THREAD_RETURN YASSL_API server_test(void* args) { #ifdef _WIN32 WSADATA wsd; WSAStartup(0x0002, &wsd); #endif SOCKET_T sockfd = 0; SOCKET_T clientfd = 0; int argc = 0; char** argv = 0; set_args(argc, argv, *static_cast<func_args*>(args)); tcp_accept(sockfd, clientfd, *static_cast<func_args*>(args)); tcp_close(sockfd); SSL_METHOD* method = TLSv1_server_method(); SSL_CTX* ctx = SSL_CTX_new(method); //SSL_CTX_set_cipher_list(ctx, "RC4-SHA:RC4-MD5"); SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0); set_serverCerts(ctx); DH* dh = set_tmpDH(ctx); SSL* ssl = SSL_new(ctx); SSL_set_fd(ssl, clientfd); #ifdef NON_BLOCKING NonBlockingSSL_Accept(ssl, ctx, clientfd); #else if (SSL_accept(ssl) != SSL_SUCCESS) ServerError(ctx, ssl, clientfd, "SSL_accept failed"); #endif showPeer(ssl); printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl)); char command[1024]; int input = SSL_read(ssl, command, sizeof(command)); if (input > 0) { command[input] = 0; printf("First client command: %s\n", command); } char msg[] = "I hear you, fa shizzle!"; if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) ServerError(ctx, ssl, clientfd, "SSL_write failed"); DH_free(dh); SSL_CTX_free(ctx); SSL_shutdown(ssl); SSL_free(ssl); tcp_close(clientfd); ((func_args*)args)->return_code = 0; return 0; }
LogInDialog::LogInDialog(QWidget *parent) : QDialog(parent), ui(new Ui::LogInDialog) { ui->setupUi(this); NetManager::GetInstance().DummyInit(); QObject::connect(&NetManager::GetInstance(), SIGNAL(sigServerConnected()), this, SLOT(ServerConnected())); QObject::connect(&NetManager::GetInstance(), SIGNAL(sigServerError(QString)), this, SLOT(ServerError(QString))); QObject::connect(&NetManager::GetInstance(), SIGNAL(sigLogInOK()), this, SLOT(WhenLogInOK())); QObject::connect(&NetManager::GetInstance(), SIGNAL(sigLogInFAIL(QString)), this, SLOT(WhenlogInFAIL(QString))); QObject::connect(ui->btnClose, SIGNAL(clicked()), this, SLOT( ExitNow())); QObject::connect(ui->btnLogin, SIGNAL(clicked()), this, SLOT(LogIn())); QObject::connect(ui->btnRegister, SIGNAL(clicked()), this, SLOT(RegisterUser())); ui->progressMsg->setStyleSheet("QLabel { color : red; }"); //init state disable ui->btnLogin->setEnabled(false); ui->btnRegister->setEnabled(false); ui->UserPasswdInput->setEchoMode(QLineEdit::Password); }
void GameSpyServer::setup(const char *host, int port) { m_sHost = host; m_iPort = port; m_iNumPlayers = 0; m_iMaxPlayers = 0; m_pUdpSocket = new QUdpSocket(this); { int port = 5000; while(!m_pUdpSocket->bind(QHostAddress::Any, port)) { delete m_pUdpSocket; m_pUdpSocket = new QUdpSocket(this); // FIXME port++; if(port == 5040) throw ServerError(QString("GameSpyServer: " "can't listen: ") + m_pUdpSocket->errorString()); } qDebug() << tr("GameSpyServer: listening on port %1").arg(port); } connect(m_pUdpSocket, SIGNAL(readyRead()), this, SLOT(receiveData())); m_pTimer = new QTimer(this); m_pTimer->setSingleShot(false); connect(m_pTimer, SIGNAL(timeout()), this, SLOT(query())); m_pTimer->start(30000); query(); }
void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd) { int ret = SSL_accept(ssl); while (ret != SSL_SUCCESS && SSL_get_error(ssl, 0) == SSL_ERROR_WANT_READ) { printf("... server would block\n"); #ifdef _WIN32 Sleep(1000); #else sleep(1); #endif ret = SSL_accept(ssl); } if (ret != SSL_SUCCESS) ServerError(ctx, ssl, clientfd, "SSL_accept failed"); }
GameSpyServer::GameSpyServer(const QString ¶m) { QRegExp reg("^([^ ]+) ([0-9]+)$"); if(reg.indexIn(param) != -1) { bool ok; int port = reg.cap(2).toInt(&ok, 10); if(ok && port >= 1 && port <= 65535) { setup(reg.cap(1).toLatin1(), port); return ; } } throw ServerError(tr("GameSpyServer: invalid configuration")); }
void Connection::checkErrors() const { mpd_error code = mpd_connection_get_error(m_connection.get()); if (code != MPD_ERROR_SUCCESS) { std::string msg = mpd_connection_get_error_message(m_connection.get()); if (code == MPD_ERROR_SERVER) { mpd_server_error server_code = mpd_connection_get_server_error(m_connection.get()); bool clearable = mpd_connection_clear_error(m_connection.get()); throw ServerError(server_code, msg, clearable); } else { bool clearable = mpd_connection_clear_error(m_connection.get()); throw ClientError(code, msg, clearable); } } }
void ODGServerThread::run() { try { if (!m_server) { m_server.reset(new Server(io_service,m_port)); connect( (Server*) m_server.get(),SIGNAL(NewMessage(std::string)), this, SLOT(slotThreadNewMessage(std::string))); } emit NewLogMessage("Online Data Generator has started!"); DBLogger::singleton()->LD_LogEvent(events::EVENT_ODG_SERVER_START_LISTEN,"ODG. Начало работы сервера",0); io_service.run(); } catch (std::exception& ex) { emit ServerError("Server error: " + std::string(ex.what())); } }
//======================= // PUBLIC //======================= WebServer::WebServer() : QWebSocketServer("pc-restserver", QWebSocketServer::NonSecureMode){ csock = 0; //no current socket connected //Setup all the various settings idletimer = new QTimer(this); idletimer->setInterval(5000); //every 5 seconds idletimer->setSingleShot(true); //Any SSL changes /*QSslConfiguration ssl = this->sslConfiguration(); ssl.setProtocol(QSsl::SecureProtocols); this->setSslConfiguration(ssl);*/ //Setup Connections connect(idletimer, SIGNAL(timeout()), this, SLOT(checkIdle()) ); connect(this, SIGNAL(closed()), this, SLOT(ServerClosed()) ); connect(this, SIGNAL(serverError(QWebSocketProtocol::CloseCode)), this, SLOT(ServerError(QWebSocketProtocol::CloseCode)) ); connect(this, SIGNAL(newConnection()), this, SLOT(NewSocketConnection()) ); connect(this, SIGNAL(acceptError(QAbstractSocket::SocketError)), this, SLOT(NewConnectError(QAbstractSocket::SocketError)) ); connect(this, SIGNAL(originAuthenticationRequired(QWebSocketCorsAuthenticator*)), this, SLOT(OriginAuthRequired(QWebSocketCorsAuthenticator*)) ); connect(this, SIGNAL(peerVerifyError(const QSslError&)), this, SLOT(PeerVerifyError(const QSslError&)) ); connect(this, SIGNAL(sslErrors(const QList<QSslError>&)), this, SLOT(SslErrors(const QList<QSslError>&)) ); }
//=================== // PRIVATE //=================== bool WebServer::setupWebSocket(quint16 port){ WSServer = new QWebSocketServer("sysadm-server", QWebSocketServer::SecureMode, this); //SSL Configuration QSslConfiguration config = QSslConfiguration::defaultConfiguration(); QFile CF( QStringLiteral(SSLCERTFILE) ); if(CF.open(QIODevice::ReadOnly) ){ QSslCertificate CERT(&CF,QSsl::Pem); config.setLocalCertificate( CERT ); CF.close(); }else{ qWarning() << "Could not read WS certificate file:" << CF.fileName(); } QFile KF( QStringLiteral(SSLKEYFILE)); if(KF.open(QIODevice::ReadOnly) ){ QSslKey KEY(&KF, QSsl::Rsa, QSsl::Pem); config.setPrivateKey( KEY ); KF.close(); }else{ qWarning() << "Could not read WS key file:" << KF.fileName(); } config.setPeerVerifyMode(QSslSocket::VerifyNone); config.setProtocol(SSLVERSION); WSServer->setSslConfiguration(config); //Setup Connections connect(WSServer, SIGNAL(newConnection()), this, SLOT(NewSocketConnection()) ); connect(WSServer, SIGNAL(acceptError(QAbstractSocket::SocketError)), this, SLOT(NewConnectError(QAbstractSocket::SocketError)) ); // -- websocket specific signals connect(WSServer, SIGNAL(closed()), this, SLOT(ServerClosed()) ); connect(WSServer, SIGNAL(serverError(QWebSocketProtocol::CloseCode)), this, SLOT(ServerError(QWebSocketProtocol::CloseCode)) ); connect(WSServer, SIGNAL(originAuthenticationRequired(QWebSocketCorsAuthenticator*)), this, SLOT(OriginAuthRequired(QWebSocketCorsAuthenticator*)) ); connect(WSServer, SIGNAL(peerVerifyError(const QSslError&)), this, SLOT(PeerVerifyError(const QSslError&)) ); connect(WSServer, SIGNAL(sslErrors(const QList<QSslError>&)), this, SLOT(SslErrors(const QList<QSslError>&)) ); connect(WSServer, SIGNAL(acceptError(QAbstractSocket::SocketError)), this, SLOT(ConnectError(QAbstractSocket::SocketError)) ); //Now start the server return WSServer->listen(QHostAddress::Any, port); }
CAgentLoadBalancer::KWKEntry *CAgentLoadBalancer::CreateKWK ( Long64 i_lKMAID, struct soap * const i_pstSoap, const char * const i_sURL, bool * const o_pbClientAESKeyWrapSetupError) { FATAL_ASSERT(i_pstSoap); FATAL_ASSERT(i_sURL); int bSuccess = FALSE; KWKEntry *oKWKEntry = new KWKEntry; oKWKEntry->m_lKMAID = i_lKMAID; *o_pbClientAESKeyWrapSetupError = false; bSuccess = GetPseudorandomBytes(sizeof (oKWKEntry->m_acKWK), oKWKEntry->m_acKWK); if (!bSuccess) { Log(AUDIT_CLIENT_AGENT_CREATE_KWK_RNG_ERROR, NULL, NULL, "Error from RNG"); *o_pbClientAESKeyWrapSetupError = true; delete(oKWKEntry); return NULL; } #if defined(DEBUG) char sHexKWK[2*KMS_MAX_KEY_SIZE+1]; ConvertBinaryToUTF8HexString( sHexKWK, oKWKEntry->m_acKWK, sizeof (oKWKEntry->m_acKWK)); #if defined(METAWARE) log_printf("CAgentLoadBalancer::CreateKWK(): KWK hex=%s\n", sHexKWK); #else // printf("CAgentLoadBalancer::CreateKWK(): KWK hex=%s\n", // sHexKWK); #endif #endif CPublicKey oPublicKEK; bSuccess = GetKWKWrappingKey(i_pstSoap, i_sURL, &oPublicKEK); if (!bSuccess) { // GetKWKWrappingKey logs errors if (!ServerError(GET_SOAP_FAULTSTRING(i_pstSoap),i_pstSoap->errnum)) { *o_pbClientAESKeyWrapSetupError = true; } delete(oKWKEntry); return NULL; } unsigned char acWrappedKWK[MAX_RSA_PUB_KEY_LENGTH]; int iWrappedKWKLength; bSuccess = oPublicKEK.Encrypt(sizeof (oKWKEntry->m_acKWK), oKWKEntry->m_acKWK, (unsigned char *) acWrappedKWK, &iWrappedKWKLength); if (!bSuccess) { Log(AUDIT_CLIENT_AGENT_CREATE_KWK_PUBLIC_ENCRYPT_ERROR, NULL, NULL, "Error encrypting KWK with KMA public key"); *o_pbClientAESKeyWrapSetupError = true; delete(oKWKEntry); return NULL; } //#if defined(DEBUG) && !defined(METAWARE) // char sHexWrappedKWK[2*MAX_RSA_PUB_KEY_LENGTH+1]; // ConvertBinaryToUTF8HexString( sHexWrappedKWK, acWrappedKWK, iWrappedKWKLength); // printf("CAgentLoadBalancer::CreateKWK(): wrapped KWK hex=%s\n", // sHexWrappedKWK); //#endif // register the new KWK bSuccess = RegisterKWK(iWrappedKWKLength, acWrappedKWK, i_pstSoap, i_sURL, oKWKEntry->m_acKWKID); if (!bSuccess) { // RegisterKWK logs errors if (!ServerError(GET_SOAP_FAULTSTRING(i_pstSoap), i_pstSoap->error)) { *o_pbClientAESKeyWrapSetupError = true; } delete(oKWKEntry); return NULL; } // save the new KWK entry in an empty slot in the array for (int i=0; i < m_iKWKEntryNum && i < KMS_MAX_CLUSTER_NUM; i++) { if (m_aKWKEntries[i] == NULL) { m_aKWKEntries[i] = oKWKEntry; return oKWKEntry; } } // no empty slots so add it to the end m_aKWKEntries[m_iKWKEntryNum++] = oKWKEntry; return oKWKEntry; }
int CAgentLoadBalancer::FailOver (int i_iFailedApplianceIndex, struct soap *i_pstSoap) { FATAL_ASSERT(i_pstSoap); CAutoMutex oAutoMutex((K_MUTEX_HANDLE) m_pProfile->m_pLock); const char *strError = GET_SOAP_FAULTSTRING(i_pstSoap); int iSoapErrno = i_pstSoap->errnum; int iErrorCode = GET_FAULT_CODE(strError); int i; if ( m_bFIPS && KMSClient_NoFIPSCompatibleKMAs(m_pProfile)) { return NO_FIPS_KMA_AVAILABLE; } m_pProfile->m_iFailoverAttempts++; /* * if KWK is not registered, or mismatched, most likely KMA lost its key due to a service * restart. Call RegisterKWK to re-register the KWK. * If RegisterKWK fails proceed from here with new failover info */ if ( iErrorCode == CLIENT_ERROR_AGENT_KWK_NOT_REGISTERED || iErrorCode == CLIENT_ERROR_AGENT_KWK_ID_MISMATCH ) { LogError(m_pProfile, AGENT_LOADBALANCER_FAILOVER, NULL, m_aCluster[i_iFailedApplianceIndex].m_wsApplianceNetworkAddress, "KWK not registered or ID mismatch - registering"); // delete the KWK entry since the KMA no longer has it DeleteKWKEntry( GetKMAID(i_iFailedApplianceIndex)); return i_iFailedApplianceIndex; } bool bServerError = false; // if the request failed due to a Server Busy error, and if // - transaction timeout has not been exceeded OR // - failover attempts remain // then failover if (iErrorCode == CLIENT_ERROR_SERVER_BUSY && (K_GetTickCount() < m_iTransactionStartTimeInMilliseconds + (m_pProfile->m_iTransactionTimeout * 1000) || !CAgentLoadBalancer::FailOverLimit())) { LogError(m_pProfile, AGENT_LOADBALANCER_FAILOVER, NULL, m_aCluster[i_iFailedApplianceIndex].m_wsApplianceNetworkAddress, "Server Busy - failing over"); bServerError = true; } else if (ServerError(strError,iSoapErrno)) { bServerError = true; } else { if (i_iFailedApplianceIndex == AES_KEY_WRAP_SETUP_ERROR) { return AES_KEY_WRAP_SETUP_ERROR; } else { return CLIENT_SIDE_ERROR; // it is a client side problem, don't fail over } } // disable the failed Appliance in the profile, and // re-sort the cluster array, so transactions in other threads // will not send requests to the same failed Appliance #if defined(METAWARE) log_cond_printf(ECPT_LOG_AGENT, "CAgentLoadBalancer::Failover(): FailoverAttempts=%d\n", m_pProfile->m_iFailoverAttempts); #endif for (i = 0; i < m_pProfile->m_iClusterNum; i++) { if (m_pProfile->m_aCluster[i].m_lApplianceID == m_aCluster[i_iFailedApplianceIndex].m_lApplianceID) { m_pProfile->m_aCluster[i].m_iResponding = FALSE; break; } } KMSClient_SortClusterArray(m_pProfile); // mark the failed Appliance as not responding (unlike the case // above which is conditional on bServerError, this marking is // only local to this transaction; it must be done to ensure that // this transaction does not cycle in its fail-over loop.) m_aCluster[i_iFailedApplianceIndex].m_iResponding = FALSE; if (!CAgentLoadBalancer::FailOverLimit()) { // now try to fail over to all other Appliances that are // apparently enabled and responding for (i = 0; i < m_iClusterNum; i++) { if (m_aCluster[i].m_iEnabled == TRUE && m_aCluster[i].m_iResponding == TRUE && m_aCluster[i].m_iKMALocked == FALSE) { Log(AGENT_LOADBALANCER_FAILOVER, NULL, m_aCluster[i].m_wsApplianceNetworkAddress, "Failing over to this addr"); return i; } } // now retry KMAs previously reported as not responding m_iLastAttemptedWhenNoneResponding++; if (m_iLastAttemptedWhenNoneResponding >= m_iClusterNum) { m_iLastAttemptedWhenNoneResponding = m_iLastAttemptedWhenNoneResponding % m_iClusterNum; } Log(AGENT_LOADBALANCER_FAILOVER, NULL, m_aCluster[m_iLastAttemptedWhenNoneResponding].m_wsApplianceNetworkAddress, "Failing over to retry this addr"); return m_iLastAttemptedWhenNoneResponding; } else { Log(AGENT_LOADBALANCER_FAILOVER, NULL, NULL, "Failover limit reached"); } return m_bFIPS ? NO_FIPS_KMA_AVAILABLE : NO_KMA_AVAILABLE; }