int main() {
int fd, childfd, clientLen;
struct sockaddr_in clientAddr;
pthread_t thread, refresh;
/* Initialize SSL. */
initSSL();
/* Refresh connections. */
pthread_create (&refresh, NULL, refreshConn, 0);
pthread_detach (refresh);
/* Start crap. */
fd = tcpCreate(PORT);
if (fd < 0) { LOG(10, "Could not create server"); exit(1); }
clientLen = sizeof(clientAddr);
while(1) {
childfd = accept(fd, (struct sockaddr *) &clientAddr, &clientLen);
LOGD(0, "Accepted client connection", childfd);
if (childfd < 0) {
LOG(0, "Error on accept.");
continue;
} else {
pthread_create (&thread, NULL, processRequest, (void *) &childfd);
pthread_detach (thread);
LOG(0, "Created new thread");
}
}
/* Ideally should never be here. */
close(fd);
return 1;
}
bool SSLClient::init()
{
initLib();
if (!initSSL())
return false;
return initBIO();
}
Application::Application() :
mPixelDecodeThread(NULL),
mDMTXThread(NULL),
mDMTXInstrThread(NULL),
mRect(0.f, 0.f, 1.f, 1.f),
mLocked(false)
{
initSSL();
}
void IOSocketSSL::init_internals(const bool force_server_method = false) {
TRACE_CALL();
ssl_err = new char[__IOSOCKETSSL_ERR_BUF_LEN];
handshake_done = false;
//@throw char *e
initSSL(force_server_method);
}
IoSecureClient *IoSecureClient_proto(void *state)
{
initSSL();
IoObject *self = IoObject_new(state);
IoObject_tag_(self, IoSecureClient_newTag(state));
SSL_CTX *ctx = SSL_CTX_new(TLSv1_client_method());
if(ctx == NULL)
{
ERR_print_errors_fp(stderr);
}
IoObject_setDataPointer_(self, ctx);
SSL_CTX_set_default_passwd_cb(ctx, IoSecureSockets_Password_Callback);
SSL_CTX_set_default_passwd_cb_userdata(ctx, self);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, IoSecureSockets_Verify_Callback);
#ifdef DTLS_IMPLEMENTED
IoObject_setSlot_to_(self, IOSYMBOL("supportsDTLS"), IOTRUE(self));
#else
IoObject_setSlot_to_(self, IOSYMBOL("supportsDTLS"), IOFALSE(self));
#endif
IoState_registerProtoWithFunc_((IoState *)state, self, IoSecureClient_proto);
{
IoMethodTable methodTable[] = {
{"setKeyFile", IoSecureClient_setKeyFile},
//doc SecureClient setKeyFile(aPath) Sets the key file. Returns self.
{"setCertFile", IoSecureClient_setCertFile},
//doc SecureClient setCertFile(aPath) Sets the Certificate file. Returns self.
{"setCAFile", IoSecureClient_setCAFile},
//doc SecureClient setCAFile(aPath) Sets the CA file. Returns self.
{"setCRLFile", IoSecureClient_setCRLFile},
//doc SecureClient setCRLFile(aPath) Sets the CRL file. Returns self.
{"useTLS", IoSecureClient_useTLS},
//doc SecureClient useTLS Returns useTLS value.
{"useDTLS", IoSecureClient_useDTLS},
//doc SecureClient useDTLS Returns useDTLS value.
{"connectionToServer", IoSecureClient_connectionToServer},
//doc SecureClient connectionToServer Returns connectionToServer.
{NULL, NULL}
};
IoObject_addMethodTable_(self, methodTable);
}
return self;
}
int SocketServer::init(Server *server)
{
int ret;
this->server = server;
ret = initSocket();
if (ret)
return ret;
ret = initSSL();
return ret;
}
bool SSLClient::init()
{
initLib();
if (!initSSL())
return false;
#ifdef _DEBUG
#if OPENSSL_VERSION_NUMBER < 0x00907000L
SSL_CTX_set_info_callback(pCTX, (void (*)())ssl_info_callback);
#else
SSL_CTX_set_info_callback(pCTX, ssl_info_callback);
#endif
#endif
return initBIO();
}
zia::api::network::IEndPoint* my_sock_accept(zia::api::network::IEndPoint& server)
{
// for (std::vector<int>::iterator it = hostsList.begin(); it != hostsList.end() ; ++it)
// if (*it == server.getPort())
// {
ModSocketSSL* serv = static_cast<ModSocketSSL*>(&server);
initSSL(serv);
loadCert(serv, "certificate/cert", "certificate/pkey");
serv->setSSL(SSL_new(serv->getCTX()));
SSL_set_fd(serv->getSSL(), serv->getSocket());
if ((SSL_accept(serv->getSSL())) == -1)
ERR_print_errors_fp(stderr);
std::cout << "SSL_ACCEPT !!!!" << std::endl;
// return (&server);
// }
return (&server);
}
void select_loop (void)
{
int n = 0;
int initfails = 0;
fd_set readfd;
time_t prevtime = time(NULL);
FD_ZERO(&readfd);
FD_SET(sock, &readfd);
while (1){
if (select(sock+1, &readfd, 0, 0, NULL) < 0){
LERR("select failed\n");
handler(1);
}
if (FD_ISSET(sock, &readfd)){
ioctl(sock, FIONREAD, &n);
if (n == 0){
/* server disconnected*/
if(!usessl) {
if(init_hepsocket()) initfails++;
}
#ifdef USE_SSL
else {
if(initSSL()) initfails++;
}
#endif /* USE_SSL */
if (initfails > 10)
{
time_t curtime = time (NULL);
if (curtime - prevtime < 2){
pthread_mutex_lock(&lock);
LERR( "HEP server is down... retrying after sleep...\n");
sleep(2);
pthread_mutex_unlock(&lock);
}
initfails=0;
prevtime = curtime;
}
}
}
}
}
int SslContext::init(int iMethod)
{
if (m_pCtx != NULL)
return 0;
SSL_METHOD *meth;
if (initSSL())
return LS_FAIL;
m_iMethod = iMethod;
m_iEnableSpdy = 0;
meth = (SSL_METHOD *)SSLv23_method();
m_pCtx = SSL_CTX_new(meth);
if (m_pCtx)
{
#ifdef SSL_OP_NO_COMPRESSION
/* OpenSSL >= 1.0 only */
SSL_CTX_set_options(m_pCtx, SSL_OP_NO_COMPRESSION);
#endif
setOptions(SSL_OP_SINGLE_DH_USE | SSL_OP_ALL);
//setOptions( SSL_OP_NO_SSLv2 );
updateProtocol(iMethod);
setOptions(SSL_OP_CIPHER_SERVER_PREFERENCE);
SSL_CTX_set_mode(m_pCtx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
#ifdef SSL_MODE_RELEASE_BUFFERS
| SSL_MODE_RELEASE_BUFFERS
#endif
);
if (m_iRenegProtect)
{
setOptions(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
SSL_CTX_set_info_callback(m_pCtx, SslConnection_ssl_info_cb);
}
//initECDH();
return 0;
}
else
{
//TODO: log ssl error
return LS_FAIL;
}
}
FizzContextAndVerifier createClientFizzContextAndVerifier(
std::string certData,
std::string keyData,
folly::StringPiece pemCaPath) {
// global session cache
static auto SESSION_CACHE =
std::make_shared<fizz::client::SynchronizedLruPskCache>(100);
initSSL();
auto ctx = std::make_shared<fizz::client::FizzClientContext>();
ctx->setSupportedVersions({fizz::ProtocolVersion::tls_1_3});
ctx->setPskCache(SESSION_CACHE);
if (!certData.empty() && !keyData.empty()) {
auto cert =
fizz::CertUtils::makeSelfCert(std::move(certData), std::move(keyData));
ctx->setClientCertificate(std::move(cert));
}
std::shared_ptr<fizz::DefaultCertificateVerifier> verifier;
if (!pemCaPath.empty()) {
verifier = fizz::DefaultCertificateVerifier::createFromCAFile(
fizz::VerificationContext::Client, pemCaPath.str());
}
return FizzContextAndVerifier(std::move(ctx), std::move(verifier));
}
struct SSLSupport *newSSL(void) {
struct SSLSupport *ssl;
check(ssl = malloc(sizeof(struct SSLSupport)));
initSSL(ssl);
return ssl;
}
static int load_module(xml_node *config) {
xml_node *params, *profile, *settings, *condition, *action;
char *key, *value = NULL;
unsigned int i = 0;
char module_api_name[256];
LNOTICE("Loaded %s", module_name);
load_module_xml_config();
/* READ CONFIG */
profile = module_xml_config;
/* reset profile */
profile_size = 0;
while (profile) {
profile = xml_get("profile", profile, 1);
if (profile == NULL)
break;
if(!profile->attr[4] || strncmp(profile->attr[4], "enable", 6)) {
goto nextprofile;
}
/* if not equals "true" */
if(!profile->attr[5] || strncmp(profile->attr[5], "true", 4)) {
goto nextprofile;
}
/* set values */
profile_transport[profile_size].name = strdup(profile->attr[1]);
profile_transport[profile_size].description = strdup(profile->attr[3]);
profile_transport[profile_size].serial = atoi(profile->attr[7]);
profile_transport[profile_size].statistic_pipe = NULL;
profile_transport[profile_size].flag = 1;
/* SETTINGS */
settings = xml_get("settings", profile, 1);
if (settings != NULL) {
params = settings;
while (params) {
params = xml_get("param", params, 1);
if (params == NULL) break;
if (params->attr[0] != NULL) {
/* bad parser */
if (strncmp(params->attr[0], "name", 4)) {
LERR("bad keys in the config");
goto nextparam;
}
key = params->attr[1];
if(params->attr[2] && params->attr[3] && !strncmp(params->attr[2], "value", 5)) {
value = params->attr[3];
}
else {
value = params->child->value;
}
if (key == NULL || value == NULL) {
LERR("bad values in the config");
goto nextparam;
}
if(!strncmp(key, "capture-host", 10)) profile_transport[profile_size].capt_host = strdup(value);
else if(!strncmp(key, "capture-port", 13)) profile_transport[profile_size].capt_port = strdup(value);
else if(!strncmp(key, "capture-proto", 14)) profile_transport[profile_size].capt_proto = strdup(value);
else if(!strncmp(key, "capture-password", 17)) profile_transport[profile_size].capt_password = strdup(value);
else if(!strncmp(key, "capture-id", 11)) profile_transport[profile_size].capt_id = atoi(value);
else if(!strncmp(key, "payload-compression", 19) && !strncmp(value, "true", 5)) profile_transport[profile_size].compression = 1;
else if(!strncmp(key, "version", 7)) profile_transport[profile_size].version = atoi(value);
else if(!strncmp(key, "payload-send", 12) && !strncmp(value, "false", 5)) profile_transport[profile_size].flag = 0;
//if (!strncmp(key, "ignore", 6))
// profile_transport[profile_size].ignore = value;
}
nextparam:
params = params->next;
}
}
/* STATS */
condition = xml_get("statistic", profile, 1);
while (condition) {
condition = xml_get("condition", condition, 1);
if (condition == NULL) break;
if (condition->attr[0] != NULL && condition->attr[2] != NULL) {
/* bad parser */
if (strncmp(condition->attr[0], "field", 5) || strncmp(condition->attr[2], "expression", 10)) {
LERR("bad keys in the config");
goto nextstatistic;
}
key = condition->attr[1];
value = condition->attr[3];
if (key == NULL || value == NULL) {
LERR("bad values in the config");
goto nextstatistic;
}
action = condition->child;
if (action && !strncmp(action->key, "action", 6)) {
for (i = 0; action->attr[i]; i++) {
if (!strncmp(action->attr[i], "application", 4)) {
profile_transport[profile_size].statistic_pipe = strdup(action->attr[i + 1]);
}
else if (!strncmp(action->attr[i], "profile", 7)) {
profile_transport[profile_size].statistic_profile = strdup(action->attr[i + 1]);
}
}
}
}
nextstatistic: condition = condition->next;
}
profile_size++;
nextprofile:
profile = profile->next;
}
/* free it */
free_module_xml_config();
for (i = 0; i < profile_size; i++) {
#ifndef USE_ZLIB
if(profile_transport[i].compression) {
printf("The captagent has not compiled with zlib. Please reconfigure with --enable-compression\n");
LERR("The captagent has not compiled with zlib. Please reconfigure with --enable-compression");
}
#endif /* USE_ZLIB */
/*TLS || SSL*/
if(!strncmp(profile_transport[i].capt_proto, "ssl", 3)) {
#ifdef USE_SSL
profile_transport[i].usessl = 1;
/* init SSL library */
if(sslInit == 0) {
SSL_library_init();
sslInit = 1;
}
#else
printf("The captagent has not compiled with ssl support. Please reconfigure with --enable-ssl\n");
LERR("The captagent has not compiled with ssl support. Please reconfigure with --enable-ssl");
#endif /* end USE_SSL */
}
if(!profile_transport[i].usessl) {
if(init_jsonsocket_blocking(i)) {
LERR("capture: couldn't init socket");
}
}
#ifdef USE_SSL
else {
if(initSSL(i)) {
LERR("capture: couldn't init SSL socket");
}
}
#endif /* use SSL */
if(profile_transport[i].statistic_pipe) {
snprintf(module_api_name, 256, "%s_bind_api", profile_transport[i].statistic_pipe);
//stats_bind_api = (bind_statistic_module_api_t) find_export(module_api_name, 1, 0);
//stats_bind_api(&profile_transport[i].stats_api);
}
}
sigPipe();
return 0;
}
IoSecureServer *IoSecureServer_proto(void *state)
{
initSSL();
IoObject *self = IoObject_new(state);
IoObject_tag_(self, IoSecureServer_newTag(state));
IoObject_setDataPointer_(self, (SecureServerData *)calloc(1, sizeof(SecureServerData)));
SSL_CTX *ctx = SSL_CTX_new(TLSv1_server_method());
DATA(self)->ssl_ctx = ctx;
SSL_CTX_set_default_passwd_cb(ctx, IoSecureSockets_Password_Callback);
SSL_CTX_set_default_passwd_cb_userdata(ctx, self);
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, IoSecureSockets_Verify_Callback);
#ifdef DTLS_IMPLEMENTED
IoObject_setSlot_to_(self, IOSYMBOL("supportsDTLS"), IOTRUE(self));
#else
IoObject_setSlot_to_(self, IOSYMBOL("supportsDTLS"), IOFALSE(self));
#endif
//doc SecureServer supportsDTLS Returns true if server supports DTLS, false otherwise.
IoState_registerProtoWithFunc_((IoState *)state, self, IoSecureServer_proto);
{
IoMethodTable methodTable[] = {
{"setKeyFile", IoSecureServer_setKeyFile},
//doc SecureServer setKeyFile(path) Sets the key file. Returns self.
{"setCertFile", IoSecureServer_setCertFile},
//doc SecureServer setCertFile(path) Sets the certificate file. Returns self.
{"setCAFile", IoSecureServer_setCAFile},
//doc SecureServer setCAFile(path) Sets the CA file. Returns self.
{"setCRLFile", IoSecureServer_setCRLFile},
//doc SecureServer setCRLFile(path) Sets the CRL file. Returns self.
{"useTLS", IoSecureServer_useTLS},
//doc SecureServer useTLS Returns useTLS value.
{"useDTLS", IoSecureServer_useDTLS},
//doc SecureServer useDTLS Returns useDTLS value.
{"setRequiresClientCertificate", IoSecureServer_setRequiresClientCertificate},
//doc SecureServer setRequiresClientCertificate(aBool) Sets the requires client certificate attribute. Returns self.
{"tlsWrap", IoSecureServer_tlsWrap},
//doc SecureServer tlsWrap Returns tlsWrap value.
#ifdef DTLS_IMPLEMENTED
{"dtlsWrap", IoSecureServer_dtlsWrap},
//doc SecureServer dtlsWrap Returns dtlsWrap value.
{"udpRecvIP", IoSecureServer_udpRecvIP},
//doc SecureServer udpRecvIP Returns udpRecvIP value.
{"dispatchUdp", IoSecureServer_dispatchUDP},
//doc SecureServer dispatchUdp Returns dispatchUdp value.
#endif
{NULL, NULL}
};
IoObject_addMethodTable_(self, methodTable);
}
return self;
}
// modifies the GString in place
static int send_hepv3 (GString *s, const str *id, int capt_id, const endpoint_t *src, const endpoint_t *dst,
const struct timeval *tv)
{
struct hep_generic *hg=NULL;
void* buffer;
unsigned int buflen=0, iplen=0,tlen=0;
hep_chunk_ip4_t src_ip4, dst_ip4;
hep_chunk_ip6_t src_ip6, dst_ip6;
hep_chunk_t payload_chunk;
//hep_chunk_t authkey_chunk;
hep_chunk_t correlation_chunk;
//static int errors = 0;
hg = malloc(sizeof(struct hep_generic));
memset(hg, 0, sizeof(struct hep_generic));
/* header set */
memcpy(hg->header.id, "\x48\x45\x50\x33", 4);
/* IP proto */
hg->ip_family.chunk.vendor_id = htons(0x0000);
hg->ip_family.chunk.type_id = htons(0x0001);
hg->ip_family.data = src->address.family->af;
hg->ip_family.chunk.length = htons(sizeof(hg->ip_family));
/* Proto ID */
hg->ip_proto.chunk.vendor_id = htons(0x0000);
hg->ip_proto.chunk.type_id = htons(0x0002);
hg->ip_proto.data = IPPROTO_UDP;
hg->ip_proto.chunk.length = htons(sizeof(hg->ip_proto));
/* IPv4 */
if(hg->ip_family.data == AF_INET) {
/* SRC IP */
src_ip4.chunk.vendor_id = htons(0x0000);
src_ip4.chunk.type_id = htons(0x0003);
src_ip4.data = src->address.u.ipv4;
src_ip4.chunk.length = htons(sizeof(src_ip4));
/* DST IP */
dst_ip4.chunk.vendor_id = htons(0x0000);
dst_ip4.chunk.type_id = htons(0x0004);
dst_ip4.data = dst->address.u.ipv4;
dst_ip4.chunk.length = htons(sizeof(dst_ip4));
iplen = sizeof(dst_ip4) + sizeof(src_ip4);
}
/* IPv6 */
else if(hg->ip_family.data == AF_INET6) {
/* SRC IPv6 */
src_ip6.chunk.vendor_id = htons(0x0000);
src_ip6.chunk.type_id = htons(0x0005);
src_ip6.data = src->address.u.ipv6;
src_ip6.chunk.length = htons(sizeof(src_ip6));
/* DST IPv6 */
dst_ip6.chunk.vendor_id = htons(0x0000);
dst_ip6.chunk.type_id = htons(0x0006);
dst_ip6.data = dst->address.u.ipv6;
dst_ip6.chunk.length = htons(sizeof(dst_ip6));
iplen = sizeof(dst_ip6) + sizeof(src_ip6);
}
/* SRC PORT */
hg->src_port.chunk.vendor_id = htons(0x0000);
hg->src_port.chunk.type_id = htons(0x0007);
hg->src_port.data = htons(src->port);
hg->src_port.chunk.length = htons(sizeof(hg->src_port));
/* DST PORT */
hg->dst_port.chunk.vendor_id = htons(0x0000);
hg->dst_port.chunk.type_id = htons(0x0008);
hg->dst_port.data = htons(dst->port);
hg->dst_port.chunk.length = htons(sizeof(hg->dst_port));
/* TIMESTAMP SEC */
hg->time_sec.chunk.vendor_id = htons(0x0000);
hg->time_sec.chunk.type_id = htons(0x0009);
hg->time_sec.data = htonl(tv->tv_sec);
hg->time_sec.chunk.length = htons(sizeof(hg->time_sec));
/* TIMESTAMP USEC */
hg->time_usec.chunk.vendor_id = htons(0x0000);
hg->time_usec.chunk.type_id = htons(0x000a);
hg->time_usec.data = htonl(tv->tv_usec);
hg->time_usec.chunk.length = htons(sizeof(hg->time_usec));
/* Protocol TYPE */
hg->proto_t.chunk.vendor_id = htons(0x0000);
hg->proto_t.chunk.type_id = htons(0x000b);
hg->proto_t.data = PROTO_RTCP_JSON;
hg->proto_t.chunk.length = htons(sizeof(hg->proto_t));
/* Capture ID */
hg->capt_id.chunk.vendor_id = htons(0x0000);
hg->capt_id.chunk.type_id = htons(0x000c);
hg->capt_id.data = capt_id;
hg->capt_id.chunk.length = htons(sizeof(hg->capt_id));
/* Payload */
payload_chunk.vendor_id = htons(0x0000);
payload_chunk.type_id = 0 ? htons(0x0010) : htons(0x000f);
payload_chunk.length = htons(sizeof(payload_chunk) + s->len);
tlen = sizeof(struct hep_generic) + s->len + iplen + sizeof(hep_chunk_t);
#if 0
/* auth key */
if(profile_transport[idx].capt_password != NULL) {
tlen += sizeof(hep_chunk_t);
/* Auth key */
authkey_chunk.vendor_id = htons(0x0000);
authkey_chunk.type_id = htons(0x000e);
authkey_chunk.length = htons(sizeof(authkey_chunk) + strlen(profile_transport[idx].capt_password));
tlen += strlen(profile_transport[idx].capt_password);
}
#endif
/* correlation key */
//if(rcinfo->correlation_id.s && rcinfo->correlation_id.len > 0) {
tlen += sizeof(hep_chunk_t);
/* Correlation key */
correlation_chunk.vendor_id = htons(0x0000);
correlation_chunk.type_id = htons(0x0011);
correlation_chunk.length = htons(sizeof(correlation_chunk) + id->len);
tlen += id->len;
//}
/* total */
hg->header.length = htons(tlen);
buffer = (void*)malloc(tlen);
if (buffer==0){
ilog(LOG_ERR, "ERROR: out of memory");
free(hg);
return -1;
}
memcpy((void*) buffer, hg, sizeof(struct hep_generic));
buflen = sizeof(struct hep_generic);
/* IPv4 */
if(hg->ip_family.data == AF_INET) {
/* SRC IP */
memcpy((void*) buffer+buflen, &src_ip4, sizeof(struct hep_chunk_ip4));
buflen += sizeof(struct hep_chunk_ip4);
memcpy((void*) buffer+buflen, &dst_ip4, sizeof(struct hep_chunk_ip4));
buflen += sizeof(struct hep_chunk_ip4);
}
/* IPv6 */
else if(hg->ip_family.data == AF_INET6) {
/* SRC IPv6 */
memcpy((void*) buffer+buflen, &src_ip4, sizeof(struct hep_chunk_ip6));
buflen += sizeof(struct hep_chunk_ip6);
memcpy((void*) buffer+buflen, &dst_ip6, sizeof(struct hep_chunk_ip6));
buflen += sizeof(struct hep_chunk_ip6);
}
#if 0
/* AUTH KEY CHUNK */
if(profile_transport[idx].capt_password != NULL) {
memcpy((void*) buffer+buflen, &authkey_chunk, sizeof(struct hep_chunk));
buflen += sizeof(struct hep_chunk);
/* Now copying payload self */
memcpy((void*) buffer+buflen, profile_transport[idx].capt_password, strlen(profile_transport[idx].capt_password));
buflen+=strlen(profile_transport[idx].capt_password);
}
#endif
/* Correlation KEY CHUNK */
//if(rcinfo->correlation_id.s && rcinfo->correlation_id.len > 0) {
memcpy((void*) buffer+buflen, &correlation_chunk, sizeof(struct hep_chunk));
buflen += sizeof(struct hep_chunk);
/* Now copying payload self */
memcpy((void*) buffer+buflen, id->s, id->len);
buflen+= id->len;
//}
/* PAYLOAD CHUNK */
memcpy((void*) buffer+buflen, &payload_chunk, sizeof(struct hep_chunk));
buflen += sizeof(struct hep_chunk);
/* Now copying payload self */
memcpy((void*) buffer+buflen, s->str, s->len);
buflen+=s->len;
#if 0
/* make sleep after 100 errors */
if(errors > 50) {
LERR( "HEP server is down... retrying after sleep...");
if(!profile_transport[idx].usessl) {
sleep(2);
if(init_hepsocket_blocking(idx)) {
profile_transport[idx].initfails++;
}
errors=0;
}
#ifdef USE_SSL
else {
sleep(2);
if(initSSL(idx)) profile_transport[idx].initfails++;
errors=0;
}
#endif /* USE SSL */
}
/* send this packet out of our socket */
if(send_data(buffer, buflen, idx)) {
errors++;
stats.errors_total++;
}
#endif
g_string_truncate(s, 0);
g_string_append_len(s, buffer, buflen);
/* FREE */
if(buffer) free(buffer);
if(hg) free(hg);
return 0;
}
int send_hepv2 (rc_info_t *rcinfo, unsigned char *data, unsigned int len) {
void* buffer;
struct hep_hdr hdr;
struct hep_timehdr hep_time;
struct hep_iphdr hep_ipheader;
unsigned int totlen=0, buflen=0;
static int errors=0;
#ifdef USE_IPV6
struct hep_ip6hdr hep_ip6header;
#endif /* USE IPV6 */
/* Version && proto */
hdr.hp_v = hep_version;
hdr.hp_f = rcinfo->ip_family;
hdr.hp_p = rcinfo->ip_proto;
hdr.hp_sport = htons(rcinfo->src_port); /* src port */
hdr.hp_dport = htons(rcinfo->dst_port); /* dst port */
/* IP version */
switch (hdr.hp_f) {
case AF_INET:
totlen = sizeof(struct hep_iphdr);
break;
#ifdef USE_IPV6
case AF_INET6:
totlen = sizeof(struct hep_ip6hdr);
break;
#endif /* USE IPV6 */
}
hdr.hp_l = totlen + sizeof(struct hep_hdr);
/* COMPLETE LEN */
totlen += sizeof(struct hep_hdr);
totlen += len;
if(hep_version == 2) {
totlen += sizeof(struct hep_timehdr);
hep_time.tv_sec = rcinfo->time_sec;
hep_time.tv_usec = rcinfo->time_usec;
hep_time.captid = capt_id;
}
/*buffer for ethernet frame*/
buffer = (void*)malloc(totlen);
if (buffer==0){
LERR("ERROR: out of memory\n");
goto error;
}
/* copy hep_hdr */
memcpy((void*) buffer, &hdr, sizeof(struct hep_hdr));
buflen = sizeof(struct hep_hdr);
switch (hdr.hp_f) {
case AF_INET:
/* Source && Destination ipaddresses*/
inet_pton(AF_INET, rcinfo->src_ip, &hep_ipheader.hp_src);
inet_pton(AF_INET, rcinfo->dst_ip, &hep_ipheader.hp_dst);
/* copy hep ipheader */
memcpy((void*)buffer + buflen, &hep_ipheader, sizeof(struct hep_iphdr));
buflen += sizeof(struct hep_iphdr);
break;
#ifdef USE_IPV6
case AF_INET6:
inet_pton(AF_INET6, rcinfo->src_ip, &hep_ip6header.hp6_src);
inet_pton(AF_INET6, rcinfo->dst_ip, &hep_ip6header.hp6_dst);
/* copy hep6 ipheader */
memcpy((void*)buffer + buflen, &hep_ip6header, sizeof(struct hep_ip6hdr));
buflen += sizeof(struct hep_ip6hdr);
break;
#endif /* USE_IPV6 */
}
/* Version 2 has timestamp, captnode ID */
if(hep_version == 2) {
/* TIMING */
memcpy((void*)buffer + buflen, &hep_time, sizeof(struct hep_timehdr));
buflen += sizeof(struct hep_timehdr);
}
if(!data) {
LERR( "the captured data is empty....\n");
goto error;
}
memcpy((void *)(buffer + buflen) , (void*)(data), len);
buflen +=len;
/* make sleep after 100 errors*/
if(errors > 50) {
LERR( "HEP server is down... retrying after sleep...\n");
if(!usessl) {
sleep(2);
if(init_hepsocket_blocking()) {
initfails++;
}
errors=0;
}
#ifdef USE_SSL
else {
sleep(2);
if(initSSL()) {
initfails++;
}
errors=0;
}
#endif /* USE SSL */
}
/* send this packet out of our socket */
if(send_data(buffer, buflen)) {
errors++;
}
/* FREE */
if(buffer) free(buffer);
return 1;
error:
if(buffer) free(buffer);
return 0;
}
int send_hepv3 (rc_info_t *rcinfo, unsigned char *data, unsigned int len, unsigned int sendzip) {
struct hep_generic *hg=NULL;
void* buffer;
unsigned int buflen=0, iplen=0,tlen=0;
hep_chunk_ip4_t src_ip4, dst_ip4;
#ifdef USE_IPV6
hep_chunk_ip6_t src_ip6, dst_ip6;
#endif
hep_chunk_t payload_chunk;
hep_chunk_t authkey_chunk;
hep_chunk_t correlation_chunk;
static int errors = 0;
hg = malloc(sizeof(struct hep_generic));
memset(hg, 0, sizeof(struct hep_generic));
/* header set */
memcpy(hg->header.id, "\x48\x45\x50\x33", 4);
/* IP proto */
hg->ip_family.chunk.vendor_id = htons(0x0000);
hg->ip_family.chunk.type_id = htons(0x0001);
hg->ip_family.data = rcinfo->ip_family;
hg->ip_family.chunk.length = htons(sizeof(hg->ip_family));
/* Proto ID */
hg->ip_proto.chunk.vendor_id = htons(0x0000);
hg->ip_proto.chunk.type_id = htons(0x0002);
hg->ip_proto.data = rcinfo->ip_proto;
hg->ip_proto.chunk.length = htons(sizeof(hg->ip_proto));
/* IPv4 */
if(rcinfo->ip_family == AF_INET) {
/* SRC IP */
src_ip4.chunk.vendor_id = htons(0x0000);
src_ip4.chunk.type_id = htons(0x0003);
inet_pton(AF_INET, rcinfo->src_ip, &src_ip4.data);
src_ip4.chunk.length = htons(sizeof(src_ip4));
/* DST IP */
dst_ip4.chunk.vendor_id = htons(0x0000);
dst_ip4.chunk.type_id = htons(0x0004);
inet_pton(AF_INET, rcinfo->dst_ip, &dst_ip4.data);
dst_ip4.chunk.length = htons(sizeof(dst_ip4));
iplen = sizeof(dst_ip4) + sizeof(src_ip4);
}
#ifdef USE_IPV6
/* IPv6 */
else if(rcinfo->ip_family == AF_INET6) {
/* SRC IPv6 */
src_ip6.chunk.vendor_id = htons(0x0000);
src_ip6.chunk.type_id = htons(0x0005);
inet_pton(AF_INET6, rcinfo->src_ip, &src_ip6.data);
src_ip6.chunk.length = htonl(sizeof(src_ip6));
/* DST IPv6 */
dst_ip6.chunk.vendor_id = htons(0x0000);
dst_ip6.chunk.type_id = htons(0x0006);
inet_pton(AF_INET6, rcinfo->dst_ip, &dst_ip6.data);
dst_ip6.chunk.length = htonl(sizeof(dst_ip6));
iplen = sizeof(dst_ip6) + sizeof(src_ip6);
}
#endif
/* SRC PORT */
hg->src_port.chunk.vendor_id = htons(0x0000);
hg->src_port.chunk.type_id = htons(0x0007);
hg->src_port.data = htons(rcinfo->src_port);
hg->src_port.chunk.length = htons(sizeof(hg->src_port));
/* DST PORT */
hg->dst_port.chunk.vendor_id = htons(0x0000);
hg->dst_port.chunk.type_id = htons(0x0008);
hg->dst_port.data = htons(rcinfo->dst_port);
hg->dst_port.chunk.length = htons(sizeof(hg->dst_port));
/* TIMESTAMP SEC */
hg->time_sec.chunk.vendor_id = htons(0x0000);
hg->time_sec.chunk.type_id = htons(0x0009);
hg->time_sec.data = htonl(rcinfo->time_sec);
hg->time_sec.chunk.length = htons(sizeof(hg->time_sec));
/* TIMESTAMP USEC */
hg->time_usec.chunk.vendor_id = htons(0x0000);
hg->time_usec.chunk.type_id = htons(0x000a);
hg->time_usec.data = htonl(rcinfo->time_usec);
hg->time_usec.chunk.length = htons(sizeof(hg->time_usec));
/* Protocol TYPE */
hg->proto_t.chunk.vendor_id = htons(0x0000);
hg->proto_t.chunk.type_id = htons(0x000b);
hg->proto_t.data = rcinfo->proto_type;
hg->proto_t.chunk.length = htons(sizeof(hg->proto_t));
/* Capture ID */
hg->capt_id.chunk.vendor_id = htons(0x0000);
hg->capt_id.chunk.type_id = htons(0x000c);
hg->capt_id.data = htons(capt_id);
hg->capt_id.chunk.length = htons(sizeof(hg->capt_id));
/* Payload */
payload_chunk.vendor_id = htons(0x0000);
payload_chunk.type_id = sendzip ? htons(0x0010) : htons(0x000f);
payload_chunk.length = htons(sizeof(payload_chunk) + len);
tlen = sizeof(struct hep_generic) + len + iplen + sizeof(hep_chunk_t);
/* auth key */
if(capt_password != NULL) {
tlen += sizeof(hep_chunk_t);
/* Auth key */
authkey_chunk.vendor_id = htons(0x0000);
authkey_chunk.type_id = htons(0x000e);
authkey_chunk.length = htons(sizeof(authkey_chunk) + strlen(capt_password));
tlen += strlen(capt_password);
}
/* correlation key */
if(rcinfo->correlation_id.s && rcinfo->correlation_id.len > 0) {
tlen += sizeof(hep_chunk_t);
/* Correlation key */
correlation_chunk.vendor_id = htons(0x0000);
correlation_chunk.type_id = htons(0x0011);
correlation_chunk.length = htons(sizeof(correlation_chunk) + rcinfo->correlation_id.len);
tlen += rcinfo->correlation_id.len;
}
/* total */
hg->header.length = htons(tlen);
//LERR( "LEN: [%d] vs [%d] = IPLEN:[%d] LEN:[%d] CH:[%d]\n", hg->header.length, ntohs(hg->header.length), iplen, len, sizeof(struct hep_chunk));
buffer = (void*)malloc(tlen);
if (buffer==0){
LERR("ERROR: out of memory\n");
free(hg);
return 1;
}
memcpy((void*) buffer, hg, sizeof(struct hep_generic));
buflen = sizeof(struct hep_generic);
/* IPv4 */
if(rcinfo->ip_family == AF_INET) {
/* SRC IP */
memcpy((void*) buffer+buflen, &src_ip4, sizeof(struct hep_chunk_ip4));
buflen += sizeof(struct hep_chunk_ip4);
memcpy((void*) buffer+buflen, &dst_ip4, sizeof(struct hep_chunk_ip4));
buflen += sizeof(struct hep_chunk_ip4);
}
#ifdef USE_IPV6
/* IPv6 */
else if(rcinfo->ip_family == AF_INET6) {
/* SRC IPv6 */
memcpy((void*) buffer+buflen, &src_ip4, sizeof(struct hep_chunk_ip6));
buflen += sizeof(struct hep_chunk_ip6);
memcpy((void*) buffer+buflen, &dst_ip6, sizeof(struct hep_chunk_ip6));
buflen += sizeof(struct hep_chunk_ip6);
}
#endif
/* AUTH KEY CHUNK */
if(capt_password != NULL) {
memcpy((void*) buffer+buflen, &authkey_chunk, sizeof(struct hep_chunk));
buflen += sizeof(struct hep_chunk);
/* Now copying payload self */
memcpy((void*) buffer+buflen, capt_password, strlen(capt_password));
buflen+=strlen(capt_password);
}
/* Correlation KEY CHUNK */
if(rcinfo->correlation_id.s && rcinfo->correlation_id.len > 0) {
memcpy((void*) buffer+buflen, &correlation_chunk, sizeof(struct hep_chunk));
buflen += sizeof(struct hep_chunk);
/* Now copying payload self */
memcpy((void*) buffer+buflen, rcinfo->correlation_id.s, rcinfo->correlation_id.len);
buflen+= rcinfo->correlation_id.len;
}
/* PAYLOAD CHUNK */
memcpy((void*) buffer+buflen, &payload_chunk, sizeof(struct hep_chunk));
buflen += sizeof(struct hep_chunk);
if(!data) {
LERR( "the captured data is empty....\n");
goto error;
}
/* Now copying payload self */
memcpy((void*) buffer+buflen, data, len);
buflen+=len;
/* make sleep after 100 errors */
if(errors > 50) {
LERR( "HEP server is down... retrying after sleep...\n");
if(!usessl) {
sleep(2);
if(init_hepsocket_blocking()) {
initfails++;
}
errors=0;
}
#ifdef USE_SSL
else {
sleep(2);
if(initSSL()) {
initfails++;
}
errors=0;
}
#endif /* USE SSL */
}
/* send this packet out of our socket */
if(send_data(buffer, buflen)) {
errors++;
}
/* FREE */
if(buffer) free(buffer);
if(hg) free(hg);
return 1;
error:
if(buffer) free(buffer);
if(hg) free(hg);
return 0;
}
int main(int argc,char** argv){
// openssl support
#ifdef _SSL
initSSL();
ctx=SSL_CTX_new(SSLv23_client_method());
if(ctx==NULL){
ERR_print_errors_fp(stdout);
exit(-2);
}
#endif
if(argc!=2){
printf("Usage:client ipv6addr\n");
exit(-1);
}
setlocale(LC_ALL,"");
char name[10];
printf("输入昵称:\n");
scanf("%6s",name);
int sockfd,len;
struct sockaddr_in6 dst;
char buf[MAXBUF+1];
char buf1[MAXBUF+1];
sockfd=socket(AF_INET6,PROTOCOL,0);
GUARD(sockfd);
bzero(&dst,sizeof(dst));
dst.sin6_family=AF_INET6;
dst.sin6_port=htons(SERVERPORT);
GUARD(inet_pton(AF_INET6,argv[1],&dst.sin6_addr));
GUARD(connect(sockfd,(struct sockaddr *)&dst,sizeof(dst)));
// ssl support
#ifdef _SSL
sslfd=SSL_new(ctx);
SSL_set_fd(sslfd,sockfd);
if(SSL_connect(sslfd)==-1)
ERR_print_errors_fp(stderr);
else{
printf("connected with %s encryption\n",SSL_get_cipher(sslfd));
//ShowCerts(sslfd);
}
#endif
// ssl support bind over
initscr();
WINDOW *recvBd=subwin(stdscr,HEIGHT1+2,WIDTH+2,1,1);
WINDOW *inputBd=subwin(stdscr,HEIGHT+2,WIDTH+2,15,1);
recvWin=subwin(stdscr,HEIGHT1,WIDTH,2,2);
inputWin=subwin(stdscr,HEIGHT,WIDTH,16,2);
box(recvBd,HLINE,VLINE);
box(inputBd,HLINE,VLINE);
wprintw(recvBd,"接收");
wprintw(inputBd,"发送");
cbreak();
keypad(stdscr,TRUE);
start_color();
scrollok(recvWin,1);
scrollok(inputWin,1);
refresh();
bzero(buf,MAXBUF+1);
#ifndef _SSL
len=recv(sockfd,buf,MAXBUF,0);
#else
len=SSL_read(sslfd,buf,MAXBUF);
#endif
wprintw(recvWin,"%s\n",buf);
touchwin(recvWin);
wrefresh(recvWin);
pthread_t t_recv;
if(pthread_create(&t_recv,NULL,recvThread,(void*)sockfd)<0){
perror("create thread");
exit(1);
}
while(1){
bzero(buf,MAXBUF+1);
wprintw(inputWin,"%6s > ",name);
int key=wgetch(inputWin);
if(key==ESCAPE){
break;
}
wscanw(inputWin,"%s",buf);
touchwin(inputWin);
wrefresh(inputWin);
sprintf(buf1,"[%6s]: %c%s\n",name,(char)key,buf);
#ifndef _SSL
len=send(sockfd,buf1,strlen(buf1),0);
#else
len=SSL_write(sslfd,buf1,strlen(buf1));
#endif
if(len<0)
continue;
}
close(sockfd);
delwin(recvWin);
delwin(inputWin);
delwin(recvBd);
delwin(inputBd);
endwin();
#ifdef _SSL
SSL_shutdown(sslfd);
SSL_free(sslfd);
SSL_CTX_free(ctx);
#endif
return 0;
}
std::shared_ptr<fizz::server::FizzServerContext> createFizzServerContext(
folly::StringPiece pemCertPath,
folly::StringPiece certData,
folly::StringPiece pemKeyPath,
folly::StringPiece keyData,
folly::StringPiece pemCaPath,
bool requireClientVerification,
wangle::TLSTicketKeySeeds* ticketKeySeeds) {
initSSL();
auto certMgr = std::make_unique<fizz::server::CertManager>();
try {
auto selfCert =
fizz::CertUtils::makeSelfCert(certData.str(), keyData.str());
// add the default cert
certMgr->addCert(std::move(selfCert), true);
} catch (const std::exception& ex) {
LOG_FAILURE(
"SSLCert",
failure::Category::kBadEnvironment,
"Failed to create self cert from \"{}\" and \"{}\". ex: {}",
pemCertPath,
pemKeyPath,
ex.what());
return nullptr;
}
auto ctx = std::make_shared<fizz::server::FizzServerContext>();
ctx->setSupportedVersions({fizz::ProtocolVersion::tls_1_3});
ctx->setSupportedPskModes(
{fizz::PskKeyExchangeMode::psk_ke, fizz::PskKeyExchangeMode::psk_dhe_ke});
ctx->setVersionFallbackEnabled(true);
ctx->setCertManager(std::move(certMgr));
if (!pemCaPath.empty()) {
auto verifier = fizz::DefaultCertificateVerifier::createFromCAFile(
fizz::VerificationContext::Server, pemCaPath.str());
ctx->setClientCertVerifier(std::move(verifier));
ctx->setClientAuthMode(fizz::server::ClientAuthMode::Optional);
}
if (requireClientVerification) {
ctx->setClientAuthMode(fizz::server::ClientAuthMode::Required);
}
// set ticket seeds
if (ticketKeySeeds) {
std::vector<folly::ByteRange> ticketSecrets;
for (const auto& secret : ticketKeySeeds->currentSeeds) {
ticketSecrets.push_back(folly::StringPiece(secret));
}
for (const auto& secret : ticketKeySeeds->oldSeeds) {
ticketSecrets.push_back(folly::StringPiece(secret));
}
for (const auto& secret : ticketKeySeeds->newSeeds) {
ticketSecrets.push_back(folly::StringPiece(secret));
}
auto cipher = std::make_shared<fizz::server::AES128TicketCipher>();
cipher->setTicketSecrets(std::move(ticketSecrets));
cipher->setValidity(std::chrono::seconds(kSessionLifeTime));
ctx->setTicketCipher(std::move(cipher));
}
// TODO: allow for custom FizzFactory
return ctx;
}
int
main (int argc, char **argv)
{
int rc;
char *pt;
char *bversion;
FILE *pidfile,*conffile;
if(argc==2)
{
strmncpy(configfile,argv[1],sizeof(configfile));
} else {
strcpy(configfile,"psybnc.conf"); /* rcsid */
}
conffile=fopen(configfile,"r");
if(conffile==NULL)
{
printf("Configuration File %s not found, aborting\nRun 'make menuconfig' for creating a configuration or create the file manually.\n",configfile); /* rcsid */
exit (0x0);
}
fclose(conffile);
readconfig();
rc = getini("SYSTEM","LANGUAGE",INIFILE); /* rcsid */
if(rc!=0)
{
rc=loadlanguage("english"); /* rcsid */
} else {
rc=loadlanguage(value);
if(rc<0)
rc=loadlanguage("english"); /* rcsid */
}
if(rc<0)
{
printf("Could not load language file, aborting.\n"); /* rcsid */
exit(0x0);
}
printbanner();
printf(lngtxt(991),configfile);
printf(lngtxt(992),langname);
ap_snprintf(logfile,sizeof(logfile),lngtxt(993));
rc = getini(lngtxt(994),lngtxt(995),INIFILE);
if (rc != 0) {
printf("%s", lngtxt(996));
exit (0x0);
}
listenport = atoi(value);
rc = getini(lngtxt(997),"ME",INIFILE);
if (rc < 0) {
memset(value,0x0,sizeof(value));
}
pt=strchr(value,' '); /* shortening bouncername to no spaces */
if(pt)
*pt=0;
ap_snprintf(me,sizeof(me),"%s",value);
rc = getini(lngtxt(998),lngtxt(999),INIFILE);
if (rc < 0) {
printf("%s", lngtxt(1000));
ap_snprintf(value,sizeof(value),lngtxt(1001));
}
ap_snprintf(logfile,sizeof(logfile),"%s",value);
oldfile(logfile);
/* creating the socket-root */
socketnode=(struct socketnodes *) pmalloc(sizeof(struct usernodes));
socketnode->sock=NULL;
socketnode->next=NULL;
#ifdef IPV6
/* set the default ipv6 preference for users without a PREFERIPV6 setting */
rc = getini("SYSTEM", "DEFAULTIPV6", INIFILE);
if (rc == 0)
{
defaultipv6 = atoi(value);
}
#endif
/* creating the demon socket */
rc = createlisteners();
if (rc == 0) {
printf("%s", lngtxt(1002));
exit (0x0);
}
/* creating background */
pidfile = fopen(lngtxt(1003),"w");
if(pidfile==NULL)
{
printf("%s", lngtxt(1004));
exit(0x0);
}
if(mainlog!=NULL)
{
fclose(mainlog);
mainlog=NULL;
}
fflush(stdout);
pid = fork();
//pid = 0;
if (pid < 0) {
}
if (pid == 0) {
rc= errorhandling();
makesalt();
#ifdef HAVE_SSL
initSSL();
pcontext;
#endif
U_CREATE=0;
#ifdef PARTYCHANNEL
/* partychannel setup */
strmncpy(partytopic,lngtxt(1005),sizeof(partytopic));
partyusers=NULL;
#endif
/* creating the usernode-root */
usernode=(struct usernodes *) pmalloc(sizeof(struct usernodes));
usernode->uid=0;
usernode->user=NULL;
usernode->next=NULL;
/* creating the newpeer-root */
peernode=(struct peernodes *) pmalloc(sizeof(struct peernodes));
peernode->uid=0;
peernode->peer=NULL;
peernode->next=NULL;
/* creating the datalink-root */
linknode=(struct linknodes *) pmalloc(sizeof(struct linknodes));
linknode->uid=0;
linknode->link=NULL;
linknode->next=NULL;
/* loading the users */
loadusers();
loadlinks();
pcontext;
/* loading the hostallows */
hostallows=loadlist(lngtxt(1006),hostallows);
}
pcontext;
if (pid) {
bversion=buildversion();
printf(lngtxt(1007),bversion,pid);
p_log(LOG_INFO,-1,lngtxt(1008),bversion,pid);
fprintf( pidfile,"%d\n",pid);
fclose(pidfile);
exit (0x0);
}
pcontext;
//#ifndef BLOCKDNS
// if(init_dns_core()==0)
// {
// dns_err(0,1);
// }
//#endif
p_dns_init();
bncmain();
return 0x0;
}
int load_module(xml_node *config)
{
xml_node *modules;
char *key, *value;
//int s;
/* READ CONFIG */
modules = config;
while(1) {
if(modules == NULL) break;
modules = xml_get("param", modules, 1 );
if(modules->attr[0] != NULL && modules->attr[2] != NULL) {
/* bad parser */
if(strncmp(modules->attr[2], "value", 5) || strncmp(modules->attr[0], "name", 4)) {
LERR( "bad keys in the config\n");
goto next;
}
key = modules->attr[1];
value = modules->attr[3];
if(key == NULL || value == NULL) {
LERR( "bad values in the config\n");
goto next;
}
if(!strncmp(key, "capture-host", 10)) capt_host = value;
else if(!strncmp(key, "capture-port", 13)) capt_port = value;
else if(!strncmp(key, "capture-proto", 14)) capt_proto = value;
else if(!strncmp(key, "capture-password", 17)) capt_password = value;
else if(!strncmp(key, "capture-id", 11)) capt_id = atoi(value);
else if(!strncmp(key, "payload-compression", 19) && !strncmp(value, "true", 5)) pl_compress = 1;
else if(!strncmp(key, "version", 7)) hep_version = atoi(value);
}
next:
modules = modules->next;
}
#ifndef USE_ZLIB
if(pl_compress) LDEBUG("The captagent has not compiled with zlib. Please reconfigure with --enable-compression\n");
#endif /* USE_ZLIB */
LNOTICE("Loaded core_hep\n");
hints->ai_flags = AI_NUMERICSERV;
hints->ai_family = AF_UNSPEC;
if(!strncmp(capt_proto, "udp", 3)) {
hints->ai_socktype = SOCK_DGRAM;
hints->ai_protocol = IPPROTO_UDP;
}
else if(!strncmp(capt_proto, "tcp", 3) || !strncmp(capt_proto, "ssl", 3)) {
hints->ai_socktype = SOCK_STREAM;
hints->ai_protocol = IPPROTO_TCP;
/*TLS || SSL*/
if(!strncmp(capt_proto, "ssl", 3)) {
#ifdef USE_SSL
usessl = 1;
/* init SSL library */
SSL_library_init();
#else
LERR("The captagent has not compiled with ssl support. Please reconfigure with --enable-ssl\n");
#endif /* end USE_SSL */
}
}
else {
LERR("Unsupported protocol\n");
return -1;
}
/* if ((s = getaddrinfo(capt_host, capt_port, hints, &ai)) != 0) {
LERR( "capture: getaddrinfo: %s\n", gai_strerror(s));
return 2;
}
*/
if(!usessl) {
if(init_hepsocket_blocking()) {
LERR("capture: couldn't init socket\r\n");
return 2;
}
}
#ifdef USE_SSL
else {
if(initSSL()) {
LERR("capture: couldn't init SSL socket\r\n");
handler(1);
return 2;
}
// start select thread
/* pthread_create(&call_thread, NULL, (void *)select_loop, NULL);
if (pthread_mutex_init(&lock, NULL) != 0)
{
LERR("mutex init failed\n");
return 3;
}
*/
}
#endif /* use SSL */
sigPipe();
return 0;
}
int send_json (msg_t *msg) {
rc_info_t *rcinfo = NULL;
unsigned int idx = 0;
json_object *jobj_reply = NULL;
sip_msg_t *sipPacket = NULL;
const char *message = NULL;
static int errors = 0;
char tmpser[100];
jobj_reply = json_object_new_object();
idx = get_profile_index_by_name(msg->profile_name);
rcinfo = &msg->rcinfo;
if(msg->parsed_data && rcinfo->proto_type == 1) sipPacket = (sip_msg_t *) msg->parsed_data;
stats.recieved_packets_total++;
/* workaround for old json */
snprintf(tmpser, 100, "%" PRId64, (int64_t) stats.recieved_packets_total);
json_object_object_add(jobj_reply, "packet_id", json_object_new_string(tmpser));
json_object_object_add(jobj_reply, "my_time", json_object_new_int(time(0)));
json_object_object_add(jobj_reply, "ip_family", json_object_new_int(rcinfo->ip_family));
json_object_object_add(jobj_reply, "ip_proto", json_object_new_int(rcinfo->ip_proto));
if(rcinfo->ip_family == AF_INET) {
json_object_object_add(jobj_reply, "src_ip4", json_object_new_string(rcinfo->src_ip));
json_object_object_add(jobj_reply, "dst_ip4", json_object_new_string(rcinfo->dst_ip));
}
else {
json_object_object_add(jobj_reply, "src_ip6", json_object_new_string(rcinfo->src_ip));
json_object_object_add(jobj_reply, "dst_ip6", json_object_new_string(rcinfo->dst_ip));
}
json_object_object_add(jobj_reply, "src_port", json_object_new_int(rcinfo->src_port));
json_object_object_add(jobj_reply, "dst_port", json_object_new_int(rcinfo->dst_port));
json_object_object_add(jobj_reply, "tss", json_object_new_int(rcinfo->time_sec));
json_object_object_add(jobj_reply, "tsu", json_object_new_int(rcinfo->time_usec));
/* payload */
if(profile_transport[idx].flag == 1) json_object_object_add(jobj_reply, "payload", json_object_new_string(msg->data));
if(rcinfo->correlation_id.s && rcinfo->correlation_id.len > 0) {
json_object_object_add(jobj_reply, "corr_id", json_object_new_string_len(rcinfo->correlation_id.s, rcinfo->correlation_id.len));
}
json_object_object_add(jobj_reply, "proto_type", json_object_new_int(rcinfo->proto_type));
json_object_object_add(jobj_reply, "capt_id", json_object_new_int(profile_transport[idx].capt_id));
if(sipPacket != NULL) {
if(sipPacket->callId.s && sipPacket->callId.len > 0)
json_object_object_add(jobj_reply, "sip_callid", json_object_new_string_len(sipPacket->callId.s, sipPacket->callId.len));
if(sipPacket->isRequest && sipPacket->methodString.s && sipPacket->methodString.len > 0)
json_object_object_add(jobj_reply, "sip_method", json_object_new_string_len(sipPacket->methodString.s, sipPacket->methodString.len));
else if(sipPacket->responseCode > 0)
json_object_object_add(jobj_reply, "sip_response", json_object_new_int(sipPacket->responseCode));
if(sipPacket->cSeqMethodString.s && sipPacket->cSeqMethodString.len > 0)
json_object_object_add(jobj_reply, "sip_cseq", json_object_new_string_len(sipPacket->cSeqMethodString.s, sipPacket->cSeqMethodString.len));
if(sipPacket->cSeqMethodString.s && sipPacket->cSeqMethodString.len > 0)
json_object_object_add(jobj_reply, "sip_cseq", json_object_new_string_len(sipPacket->cSeqMethodString.s, sipPacket->cSeqMethodString.len));
if(sipPacket->fromURI.s && sipPacket->fromURI.len > 0)
json_object_object_add(jobj_reply, "sip_from_uri", json_object_new_string_len(sipPacket->fromURI.s, sipPacket->fromURI.len));
if(sipPacket->toURI.s && sipPacket->toURI.len > 0)
json_object_object_add(jobj_reply, "sip_to_uri", json_object_new_string_len(sipPacket->toURI.s, sipPacket->toURI.len));
if(sipPacket->requestURI.s && sipPacket->requestURI.len > 0)
json_object_object_add(jobj_reply, "sip_request_uri", json_object_new_string_len(sipPacket->requestURI.s, sipPacket->requestURI.len));
if(sipPacket->paiUser.s && sipPacket->paiUser.len > 0)
json_object_object_add(jobj_reply, "sip_pai_user", json_object_new_string_len(sipPacket->paiUser.s, sipPacket->paiUser.len));
if(sipPacket->hasSdp)
json_object_object_add(jobj_reply, "sip_sdp", json_object_new_int(1));
}
message = json_object_to_json_string(jobj_reply);
/* make sleep after 100 errors */
if(errors > 30) { sleep (2); errors = 0; }
/* send this packet out of our socket */
if(send_data(message, strlen(message), idx) < 0) {
stats.errors_total++;
LERR( "JSON server is down...");
if(!profile_transport[idx].usessl) {
if(init_jsonsocket_blocking(idx)) {
profile_transport[idx].initfails++;
}
errors=0;
}
#ifdef USE_SSL
else {
if(initSSL(idx)) profile_transport[idx].initfails++;
errors=0;
}
#endif /* USE SSL */
}
json_object_put(jobj_reply);
if(msg->mfree == 1) free(msg->data);
if(msg->corrdata) {
free(msg->corrdata);
msg->corrdata = NULL;
}
return 1;
}