THREAD_RETURN YASSL_API server_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
SOCKET_T clientfd = 0;
int argc = 0;
char** argv = 0;
set_args(argc, argv, *static_cast<func_args*>(args));
tcp_accept(sockfd, clientfd, *static_cast<func_args*>(args));
tcp_close(sockfd);
SSL_METHOD* method = TLSv1_server_method();
SSL_CTX* ctx = SSL_CTX_new(method);
//SSL_CTX_set_cipher_list(ctx, "RC4-SHA:RC4-MD5");
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
set_serverCerts(ctx);
DH* dh = set_tmpDH(ctx);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd);
#ifdef NON_BLOCKING
NonBlockingSSL_Accept(ssl, ctx, clientfd);
#else
if (SSL_accept(ssl) != SSL_SUCCESS)
ServerError(ctx, ssl, clientfd, "SSL_accept failed");
#endif
showPeer(ssl);
printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));
char command[1024];
int input = SSL_read(ssl, command, sizeof(command));
if (input > 0) {
command[input] = 0;
printf("First client command: %s\n", command);
}
char msg[] = "I hear you, fa shizzle!";
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
ServerError(ctx, ssl, clientfd, "SSL_write failed");
DH_free(dh);
SSL_CTX_free(ctx);
SSL_shutdown(ssl);
SSL_free(ssl);
tcp_close(clientfd);
((func_args*)args)->return_code = 0;
return 0;
}
LogInDialog::LogInDialog(QWidget *parent) :
QDialog(parent),
ui(new Ui::LogInDialog)
{
ui->setupUi(this);
NetManager::GetInstance().DummyInit();
QObject::connect(&NetManager::GetInstance(), SIGNAL(sigServerConnected()),
this, SLOT(ServerConnected()));
QObject::connect(&NetManager::GetInstance(), SIGNAL(sigServerError(QString)),
this, SLOT(ServerError(QString)));
QObject::connect(&NetManager::GetInstance(), SIGNAL(sigLogInOK()),
this, SLOT(WhenLogInOK()));
QObject::connect(&NetManager::GetInstance(), SIGNAL(sigLogInFAIL(QString)),
this, SLOT(WhenlogInFAIL(QString)));
QObject::connect(ui->btnClose, SIGNAL(clicked()), this, SLOT( ExitNow()));
QObject::connect(ui->btnLogin, SIGNAL(clicked()), this, SLOT(LogIn()));
QObject::connect(ui->btnRegister, SIGNAL(clicked()), this, SLOT(RegisterUser()));
ui->progressMsg->setStyleSheet("QLabel { color : red; }");
//init state disable
ui->btnLogin->setEnabled(false);
ui->btnRegister->setEnabled(false);
ui->UserPasswdInput->setEchoMode(QLineEdit::Password);
}
void GameSpyServer::setup(const char *host, int port)
{
m_sHost = host; m_iPort = port; m_iNumPlayers = 0; m_iMaxPlayers = 0;
m_pUdpSocket = new QUdpSocket(this);
{
int port = 5000;
while(!m_pUdpSocket->bind(QHostAddress::Any, port))
{
delete m_pUdpSocket; m_pUdpSocket = new QUdpSocket(this); // FIXME
port++;
if(port == 5040)
throw ServerError(QString("GameSpyServer: "
"can't listen: ") + m_pUdpSocket->errorString());
}
qDebug() << tr("GameSpyServer: listening on port %1").arg(port);
}
connect(m_pUdpSocket, SIGNAL(readyRead()), this, SLOT(receiveData()));
m_pTimer = new QTimer(this);
m_pTimer->setSingleShot(false);
connect(m_pTimer, SIGNAL(timeout()), this, SLOT(query()));
m_pTimer->start(30000);
query();
}
void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd)
{
int ret = SSL_accept(ssl);
while (ret != SSL_SUCCESS && SSL_get_error(ssl, 0) ==
SSL_ERROR_WANT_READ) {
printf("... server would block\n");
#ifdef _WIN32
Sleep(1000);
#else
sleep(1);
#endif
ret = SSL_accept(ssl);
}
if (ret != SSL_SUCCESS)
ServerError(ctx, ssl, clientfd, "SSL_accept failed");
}
GameSpyServer::GameSpyServer(const QString ¶m)
{
QRegExp reg("^([^ ]+) ([0-9]+)$");
if(reg.indexIn(param) != -1)
{
bool ok;
int port = reg.cap(2).toInt(&ok, 10);
if(ok && port >= 1 && port <= 65535)
{
setup(reg.cap(1).toLatin1(), port);
return ;
}
}
throw ServerError(tr("GameSpyServer: invalid configuration"));
}
void Connection::checkErrors() const
{
mpd_error code = mpd_connection_get_error(m_connection.get());
if (code != MPD_ERROR_SUCCESS)
{
std::string msg = mpd_connection_get_error_message(m_connection.get());
if (code == MPD_ERROR_SERVER)
{
mpd_server_error server_code = mpd_connection_get_server_error(m_connection.get());
bool clearable = mpd_connection_clear_error(m_connection.get());
throw ServerError(server_code, msg, clearable);
}
else
{
bool clearable = mpd_connection_clear_error(m_connection.get());
throw ClientError(code, msg, clearable);
}
}
}
void ODGServerThread::run()
{
try
{
if (!m_server)
{
m_server.reset(new Server(io_service,m_port));
connect( (Server*) m_server.get(),SIGNAL(NewMessage(std::string)),
this, SLOT(slotThreadNewMessage(std::string)));
}
emit NewLogMessage("Online Data Generator has started!");
DBLogger::singleton()->LD_LogEvent(events::EVENT_ODG_SERVER_START_LISTEN,"ODG. Начало работы сервера",0);
io_service.run();
}
catch (std::exception& ex)
{
emit ServerError("Server error: " + std::string(ex.what()));
}
}
//=======================
// PUBLIC
//=======================
WebServer::WebServer() : QWebSocketServer("pc-restserver", QWebSocketServer::NonSecureMode){
csock = 0; //no current socket connected
//Setup all the various settings
idletimer = new QTimer(this);
idletimer->setInterval(5000); //every 5 seconds
idletimer->setSingleShot(true);
//Any SSL changes
/*QSslConfiguration ssl = this->sslConfiguration();
ssl.setProtocol(QSsl::SecureProtocols);
this->setSslConfiguration(ssl);*/
//Setup Connections
connect(idletimer, SIGNAL(timeout()), this, SLOT(checkIdle()) );
connect(this, SIGNAL(closed()), this, SLOT(ServerClosed()) );
connect(this, SIGNAL(serverError(QWebSocketProtocol::CloseCode)), this, SLOT(ServerError(QWebSocketProtocol::CloseCode)) );
connect(this, SIGNAL(newConnection()), this, SLOT(NewSocketConnection()) );
connect(this, SIGNAL(acceptError(QAbstractSocket::SocketError)), this, SLOT(NewConnectError(QAbstractSocket::SocketError)) );
connect(this, SIGNAL(originAuthenticationRequired(QWebSocketCorsAuthenticator*)), this, SLOT(OriginAuthRequired(QWebSocketCorsAuthenticator*)) );
connect(this, SIGNAL(peerVerifyError(const QSslError&)), this, SLOT(PeerVerifyError(const QSslError&)) );
connect(this, SIGNAL(sslErrors(const QList<QSslError>&)), this, SLOT(SslErrors(const QList<QSslError>&)) );
}
//===================
// PRIVATE
//===================
bool WebServer::setupWebSocket(quint16 port){
WSServer = new QWebSocketServer("sysadm-server", QWebSocketServer::SecureMode, this);
//SSL Configuration
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
QFile CF( QStringLiteral(SSLCERTFILE) );
if(CF.open(QIODevice::ReadOnly) ){
QSslCertificate CERT(&CF,QSsl::Pem);
config.setLocalCertificate( CERT );
CF.close();
}else{
qWarning() << "Could not read WS certificate file:" << CF.fileName();
}
QFile KF( QStringLiteral(SSLKEYFILE));
if(KF.open(QIODevice::ReadOnly) ){
QSslKey KEY(&KF, QSsl::Rsa, QSsl::Pem);
config.setPrivateKey( KEY );
KF.close();
}else{
qWarning() << "Could not read WS key file:" << KF.fileName();
}
config.setPeerVerifyMode(QSslSocket::VerifyNone);
config.setProtocol(SSLVERSION);
WSServer->setSslConfiguration(config);
//Setup Connections
connect(WSServer, SIGNAL(newConnection()), this, SLOT(NewSocketConnection()) );
connect(WSServer, SIGNAL(acceptError(QAbstractSocket::SocketError)), this, SLOT(NewConnectError(QAbstractSocket::SocketError)) );
// -- websocket specific signals
connect(WSServer, SIGNAL(closed()), this, SLOT(ServerClosed()) );
connect(WSServer, SIGNAL(serverError(QWebSocketProtocol::CloseCode)), this, SLOT(ServerError(QWebSocketProtocol::CloseCode)) );
connect(WSServer, SIGNAL(originAuthenticationRequired(QWebSocketCorsAuthenticator*)), this, SLOT(OriginAuthRequired(QWebSocketCorsAuthenticator*)) );
connect(WSServer, SIGNAL(peerVerifyError(const QSslError&)), this, SLOT(PeerVerifyError(const QSslError&)) );
connect(WSServer, SIGNAL(sslErrors(const QList<QSslError>&)), this, SLOT(SslErrors(const QList<QSslError>&)) );
connect(WSServer, SIGNAL(acceptError(QAbstractSocket::SocketError)), this, SLOT(ConnectError(QAbstractSocket::SocketError)) );
//Now start the server
return WSServer->listen(QHostAddress::Any, port);
}
CAgentLoadBalancer::KWKEntry *CAgentLoadBalancer::CreateKWK (
Long64 i_lKMAID,
struct soap * const i_pstSoap,
const char * const i_sURL,
bool * const o_pbClientAESKeyWrapSetupError)
{
FATAL_ASSERT(i_pstSoap);
FATAL_ASSERT(i_sURL);
int bSuccess = FALSE;
KWKEntry *oKWKEntry = new KWKEntry;
oKWKEntry->m_lKMAID = i_lKMAID;
*o_pbClientAESKeyWrapSetupError = false;
bSuccess = GetPseudorandomBytes(sizeof (oKWKEntry->m_acKWK),
oKWKEntry->m_acKWK);
if (!bSuccess)
{
Log(AUDIT_CLIENT_AGENT_CREATE_KWK_RNG_ERROR,
NULL,
NULL,
"Error from RNG");
*o_pbClientAESKeyWrapSetupError = true;
delete(oKWKEntry);
return NULL;
}
#if defined(DEBUG)
char sHexKWK[2*KMS_MAX_KEY_SIZE+1];
ConvertBinaryToUTF8HexString( sHexKWK, oKWKEntry->m_acKWK, sizeof (oKWKEntry->m_acKWK));
#if defined(METAWARE)
log_printf("CAgentLoadBalancer::CreateKWK(): KWK hex=%s\n",
sHexKWK);
#else
// printf("CAgentLoadBalancer::CreateKWK(): KWK hex=%s\n",
// sHexKWK);
#endif
#endif
CPublicKey oPublicKEK;
bSuccess = GetKWKWrappingKey(i_pstSoap, i_sURL, &oPublicKEK);
if (!bSuccess)
{
// GetKWKWrappingKey logs errors
if (!ServerError(GET_SOAP_FAULTSTRING(i_pstSoap),i_pstSoap->errnum))
{
*o_pbClientAESKeyWrapSetupError = true;
}
delete(oKWKEntry);
return NULL;
}
unsigned char acWrappedKWK[MAX_RSA_PUB_KEY_LENGTH];
int iWrappedKWKLength;
bSuccess = oPublicKEK.Encrypt(sizeof (oKWKEntry->m_acKWK),
oKWKEntry->m_acKWK, (unsigned char *) acWrappedKWK, &iWrappedKWKLength);
if (!bSuccess)
{
Log(AUDIT_CLIENT_AGENT_CREATE_KWK_PUBLIC_ENCRYPT_ERROR,
NULL,
NULL,
"Error encrypting KWK with KMA public key");
*o_pbClientAESKeyWrapSetupError = true;
delete(oKWKEntry);
return NULL;
}
//#if defined(DEBUG) && !defined(METAWARE)
// char sHexWrappedKWK[2*MAX_RSA_PUB_KEY_LENGTH+1];
// ConvertBinaryToUTF8HexString( sHexWrappedKWK, acWrappedKWK, iWrappedKWKLength);
// printf("CAgentLoadBalancer::CreateKWK(): wrapped KWK hex=%s\n",
// sHexWrappedKWK);
//#endif
// register the new KWK
bSuccess = RegisterKWK(iWrappedKWKLength, acWrappedKWK, i_pstSoap,
i_sURL, oKWKEntry->m_acKWKID);
if (!bSuccess)
{
// RegisterKWK logs errors
if (!ServerError(GET_SOAP_FAULTSTRING(i_pstSoap), i_pstSoap->error))
{
*o_pbClientAESKeyWrapSetupError = true;
}
delete(oKWKEntry);
return NULL;
}
// save the new KWK entry in an empty slot in the array
for (int i=0; i < m_iKWKEntryNum && i < KMS_MAX_CLUSTER_NUM; i++)
{
if (m_aKWKEntries[i] == NULL)
{
m_aKWKEntries[i] = oKWKEntry;
return oKWKEntry;
}
}
// no empty slots so add it to the end
m_aKWKEntries[m_iKWKEntryNum++] = oKWKEntry;
return oKWKEntry;
}
int CAgentLoadBalancer::FailOver (int i_iFailedApplianceIndex,
struct soap *i_pstSoap)
{
FATAL_ASSERT(i_pstSoap);
CAutoMutex oAutoMutex((K_MUTEX_HANDLE) m_pProfile->m_pLock);
const char *strError = GET_SOAP_FAULTSTRING(i_pstSoap);
int iSoapErrno = i_pstSoap->errnum;
int iErrorCode = GET_FAULT_CODE(strError);
int i;
if ( m_bFIPS &&
KMSClient_NoFIPSCompatibleKMAs(m_pProfile))
{
return NO_FIPS_KMA_AVAILABLE;
}
m_pProfile->m_iFailoverAttempts++;
/*
* if KWK is not registered, or mismatched, most likely KMA lost its key due to a service
* restart. Call RegisterKWK to re-register the KWK.
* If RegisterKWK fails proceed from here with new failover info
*/
if ( iErrorCode == CLIENT_ERROR_AGENT_KWK_NOT_REGISTERED ||
iErrorCode == CLIENT_ERROR_AGENT_KWK_ID_MISMATCH )
{
LogError(m_pProfile,
AGENT_LOADBALANCER_FAILOVER,
NULL,
m_aCluster[i_iFailedApplianceIndex].m_wsApplianceNetworkAddress,
"KWK not registered or ID mismatch - registering");
// delete the KWK entry since the KMA no longer has it
DeleteKWKEntry( GetKMAID(i_iFailedApplianceIndex));
return i_iFailedApplianceIndex;
}
bool bServerError = false;
// if the request failed due to a Server Busy error, and if
// - transaction timeout has not been exceeded OR
// - failover attempts remain
// then failover
if (iErrorCode == CLIENT_ERROR_SERVER_BUSY &&
(K_GetTickCount() < m_iTransactionStartTimeInMilliseconds + (m_pProfile->m_iTransactionTimeout * 1000) ||
!CAgentLoadBalancer::FailOverLimit()))
{
LogError(m_pProfile,
AGENT_LOADBALANCER_FAILOVER,
NULL,
m_aCluster[i_iFailedApplianceIndex].m_wsApplianceNetworkAddress,
"Server Busy - failing over");
bServerError = true;
}
else if (ServerError(strError,iSoapErrno))
{
bServerError = true;
}
else
{
if (i_iFailedApplianceIndex == AES_KEY_WRAP_SETUP_ERROR)
{
return AES_KEY_WRAP_SETUP_ERROR;
}
else
{
return CLIENT_SIDE_ERROR; // it is a client side problem, don't fail over
}
}
// disable the failed Appliance in the profile, and
// re-sort the cluster array, so transactions in other threads
// will not send requests to the same failed Appliance
#if defined(METAWARE)
log_cond_printf(ECPT_LOG_AGENT, "CAgentLoadBalancer::Failover(): FailoverAttempts=%d\n",
m_pProfile->m_iFailoverAttempts);
#endif
for (i = 0; i < m_pProfile->m_iClusterNum; i++)
{
if (m_pProfile->m_aCluster[i].m_lApplianceID ==
m_aCluster[i_iFailedApplianceIndex].m_lApplianceID)
{
m_pProfile->m_aCluster[i].m_iResponding = FALSE;
break;
}
}
KMSClient_SortClusterArray(m_pProfile);
// mark the failed Appliance as not responding (unlike the case
// above which is conditional on bServerError, this marking is
// only local to this transaction; it must be done to ensure that
// this transaction does not cycle in its fail-over loop.)
m_aCluster[i_iFailedApplianceIndex].m_iResponding = FALSE;
if (!CAgentLoadBalancer::FailOverLimit())
{
// now try to fail over to all other Appliances that are
// apparently enabled and responding
for (i = 0; i < m_iClusterNum; i++)
{
if (m_aCluster[i].m_iEnabled == TRUE &&
m_aCluster[i].m_iResponding == TRUE &&
m_aCluster[i].m_iKMALocked == FALSE)
{
Log(AGENT_LOADBALANCER_FAILOVER,
NULL,
m_aCluster[i].m_wsApplianceNetworkAddress,
"Failing over to this addr");
return i;
}
}
// now retry KMAs previously reported as not responding
m_iLastAttemptedWhenNoneResponding++;
if (m_iLastAttemptedWhenNoneResponding >= m_iClusterNum)
{
m_iLastAttemptedWhenNoneResponding = m_iLastAttemptedWhenNoneResponding % m_iClusterNum;
}
Log(AGENT_LOADBALANCER_FAILOVER,
NULL,
m_aCluster[m_iLastAttemptedWhenNoneResponding].m_wsApplianceNetworkAddress,
"Failing over to retry this addr");
return m_iLastAttemptedWhenNoneResponding;
}
else
{
Log(AGENT_LOADBALANCER_FAILOVER,
NULL,
NULL,
"Failover limit reached");
}
return m_bFIPS ? NO_FIPS_KMA_AVAILABLE : NO_KMA_AVAILABLE;
}
