int sock_SSL_connect(SSL **ssl_con, int sockfd)
{
int ssl_err;
SSL_CTX *ssl_ctx = NULL;
ssl_ctx = SSL_CTX_new(SSLv3_client_method());
if(!ssl_ctx) {
net_log(NET_LOG_ERR, "sock_SSL_connect: !ssl_ctx\n");
return WSOCK_ERROR;
}
*ssl_con = SSL_new(ssl_ctx);
if(!(*ssl_con)) {
net_log(NET_LOG_ERR, "sock_SSL_connect: SSL_new() failed.\n");
SSL_CTX_free(ssl_ctx);
return WSOCK_ERROR;
}
SSL_set_fd (*ssl_con, sockfd);
SSL_set_connect_state(*ssl_con);
ssl_err = SSL_connect(*ssl_con);
if(ssl_err < 0)
SSL_set_shutdown(*ssl_con,SSL_SENT_SHUTDOWN);
if(ssl_err <= 0) {
net_log(NET_LOG_ERR, "sock_SSL_connect: SSL_connect() failed.\n");
SSL_free(*ssl_con);
SSL_CTX_free(ssl_ctx);
return WSOCK_ERROR;
}
return WSOCK_OK;
}
SfRequestContext::SfRequestContext() {
mUserAgent = MakeUserAgent().c_str();
set_net_log(new SfNetLog());
set_host_resolver(
net::CreateSystemHostResolver(
net::HostResolver::kDefaultParallelism,
NULL /* resolver_proc */,
net_log()));
set_ssl_config_service(
net::SSLConfigService::CreateSystemSSLConfigService());
mProxyConfigService = new net::ProxyConfigServiceAndroid;
set_proxy_service(net::ProxyService::CreateWithoutProxyResolver(
mProxyConfigService, net_log()));
set_http_transaction_factory(new net::HttpCache(
host_resolver(),
new net::CertVerifier(),
dnsrr_resolver(),
dns_cert_checker(),
proxy_service(),
ssl_config_service(),
net::HttpAuthHandlerFactory::CreateDefault(host_resolver()),
network_delegate(),
net_log(),
NULL)); // backend_factory
set_cookie_store(new net::CookieMonster(NULL, NULL));
}
int Sock_socketpair(Sock *pair[]) {
int sdpair[2], i, res;
if (!pair)
return -1;
if ((res = socketpair(AF_UNIX, SOCK_DGRAM, 0, sdpair)) < 0) {
net_log(NET_LOG_ERR, "Sock_socketpair() failure.\n");
return res;
}
if (!(pair[0] = calloc(1, sizeof(Sock)))) {
net_log(NET_LOG_FATAL,
"Unable to allocate first Sock struct in Sock_socketpair().\n");
close (sdpair[0]);
close (sdpair[1]);
return -1;
}
if (!(pair[1] = calloc(1, sizeof(Sock)))) {
net_log(NET_LOG_FATAL,
"Unable to allocate second Sock struct in Sock_socketpair().\n");
close (sdpair[0]);
close (sdpair[1]);
free(pair[0]);
return -1;
}
for (i = 0; i < 2; i++) {
pair[i]->fd = sdpair[i];
pair[i]->socktype = LOCAL;
}
return res;
}
/**
* It initializes the global context ssl
* @param : path of the server certificate
* @param : cert verification mode @see SSL_CTX_set_verify
* @return: 0 on success;
*/
SSL_CTX * Sock_init_ctx(char *key, char * cafile, char * capath)
{
SSL_CTX *global_ctx = NULL;
char cipher[] = "ALL:eNULL";
int s_server_session_id_context = 1;
SSL_METHOD *method;
SSL_load_error_strings();
SSL_library_init();
method = SSLv23_method();
global_ctx = SSL_CTX_new(method);
if(!global_ctx) {
net_log(NET_LOG_ERR,"Creation of a new SSL_CTX object failed");
return NULL;
}
/* Loads a certificate chain from file into ctx */
if(!(SSL_CTX_use_certificate_chain_file(global_ctx,key))) {
net_log(NET_LOG_ERR,"Failure in reading certificate file");
return NULL;
}
/* Adds the first private key found in file to ctx */
if(!(SSL_CTX_use_PrivateKey_file(global_ctx,key,SSL_FILETYPE_PEM))) {
net_log(NET_LOG_ERR,"Failure in reading key file");
return NULL;
}
/* Set default locations for trusted CA certificates */
if(!(SSL_CTX_load_verify_locations(global_ctx, cafile, capath))) {
net_log(NET_LOG_ERR,"Failure in reading CA list");
return NULL;
}
/* Set context within which session can be reused */
SSL_CTX_set_session_id_context(global_ctx,
(void*)&s_server_session_id_context,
sizeof(s_server_session_id_context));
/* Choose list of available SSL_CIPHER */
SSL_CTX_set_cipher_list(global_ctx,cipher);
/* Manipulate SSL engine options */
//SSL_CTX_set_options(ctx,SSL_OP_ALL);
SSL_CTX_set_verify(global_ctx,SSL_VERIFY_PEER,0);
return global_ctx;
}
SfRequestContext::SfRequestContext() {
#ifndef ANDROID_DEFAULT_CODE
mWapProfile = "";
mUserAgent = "";
initStreamingInfo();
#else
mUserAgent = MakeUserAgent().c_str();
#endif
set_net_log(new SfNetLog());
set_host_resolver(
net::CreateSystemHostResolver(
net::HostResolver::kDefaultParallelism,
NULL /* resolver_proc */,
net_log()));
set_ssl_config_service(
net::SSLConfigService::CreateSystemSSLConfigService());
#ifdef HTTP_STREAM_SUPPORT_PROXY
gProxyConfigService.reset( new (net::ProxyConfigServiceAndroid));
set_proxy_service(net::ProxyService::CreateWithoutProxyResolver(
gProxyConfigService.get(), net_log()));
#else
mProxyConfigService = new net::ProxyConfigServiceAndroid;
set_proxy_service(net::ProxyService::CreateWithoutProxyResolver(
mProxyConfigService, net_log()));
#endif
set_http_transaction_factory(new net::HttpCache(
host_resolver(),
new net::CertVerifier(),
dnsrr_resolver(),
dns_cert_checker(),
proxy_service(),
ssl_config_service(),
net::HttpAuthHandlerFactory::CreateDefault(host_resolver()),
network_delegate(),
net_log(),
NULL)); // backend_factory
set_cookie_store(new net::CookieMonster(NULL, NULL));
}
SSL *SSL_sock_accept(int sockfd, SSL_CTX * global_ctx) {
SSL *ssl;
ssl = SSL_new(global_ctx);
if(!ssl) {
net_log(NET_LOG_ERR, "Sock SSL_connect: SSL_new() failed.\n");
return 0;
}
if((SSL_set_fd(ssl,sockfd))==0) {
net_log(NET_LOG_ERR,"Operation failed\n");
return 0;
}
if((SSL_accept(ssl)<=0)) {
net_log(NET_LOG_ERR,"SSL accept error");
return 0;
}
return(ssl);
}
int SSL_close_connection(SSL *ssl, int sockfd) {
int exit;
exit = SSL_shutdown(ssl);
if(!exit) {
shutdown(sockfd,SHUT_WR);
SSL_shutdown(ssl);
} else {
net_log(NET_LOG_ERR,"Shutdown failed");
return 0;
}
SSL_free(ssl);
return 1;
}
int Sock_set_dest(Sock *s, struct sockaddr *sa) {
if (!s)
return -1;
if (s->socktype != UDP) {
net_log(NET_LOG_FATAL, "Only UDP socket can change destination address\n");
return -1;
}
switch (sa->sa_family) {
case AF_INET:
memcpy(&(s->remote_stg), sa, sizeof(struct sockaddr_in));
break;
case AF_INET6:
memcpy(&(s->remote_stg), sa, sizeof(struct sockaddr_in6));
break;
default:
break;
}
return 0;
}
Sock * Sock_connect(char *host, char *port, Sock *binded, sock_type socktype, sock_flags ssl_flag)
{
Sock *s;
char remote_host[128]; /*Unix Domain is largest*/
char local_host[128]; /*Unix Domain is largest*/
int sockfd = -1;
struct sockaddr *sa_p = NULL;
socklen_t sa_len = 0;
int32_t local_port;
int32_t remote_port;
#if HAVE_SSL
SSL *ssl_con;
#endif
if(binded) {
sockfd = binded->fd;
}
if (sock_connect(host, port, &sockfd, socktype)) {
net_log(NET_LOG_ERR, "Sock_connect() failure.\n");
return NULL;
}
#if HAVE_SSL
if(ssl_flag & IS_SSL) {
if (sock_SSL_connect(&ssl_con))
net_log (NET_LOG_ERR, "Sock_connect() failure in SSL init.\n");
sock_close(sockfd);
return NULL;
}
else
#endif
if (binded) {
s = binded;
free(s->local_host);
s->local_host = NULL;
free(s->remote_host);
s->remote_host = NULL;
} else if (!(s = calloc(1, sizeof(Sock)))) {
net_log(NET_LOG_FATAL, "Unable to allocate a Sock struct in Sock_connect().\n");
#if HAVE_SSL
if(ssl_flag & IS_SSL)
sock_SSL_close(ssl_con);
#endif
sock_close (sockfd);
return NULL;
}
s->fd = sockfd;
s->socktype = socktype;
#if HAVE_SSL
if(ssl_flag & IS_SSL)
s->ssl = ssl_con;
#endif
s->flags = ssl_flag;
sa_p = (struct sockaddr *) &(s->local_stg);
sa_len = sizeof(struct sockaddr_storage);
if(getsockname(s->fd, sa_p, &sa_len))
{
net_log(NET_LOG_ERR, "Unable to get remote port in Sock_connect().\n");
Sock_close(s);
return NULL;
}
if(!sock_ntop_host(sa_p, local_host, sizeof(local_host)))
memset(local_host, 0, sizeof(local_host));
if (!(s->local_host = strdup(local_host))) {
net_log(NET_LOG_FATAL, "Unable to allocate local host in Sock_connect().\n");
Sock_close(s);
return NULL;
}
local_port = sock_get_port(sa_p);
if(local_port < 0) {
net_log(NET_LOG_ERR, "Unable to get local port in Sock_connect().\n");
Sock_close(s);
return NULL;
} else
s->local_port = ntohs(local_port);
sa_p = (struct sockaddr *) &(s->remote_stg);
sa_len = sizeof(struct sockaddr_storage);
if(getpeername(s->fd, sa_p, &sa_len))
{
net_log(NET_LOG_ERR, "Unable to get remote address in Sock_connect().\n");
Sock_close(s);
return NULL;
}
if(!sock_ntop_host(sa_p, remote_host, sizeof(remote_host)))
memset(remote_host, 0, sizeof(remote_host));
if (!(s->remote_host = strdup(remote_host))) {
net_log(NET_LOG_FATAL, "Unable to allocate remote host in Sock_connect().\n");
Sock_close(s);
return NULL;
}
remote_port = sock_get_port(sa_p);
if(remote_port < 0) {
net_log(NET_LOG_ERR, "Unable to get remote port in Sock_connect().\n");
Sock_close(s);
return NULL;
} else
s->remote_port = ntohs(remote_port);
net_log(NET_LOG_DEBUG, "Socket connected between local=\"%s\":%u and "
"remote=\"%s\":%u.\n", s->local_host, s->local_port, s->remote_host,
s->remote_port);
if(is_multicast_address(sa_p, s->remote_stg.ss_family)) {
//fprintf(stderr,"IS MULTICAST\n");
if(mcast_join(s->fd, sa_p, NULL, 0, &(s->addr))!=0) {
Sock_close(s);
return NULL;
}
s->flags |= IS_MULTICAST;
}
return s;
}
/**
* Create a new socket accepting a new connection from a listening socket.
* @param main Listening socket.
* @param octx optional ssl global context
* @return the newly allocated Sock
*/
Sock * Sock_accept(Sock *s, void * octx)
{
int res = -1;
char remote_host[128]; /*Unix Domain is largest*/
char local_host[128]; /*Unix Domain is largest*/
int remote_port = -1;
int local_port = -1;
Sock *new_s = NULL;
struct sockaddr *sa_p = NULL;
socklen_t sa_len = 0;
#if ENABLE_SSL
SSL_CTX * ctx = octx;
SSL *ssl_con = NULL;
#endif
if (!s)
return NULL;
if ((res = sock_accept(s->fd)) < 0) {
net_log(NET_LOG_ERR, "System error in sock_accept().\n");
return NULL;
}
#if ENABLE_SSL
if(ctx) {
if( !(ssl_con = SSL_sock_accept(res, ctx)) ) {
net_log(NET_LOG_ERR, "Unable to accept SSL connection.\n");
sock_close(res);
return NULL;
}
}
#endif
if (!(new_s = calloc(1, sizeof(Sock)))) {
net_log(NET_LOG_FATAL,
"Unable to allocate a Sock struct in Sock_accept().\n");
#if ENABLE_SSL
if(ctx)
SSL_close_connection(ssl_con, res);
#endif
sock_close(res);
return NULL;
}
new_s->fd = res;
new_s->socktype = s->socktype;
new_s->flags = s->flags;
#if ENABLE_SSL
if(ctx)
new_s->ssl = ssl_con;
#endif
sa_p = (struct sockaddr *) &(new_s->remote_stg);
sa_len = sizeof(struct sockaddr_storage);
if(getpeername(res, sa_p, &sa_len))
{
net_log(NET_LOG_ERR,
"Unable to get remote address in Sock_accept().\n");
Sock_close(new_s);
return NULL;
}
if(!sock_ntop_host(sa_p, remote_host, sizeof(remote_host)))
memset(remote_host, 0, sizeof(remote_host));
if (!(new_s->remote_host = strdup(remote_host))) {
net_log(NET_LOG_FATAL,
"Unable to allocate remote host in Sock_accept().\n");
Sock_close(new_s);
return NULL;
}
remote_port = sock_get_port(sa_p);
if(remote_port < 0) {
net_log(NET_LOG_ERR, "Unable to get remote port in Sock_accept().\n");
Sock_close(new_s);
return NULL;
}
else
new_s->remote_port = ntohs(remote_port);
sa_p = (struct sockaddr *) &(new_s->remote_stg);
sa_len = sizeof(struct sockaddr_storage);
if(getsockname(res, sa_p, &sa_len))
{
net_log(NET_LOG_ERR, "Unable to get remote port in Sock_accept().\n");
Sock_close(new_s);
return NULL;
}
if(!sock_ntop_host(sa_p, local_host, sizeof(local_host)))
memset(local_host, 0, sizeof(local_host));
if (!(new_s->local_host = strdup(local_host))) {
net_log(NET_LOG_FATAL,
"Unable to allocate local host in Sock_accept().\n");
Sock_close(new_s);
return NULL;
}
local_port = sock_get_port(sa_p);
if(local_port < 0) {
net_log(NET_LOG_ERR, "Unable to get local port in Sock_accept().\n");
Sock_close(new_s);
return NULL;
}
else
new_s->local_port = ntohs(local_port);
net_log(NET_LOG_DEBUG, "Socket accepted between local=\"%s\":%u and "
"remote=\"%s\":%u.\n", new_s->local_host, new_s->local_port,
new_s->remote_host, new_s->remote_port);
return new_s;
}
Sock * Sock_bind(char const *host, char const *port, Sock *sock,
sock_type socktype, void * octx)
{
Sock *s = NULL;
int sockfd = -1;
struct sockaddr *sa_p;
socklen_t sa_len;
char local_host[128];
int local_port;
#if ENABLE_SSL
if ((octx)) {
if(socktype != TCP) {
net_log(NET_LOG_ERR, "SSL can't work on this protocol.\n");
return NULL;
}
}
#endif
if(sock) {
sockfd = sock->fd;
}
if (sock_bind(host, port, &sockfd, socktype)) {
net_log(NET_LOG_ERR, "Error in low level sock_bind().\n");
return NULL;
}
if (!(s = calloc(1, sizeof(Sock)))) {
net_log(NET_LOG_FATAL,
"Unable to allocate a Sock struct in Sock_bind().\n");
sock_close(sockfd);
return NULL;
}
s->fd = sockfd;
s->socktype = socktype;
s->flags = 0;
sa_p = (struct sockaddr *)&(s->local_stg);
sa_len = sizeof(struct sockaddr_storage);
if(getsockname(s->fd, sa_p, &sa_len) < 0) {
Sock_close(s);
return NULL;
}
if(!sock_ntop_host(sa_p, local_host, sizeof(local_host)))
memset(local_host, 0, sizeof(local_host));
if (!(s->local_host = strdup(local_host))) {
net_log(NET_LOG_FATAL,
"Unable to allocate local host in Sock_bind().\n");
Sock_close(s);
return NULL;
}
local_port = sock_get_port(sa_p);
if(local_port < 0) {
net_log(NET_LOG_ERR, "Unable to get local port in Sock_bind().\n");
Sock_close(s);
return NULL;
} else
s->local_port = ntohs(local_port);
net_log(NET_LOG_DEBUG,
"Socket bound with addr=\"%s\" and port=\"%u\".\n",
s->local_host, s->local_port);
if(is_multicast_address(sa_p, s->local_stg.ss_family)) {
if(mcast_join(s->fd, sa_p)) {
Sock_close(s);
return NULL;
}
s->flags |= IS_MULTICAST;
}
return s;
}
