global_init() < 0) {
cry_error("%s", "Global TLS state initialisation failed.");
exit(1);
}
if (gnutls_certificate_allocate_credentials(&cred) < 0) {
cry_error("%s", "Couldn't allocate credentials.");
exit(1);
}
stringprep_locale_charset();
config = _crywrap_config_parse(argc, argv);
_crywrap_tls_init();
if (config->inetd) {
_crywrap_privs_drop(config);
exit(_crywrap_do_one(config, 0, 1));
}
if (!config->debug)
if (daemon(0, 0)) {
cry_error("daemon: %s", strerror(errno));
exit(1);
}
cry_log("%s", "Crywrap starting...");
server_socket = _crywrap_listen(config);
if (server_socket < 0)
exit(1);
if (!config->debug)
_crywrap_setup_pidfile(config);
_crywrap_privs_drop(config);
signal(SIGTERM, _crywrap_sighandler);
signal(SIGQUIT, _crywrap_sighandler);
signal(SIGSEGV, _crywrap_sighandler);
signal(SIGPIPE, SIG_IGN);
signal(SIGHUP, SIG_IGN);
signal(SIGCHLD, _crywrap_sigchld_handler);
cry_log("%s", "Accepting connections");
for (;;) {
int csock;
int child;
csock = accept(server_socket, NULL, NULL);
if (csock < 0)
continue;
child = fork();
switch (child) {
case 0:
exit(_crywrap_do_one(config, csock, csock));
break;
case -1:
cry_error("%s", "Forking error.");
exit(1);
break;
}
close(csock);
}
return 0;
}
