/** Called after the SSL connection and initial handshaking is complete. */ void ssl_connected(struct conn *c) { X509 *peer; SSL *ssl = bufferevent_openssl_get_ssl(c->remote_bev); #if SSL_DEBUG_LEVEL > 0 errprintf(stdout, "ssl_slave: SSL connection attempt completed, using %s. Resolving remote host name.\n", SSL_get_version(ssl)); if (bufferevent_get_openssl_error(c->remote_bev)) errprintf(stdout, "ssl_slave: ssl error code: %ld\n", bufferevent_get_openssl_error(c->remote_bev)); #endif bufferevent_set_timeouts(c->remote_bev, NULL, NULL); /* Successful accept. Log peer certificate, if any. */ if ((peer = SSL_get_peer_certificate(ssl))) { if (SSL_get_verify_result(ssl) == X509_V_OK) { char buf[256]; /* The client sent a certificate which verified OK */ X509_NAME_oneline(X509_get_subject_name(peer), buf, 256); errprintf(stdout, "ssl_slave: SSL client certificate accepted: %s\n", buf); } } c->state = C_HOSTNAME_LOOKUP; c->resolver_req = evdns_getnameinfo(resolver, &c->remote_addr.addr, 0, address_resolved, c); }
static void pending_event(struct bufferevent *bev, short events, void *pending_ptr) { struct evwspendingconn* pending = (struct evwspendingconn *)pending_ptr; if (events & BEV_EVENT_EOF) { fprintf(stderr, "Connection closed\n"); } else if (events & BEV_EVENT_ERROR) { fprintf(stderr, "Connection error\n"); if (errno != 0) { fprintf(stderr, "Got an error on the connection: %s\n", strerror(errno)); } unsigned long ssl_error = ERR_get_error(); if (ssl_error != 0) { fprintf(stderr, "SSL error: %s\n", ERR_error_string(ssl_error, NULL)); } ssl_error = bufferevent_get_openssl_error(bev); if (ssl_error != 0) { fprintf(stderr, "Got an SSL error on the connection: %s\n", ERR_error_string(ssl_error, NULL)); } } else if (events & BEV_EVENT_CONNECTED) { return; // SSL connected } else { fprintf(stderr, "Unknown event: %x\n", (int)events); } remove_pending(pending); free_pending(pending); }
zend_object * ion_stream_get_exception(ion_stream * stream, ion_buffer * bev) { zend_ulong error_ulong = 0; int error_int = 0; const char * error_message; zend_object * exception; void * exception_ce; zend_string * desc = ion_stream_describe(stream); if((error_ulong = bufferevent_get_openssl_error(bev))) { // problem with openssl connection error_message = ERR_error_string(error_ulong, NULL); exception_ce = ion_ce_ION_CryptoException; } else if((error_int = bufferevent_socket_get_dns_error(bev))) { // DNS problem error_message = evutil_gai_strerror(error_int); exception_ce = ion_ce_ION_DNSException; } else if((error_int = EVUTIL_SOCKET_ERROR())) { // socket problem error_message = evutil_socket_error_to_string(error_int); exception_ce = ion_ce_ION_StreamException; } else { // magic problem error_message = "stream corrupted"; exception_ce = ion_ce_ION_StreamException; } exception = pion_exception_new_ex( exception_ce, 0, "%s error: %s", desc->val, error_message ); zend_string_release(desc); return exception; }
static void conn_eventcb(struct bufferevent *bev, short events, void *user_data) { if (events & BEV_EVENT_EOF) { skeeter_log(LOG_INFO, "Connection closed."); } else if (events & BEV_EVENT_ERROR) { skeeter_log(LOG_WARNING, "Got an error on the connection: %s", strerror(errno)); skeeter_log(LOG_WARNING, "OpenSSL error is %lu", bufferevent_get_openssl_error(bev)); } else if (events & BEV_EVENT_TIMEOUT) { skeeter_log(LOG_NOTICE, "Got a timeout on %s, closing connection.", (events & BEV_EVENT_READING) ? "reading" : "writing"); } else if (events & BEV_EVENT_CONNECTED) { skeeter_log(LOG_NOTICE, "Looks like ssl handshake completed."); skeeter_log(LOG_DEBUG, "OpenSSL error %lu", bufferevent_get_openssl_error(bev)); return; } skeeter_log(LOG_NOTICE, "Freeing connection data"); bufferevent_free(bev); free(user_data); }
static void event_error_handler(struct bufferevent *bev, short what, void *ctx) { struct bufferevent *partner = NULL; ssh_session_t *session = ctx; if(session == NULL || session->owner_ptr == NULL) { trace_err("ERROR: ....................."); } else { partner= session->owner_ptr; } if (what & (BEV_EVENT_EOF|BEV_EVENT_ERROR)) { if (what & BEV_EVENT_ERROR) { unsigned long err; while ((err = (bufferevent_get_openssl_error(bev)))) { const char *msg = (const char*)ERR_reason_error_string(err); const char *lib = (const char*)ERR_lib_error_string(err); const char *func = (const char*)ERR_func_error_string(err); fprintf(stderr, "%s in %s %s\n", msg, lib, func); } if (errno) { trace_err("connection error"); } } if (partner) { /* Flush all pending data */ data_read_handler(bev, ctx); if (evbuffer_get_length(bufferevent_get_output(partner))) { /* We still have to flush data from the other * side, but when that's done, close the other * side. */ bufferevent_setcb(partner, NULL, close_on_finished_writecb, event_error_handler, NULL); bufferevent_disable(partner, EV_READ); } else { /* We have nothing left to say to the other * side; close it. */ bufferevent_free(partner); ssh_log(session, "\"%s:closed\"", SESSION_TYPE(session)); } } bufferevent_free(bev); } }
static void eventcb(struct bufferevent *bev, short what, void *ctx) { struct bufferevent *partner = ctx; if (what & (BEV_EVENT_EOF|BEV_EVENT_ERROR)) { if (what & BEV_EVENT_ERROR) { unsigned long err; while ((err = (bufferevent_get_openssl_error(bev)))) { const char *msg = (const char*) ERR_reason_error_string(err); const char *lib = (const char*) ERR_lib_error_string(err); const char *func = (const char*) ERR_func_error_string(err); fprintf(stderr, "%s in %s %s\n", msg, lib, func); } if (errno) perror("connection error"); } if (partner) { /* Flush all pending data */ readcb(bev, ctx); if (evbuffer_get_length( bufferevent_get_output(partner))) { /* We still have to flush data from the other * side, but when that's done, close the other * side. */ bufferevent_setcb(partner, NULL, close_on_finished_writecb, eventcb, NULL); bufferevent_disable(partner, EV_READ); } else { /* We have nothing left to say to the other * side; close it. */ bufferevent_free(partner); } } bufferevent_free(bev); } }
static void http_request_done(struct evhttp_request *req, void *ctx) { char buffer[256]; int nread; if (req == NULL) { /* If req is NULL, it means an error occurred, but * sadly we are mostly left guessing what the error * might have been. We'll do our best... */ struct bufferevent *bev = (struct bufferevent *) ctx; unsigned long oslerr; int printed_err = 0; int errcode = EVUTIL_SOCKET_ERROR(); fprintf(stderr, "some request failed - no idea which one though!\n"); /* Print out the OpenSSL error queue that libevent * squirreled away for us, if any. */ while ((oslerr = bufferevent_get_openssl_error(bev))) { ERR_error_string_n(oslerr, buffer, sizeof(buffer)); fprintf(stderr, "%s\n", buffer); printed_err = 1; } /* If the OpenSSL error queue was empty, maybe it was a * socket error; let's try printing that. */ if (! printed_err) fprintf(stderr, "socket error = %s (%d)\n", evutil_socket_error_to_string(errcode), errcode); return; } fprintf(stderr, "Response line: %d %s\n", evhttp_request_get_response_code(req), evhttp_request_get_response_code_line(req)); while ((nread = evbuffer_remove(evhttp_request_get_input_buffer(req), buffer, sizeof(buffer))) > 0) { /* These are just arbitrary chunks of 256 bytes. * They are not lines, so we can't treat them as such. */ fwrite(buffer, nread, 1, stdout); } }
static void conn_free(ad_conn_t *conn) { if (conn) { if (conn->status != AD_CLOSE) { call_hooks(AD_EVENT_CLOSE | AD_EVENT_SHUTDOWN , conn); } conn_reset(conn); if (conn->buffer) { if (conn->server->sslctx) { int sslerr = bufferevent_get_openssl_error(conn->buffer); if (sslerr) { char errmsg[256]; ERR_error_string_n(sslerr, errmsg, sizeof(errmsg)); ERROR("SSL %s (err:%d)", errmsg, sslerr); } } bufferevent_free(conn->buffer); } free(conn); } }
void on_event_cb(struct bufferevent *bufev_sock, short events, void *arg) { unsigned long e = 0; struct event *ev; struct timeval tv = {1, 0}; if (events & BEV_EVENT_CONNECTED) { jlog(L_DEBUG, "connected"); cfg->ctrl_initialized = 0; query_list_network(); } else if (events & (BEV_EVENT_EOF|BEV_EVENT_ERROR)) { jlog(L_DEBUG, "event (%x)", events); while ((e = bufferevent_get_openssl_error(bufev_sock)) > 0) { jlog(L_ERROR, "%s", ERR_error_string(e, NULL)); } bufferevent_free(bufev_sock); ev = event_new(base, -1, EV_TIMEOUT, on_timeout_cb, NULL); event_add(ev, &tv); } }
void server_mc_event_cb(struct bufferevent *bev, short events, void *ctx) { struct server *s = (struct server *)ctx; dump_flags(events); if (events & BEV_EVENT_CONNECTED) { struct mc *mc; /* * If we received the notification that the connection is established, * then we move the corresponding struct mc from s->pending_peers to * s->peers. */ mc = v_mc_find_if(s->pending_peers, (void *)find_bev, bev); if (mc != v_mc_end(s->pending_peers)) { struct mc tmp; struct endpoint e; endpoint_init(&e, mc->p.address, mc->p.len); /* Check for certificate */ if (mc->ssl_flags & TLS_ENABLE) { X509 *cert; SSL *ssl; EVP_PKEY *pubkey; char name[512]; ssl = bufferevent_openssl_get_ssl(mc->bev); cert = SSL_get_peer_certificate(ssl); if (cert == NULL) { log_info("[META] [TLS] %s doesn't share it's certificate.", mc_presentation(mc, name, sizeof name)); v_mc_erase(s->pending_peers, mc); mc_close(mc); return ; } pubkey = X509_get_pubkey(cert); //UNUSED ? } log_info("[META] [%s] connexion established with %s", mc->ssl_flags & TLS_ENABLE ? "TLS" : "TCP", endpoint_presentation(&e)); memcpy(&tmp, mc, sizeof(tmp)); v_mc_erase(s->pending_peers, mc); mc = v_mc_insert(s->peers, &tmp); mc_hello(mc, s->udp); mc_establish_tunnel(mc, s->udp); } } else if (events & BEV_EVENT_EOF) { /* Disconnected */ struct mc *mc; struct udp_peer *up; mc = v_mc_find_if(s->peers, (void *)find_bev, bev); if (mc != v_mc_end(s->peers)) { char name[INET6_ADDRSTRLEN]; struct sockaddr *sock = mc->p.address; up = v_udp_find_if(s->udp->udp_peers, find_udppeer, sock); if (up != v_udp_end(s->udp->udp_peers)) { v_udp_erase(s->udp->udp_peers, up); log_debug("[%s] stop peering with %s", (up->ssl_flags & DTLS_ENABLE) ? "DTLS" : "UDP", endpoint_presentation(&up->peer_addr)); } log_debug("[META] stop the meta-connexion with %s", mc_presentation(mc, name, sizeof(name))); mc_close(mc); v_mc_erase(s->peers, mc); } } else if (events & BEV_EVENT_ERROR) { struct mc *mc; int everr; int sslerr; everr = EVUTIL_SOCKET_ERROR(); if (everr != 0) { log_warnx("[META] unexpected shutdown of the meta-connexion: (%d) %s", everr, evutil_socket_error_to_string(everr)); } while ((sslerr = bufferevent_get_openssl_error(bev)) != 0) { log_warnx("[META] SSL error code (%d): %s in %s %s", sslerr, ERR_reason_error_string(sslerr), ERR_lib_error_string(sslerr), ERR_func_error_string(sslerr)); } /* * Find if the exception come from a pending peer or a * regular peer and close it. */ mc = v_mc_find_if(s->pending_peers, (void *)find_bev, bev); if (mc != v_mc_end(s->pending_peers)) { char name[128]; log_debug("[META] %s removed from the pending list", mc_presentation(mc, name, sizeof name)); mc_close(mc); v_mc_erase(s->pending_peers, mc); } else { mc = v_mc_find_if(s->peers, (void *)find_bev, bev); if (mc != v_mc_end(s->peers)) { mc_close(mc); v_mc_erase(s->peers, mc); log_debug("[META] socket removed from the peer list"); } } } }