/**
* ssl_socket_open - Open an SSL socket - Implements Connection::conn_open()
*/
static int ssl_socket_open(struct Connection *conn)
{
if (raw_socket_open(conn) < 0)
return -1;
int rc = ssl_setup(conn);
if (rc)
raw_socket_close(conn);
return rc;
}
/**
* mutt_ssl_starttls - Negotiate TLS over an already opened connection
* @param conn Connection to a server
* @retval 0 Success
* @retval -1 Error
*/
int mutt_ssl_starttls(struct Connection *conn)
{
if (ssl_init())
return -1;
int rc = ssl_setup(conn);
/* hmm. watch out if we're starting TLS over any method other than raw. */
conn->conn_read = ssl_socket_read;
conn->conn_write = ssl_socket_write;
conn->conn_close = ssl_socket_close_and_restore;
return rc;
}
int gitno_connect(git_transport *t, const char *host, const char *port)
{
struct addrinfo *info = NULL, *p;
struct addrinfo hints;
int ret;
GIT_SOCKET s = INVALID_SOCKET;
memset(&hints, 0x0, sizeof(struct addrinfo));
hints.ai_socktype = SOCK_STREAM;
hints.ai_family = AF_UNSPEC;
if ((ret = p_getaddrinfo(host, port, &hints, &info)) < 0) {
giterr_set(GITERR_NET,
"Failed to resolve address for %s: %s", host, p_gai_strerror(ret));
return -1;
}
for (p = info; p != NULL; p = p->ai_next) {
s = socket(p->ai_family, p->ai_socktype, p->ai_protocol);
if (s == INVALID_SOCKET) {
net_set_error("error creating socket");
break;
}
if (connect(s, p->ai_addr, (socklen_t)p->ai_addrlen) == 0)
break;
/* If we can't connect, try the next one */
gitno_close(s);
s = INVALID_SOCKET;
}
/* Oops, we couldn't connect to any address */
if (s == INVALID_SOCKET && p == NULL) {
giterr_set(GITERR_OS, "Failed to connect to %s", host);
return -1;
}
t->socket = s;
p_freeaddrinfo(info);
if (t->use_ssl && ssl_setup(t, host) < 0)
return -1;
return 0;
}
/*! \brief
* creates a FILE * from the fd passed by the accept thread.
* This operation is potentially expensive (certificate verification),
* so we do it in the child thread context.
*
* \note must decrement ref count before returning NULL on error
*/
static void *handle_tcptls_connection(void *data)
{
struct ast_tcptls_session_instance *tcptls_session = data;
#ifdef DO_SSL
int (*ssl_setup)(SSL *) = (tcptls_session->client) ? SSL_connect : SSL_accept;
int ret;
char err[256];
#endif
/* TCP/TLS connections are associated with external protocols, and
* should not be allowed to execute 'dangerous' functions. This may
* need to be pushed down into the individual protocol handlers, but
* this seems like a good general policy.
*/
if (ast_thread_inhibit_escalations()) {
ast_log(LOG_ERROR, "Failed to inhibit privilege escalations; killing connection\n");
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
tcptls_session->stream_cookie = tcptls_stream_alloc();
if (!tcptls_session->stream_cookie) {
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
/*
* open a FILE * as appropriate.
*/
if (!tcptls_session->parent->tls_cfg) {
tcptls_session->f = tcptls_stream_fopen(tcptls_session->stream_cookie, NULL,
tcptls_session->fd, -1);
if (tcptls_session->f) {
if (setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
ast_tcptls_close_session_file(tcptls_session);
}
}
}
#ifdef DO_SSL
else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {
SSL_set_fd(tcptls_session->ssl, tcptls_session->fd);
if ((ret = ssl_setup(tcptls_session->ssl)) <= 0) {
ast_log(LOG_ERROR, "Problem setting up ssl connection: %s\n", ERR_error_string(ERR_get_error(), err));
} else if ((tcptls_session->f = tcptls_stream_fopen(tcptls_session->stream_cookie,
tcptls_session->ssl, tcptls_session->fd, -1))) {
if ((tcptls_session->client && !ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER))
|| (!tcptls_session->client && ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_VERIFY_CLIENT))) {
X509 *peer;
long res;
peer = SSL_get_peer_certificate(tcptls_session->ssl);
if (!peer) {
ast_log(LOG_ERROR, "No peer SSL certificate to verify\n");
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
res = SSL_get_verify_result(tcptls_session->ssl);
if (res != X509_V_OK) {
ast_log(LOG_ERROR, "Certificate did not verify: %s\n", X509_verify_cert_error_string(res));
X509_free(peer);
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
if (!ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_IGNORE_COMMON_NAME)) {
ASN1_STRING *str;
unsigned char *str2;
X509_NAME *name = X509_get_subject_name(peer);
int pos = -1;
int found = 0;
for (;;) {
/* Walk the certificate to check all available "Common Name" */
/* XXX Probably should do a gethostbyname on the hostname and compare that as well */
pos = X509_NAME_get_index_by_NID(name, NID_commonName, pos);
if (pos < 0) {
break;
}
str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, pos));
ret = ASN1_STRING_to_UTF8(&str2, str);
if (ret < 0) {
continue;
}
if (str2) {
if (strlen((char *) str2) != ret) {
ast_log(LOG_WARNING, "Invalid certificate common name length (contains NULL bytes?)\n");
} else if (!strcasecmp(tcptls_session->parent->hostname, (char *) str2)) {
found = 1;
}
ast_debug(3, "SSL Common Name compare s1='%s' s2='%s'\n", tcptls_session->parent->hostname, str2);
OPENSSL_free(str2);
}
if (found) {
break;
}
}
if (!found) {
ast_log(LOG_ERROR, "Certificate common name did not match (%s)\n", tcptls_session->parent->hostname);
X509_free(peer);
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
}
X509_free(peer);
}
}
if (!tcptls_session->f) { /* no success opening descriptor stacking */
SSL_free(tcptls_session->ssl);
}
}
#endif /* DO_SSL */
if (!tcptls_session->f) {
ast_tcptls_close_session_file(tcptls_session);
ast_log(LOG_WARNING, "FILE * open failed!\n");
#ifndef DO_SSL
if (tcptls_session->parent->tls_cfg) {
ast_log(LOG_ERROR, "Attempted a TLS connection without OpenSSL support. This will not work!\n");
}
#endif
ao2_ref(tcptls_session, -1);
return NULL;
}
if (tcptls_session->parent->worker_fn) {
return tcptls_session->parent->worker_fn(tcptls_session);
} else {
return tcptls_session;
}
}
/*! \brief
* creates a FILE * from the fd passed by the accept thread.
* This operation is potentially expensive (certificate verification),
* so we do it in the child thread context.
*
* \note must decrement ref count before returning NULL on error
*/
static void *handle_tcptls_connection(void *data)
{
struct ast_tcptls_session_instance *tcptls_session = data;
#ifdef DO_SSL
int (*ssl_setup)(SSL *) = (tcptls_session->client) ? SSL_connect : SSL_accept;
int ret;
char err[256];
#endif
/*
* open a FILE * as appropriate.
*/
if (!tcptls_session->parent->tls_cfg) {
tcptls_session->f = fdopen(tcptls_session->fd, "w+");
setvbuf(tcptls_session->f, NULL, _IONBF, 0);
}
#ifdef DO_SSL
else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {
SSL_set_fd(tcptls_session->ssl, tcptls_session->fd);
if ((ret = ssl_setup(tcptls_session->ssl)) <= 0) {
ast_verb(2, "Problem setting up ssl connection: %s\n", ERR_error_string(ERR_get_error(), err));
} else {
#if defined(HAVE_FUNOPEN) /* the BSD interface */
tcptls_session->f = funopen(tcptls_session->ssl, ssl_read, ssl_write, NULL, ssl_close);
#elif defined(HAVE_FOPENCOOKIE) /* the glibc/linux interface */
static const cookie_io_functions_t cookie_funcs = {
ssl_read, ssl_write, NULL, ssl_close
};
tcptls_session->f = fopencookie(tcptls_session->ssl, "w+", cookie_funcs);
#else
/* could add other methods here */
ast_debug(2, "no tcptls_session->f methods attempted!");
#endif
if ((tcptls_session->client && !ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER))
|| (!tcptls_session->client && ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_VERIFY_CLIENT))) {
X509 *peer;
long res;
peer = SSL_get_peer_certificate(tcptls_session->ssl);
if (!peer)
ast_log(LOG_WARNING, "No peer SSL certificate\n");
res = SSL_get_verify_result(tcptls_session->ssl);
if (res != X509_V_OK)
ast_log(LOG_ERROR, "Certificate did not verify: %s\n", X509_verify_cert_error_string(res));
if (!ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_IGNORE_COMMON_NAME)) {
ASN1_STRING *str;
unsigned char *str2;
X509_NAME *name = X509_get_subject_name(peer);
int pos = -1;
int found = 0;
for (;;) {
/* Walk the certificate to check all available "Common Name" */
/* XXX Probably should do a gethostbyname on the hostname and compare that as well */
pos = X509_NAME_get_index_by_NID(name, NID_commonName, pos);
if (pos < 0)
break;
str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, pos));
ASN1_STRING_to_UTF8(&str2, str);
if (str2) {
if (!strcasecmp(tcptls_session->parent->hostname, (char *) str2))
found = 1;
ast_debug(3, "SSL Common Name compare s1='%s' s2='%s'\n", tcptls_session->parent->hostname, str2);
OPENSSL_free(str2);
}
if (found)
break;
}
if (!found) {
ast_log(LOG_ERROR, "Certificate common name did not match (%s)\n", tcptls_session->parent->hostname);
if (peer)
X509_free(peer);
close(tcptls_session->fd);
fclose(tcptls_session->f);
ao2_ref(tcptls_session, -1);
return NULL;
}
}
if (peer)
X509_free(peer);
}
}
if (!tcptls_session->f) /* no success opening descriptor stacking */
SSL_free(tcptls_session->ssl);
}
#endif /* DO_SSL */
if (!tcptls_session->f) {
close(tcptls_session->fd);
ast_log(LOG_WARNING, "FILE * open failed!\n");
ao2_ref(tcptls_session, -1);
return NULL;
}
if (tcptls_session && tcptls_session->parent->worker_fn)
return tcptls_session->parent->worker_fn(tcptls_session);
else
return tcptls_session;
}
int gitno_connect(gitno_socket *s_out, const char *host, const char *port, int flags)
{
struct addrinfo *info = NULL, *p;
struct addrinfo hints;
GIT_SOCKET s = INVALID_SOCKET;
int ret;
#ifdef GIT_WIN32
/* on win32, the WSA context needs to be initialized
* before any socket calls can be performed */
WSADATA wsd;
if (WSAStartup(MAKEWORD(2,2), &wsd) != 0) {
giterr_set(GITERR_OS, "Winsock init failed");
return -1;
}
if (LOBYTE(wsd.wVersion) != 2 || HIBYTE(wsd.wVersion) != 2) {
WSACleanup();
giterr_set(GITERR_OS, "Winsock init failed");
return -1;
}
#endif
/* Zero the socket structure provided */
memset(s_out, 0x0, sizeof(gitno_socket));
memset(&hints, 0x0, sizeof(struct addrinfo));
hints.ai_socktype = SOCK_STREAM;
hints.ai_family = AF_UNSPEC;
if ((ret = p_getaddrinfo(host, port, &hints, &info)) < 0) {
giterr_set(GITERR_NET,
"Failed to resolve address for %s: %s", host, p_gai_strerror(ret));
return -1;
}
for (p = info; p != NULL; p = p->ai_next) {
s = socket(p->ai_family, p->ai_socktype, p->ai_protocol);
if (s == INVALID_SOCKET) {
net_set_error("error creating socket");
break;
}
if (connect(s, p->ai_addr, (socklen_t)p->ai_addrlen) == 0)
break;
/* If we can't connect, try the next one */
gitno__close(s);
s = INVALID_SOCKET;
}
/* Oops, we couldn't connect to any address */
if (s == INVALID_SOCKET && p == NULL) {
giterr_set(GITERR_OS, "Failed to connect to %s", host);
p_freeaddrinfo(info);
return -1;
}
s_out->socket = s;
p_freeaddrinfo(info);
#ifdef GIT_SSL
if ((flags & GITNO_CONNECT_SSL) && ssl_setup(s_out, host, flags) < 0)
return -1;
#else
/* SSL is not supported */
if (flags & GITNO_CONNECT_SSL) {
giterr_set(GITERR_OS, "SSL is not supported by this copy of libgit2.");
return -1;
}
#endif
return 0;
}
/****************************************************************************
* http_request
* Retrieves the specified URL, and stores it in the specified file or buffer
***************************************************************************/
int http_request(const char *url, FILE *hfile, u8 *buffer, u32 maxsize, bool silent, bool accept_encoding)
{
int res = 0; int chunked = 0;
char http_host[64];
char http_path[256];
char content_encoding[16] = "";
u16 http_port;
#ifdef DEBUGHEADERS
int debugging = 0;
#endif
http_res result;
u32 sizeread = 0;
content_length = 0;
int linecount;
if(maxsize > MAX_SIZE){
#ifdef DEBUGERRORS
InfoPrompt("maxsize > MAX_SIZE");
#endif
return 0;
}
if (url == NULL || (hfile == NULL && buffer == NULL)){
#ifdef DEBUGERRORS
InfoPrompt("!url || (!hfile && !buffer)");
#endif
return 0;
}
if(!silent)
ShowAction("Sending data...");
split_res = http_split_url(http_host, http_path, url); // 2 : https ; 1 : http ; 0 : invalid url
if (split_res == 2){
http_port = 443;
writeFunc = ssl_write;
readFunc = ssl_read;
}else if( split_res == 1 ){
http_port = 80;
writeFunc = net_write;
readFunc = net_read;
}else{
#ifdef DEBUGERRORS
InfoPrompt("Invalid url");
#endif
return 0;
}
http_status = 404;
int s = tcp_connect(http_host, http_port);
if (s < 0)
{
result = HTTPR_ERR_CONNECT;
#ifdef DEBUGERRORS
InfoPrompt("Socket!");
#endif
return 0;
}
int ssl_context = 0;
if(split_res == 2){
ssl_context = ssl_setup(http_host, s);
#ifdef DEBUGERRORS
if(ssl_context < 0){
InfoPrompt("ssl_context() failed");
}
#endif
if(ssl_context < 0){
net_close(s);
return 0;
}
scktctx = &ssl_context;
} else{
scktctx = &s;
}
if(curl_request){ //Request made by through the CURL class
res = tcp_write(*scktctx, (u8 *) curl_request, strlen(curl_request));
}else{
char request[1024];
char *r = request;
r += sprintf(r, "GET %s HTTP/1.1\r\n", http_path);
r += sprintf(r, "Host: %s\r\n", http_host);
if(accept_encoding && hfile){
r += sprintf(r, "Accept-Encoding: gzip, deflate\r\n");
}
r += sprintf(r, "Cache-Control: no-cache\r\n\r\n");
res = tcp_write(*scktctx, (u8 *) request, strlen(request));
}
if(!silent)
CancelAction();
#ifdef DEBUGHEADERS
InfoPrompt(http_path);
#endif
char line[1024]; //Twitter sends a long header
for (linecount = 0; linecount < 45; linecount++)
{
if (tcp_readln(*scktctx, line, 1024) != 0)
{
#ifdef DEBUGERRORS
InfoPrompt("tcp_readln != 0");
#endif
http_status = 404;
result = HTTPR_ERR_REQUEST;
break;
}
if (!line[0])
break;
#ifdef DEBUGHEADERS
if(sscanf(line, "HTTP/1.%*u %u", &http_status)){
if(http_status != 200)
debugging = 1;
}
if(sscanf(line, "Content-Length: %u", &content_length) || sscanf(line, "Content-Encoding: %s", content_encoding)){
if(!debugging){
InfoPrompt(line);
}
}
if(!strncmp(line, "Transfer-Encoding: chunked", 25)){ InfoPrompt("Transfer-Encoding: chunked"); chunked = 1; }
#else
sscanf(line, "HTTP/1.%*u %u", &http_status);
sscanf(line, "Content-Length: %u", &content_length);
sscanf(line, "Content-Encoding: %s", content_encoding);
if(!strncmp(line, "Transfer-Encoding: chunked", 25)) chunked = 1;
#endif
u32 api_ratelimit=0;
if(sscanf(line, "X-RateLimit-Remaining: %u", &api_ratelimit) && api_ratelimit <= 10 && api_ratelimit % 5 == 0){
WindowPrompt("You are on fire!", "You are about to reach Twitter's requests limit. WiiTweet will not work correctly then.", "I'll take a break", 0);
}
if(get_timeoffset){
if(!strncasecmp(line, "Date:", 5)){ //Case insensitiveness just in case...
const char format[] = "%a, %d %b %Y %H:%M:%S %Z";
const char *pointline = line;
pointline += 6;
struct tm tm;
memset(&tm, 0, sizeof(tm));
strptime(pointline, format, &tm);
timeoffset = mktime(&tm) - time(NULL);
get_timeoffset = 0;
}
}
#ifdef DEBUGHEADERS
if(debugging){
InfoPrompt(line);
}
#endif
}
if (http_status != 200)
{
result = HTTPR_ERR_STATUS;
#ifdef DEBUGERRORS
if(ssl_context){
if(ssl_shutdown(ssl_context)){
InfoPrompt("ssl_shutdown() 1");
}
}
net_close(s);
#else
if(ssl_context){ssl_shutdown(ssl_context);} net_close(s);
#endif
#ifdef DEBUGERRORS
char status[64];
sprintf(status, "HTTP Status = %d", http_status);
InfoPrompt(status);
#endif
return 0;
}//Try to read anyways? ssl gets rude if it is not convinced there is no data
//length unknown - just read as much as we can
if(content_length == 0)
{
content_length = maxsize;
}
else if (content_length > maxsize) //ssl_shutdown() would fail in this case (?), but it is not likely for our purposes...
{
result = HTTPR_ERR_TOOBIG;
#ifdef DEBUGERRORS
if(ssl_context){
if(ssl_shutdown(ssl_context)){
InfoPrompt("ssl_shutdown() 2");
}
}
net_close(s);
#else
if(ssl_context){ssl_shutdown(ssl_context);} net_close(s);
#endif
#ifdef DEBUGERRORS
InfoPrompt("content_length > maxsize");
#endif
return 0;
}
unsigned int inflatetype = 0;
if(!strncasecmp(content_encoding, "gzip", 4)){
inflatetype = 2;
}else if(!strncasecmp(content_encoding, "deflate", 7)){
inflatetype = 1;
}else if(content_encoding[0] != '\0'){//Unsupported encoding. This should never happen.
#ifdef DEBUGERRORS
if(ssl_context){
if(ssl_shutdown(ssl_context)){
InfoPrompt("ssl_shutdown() 3");
}
}
net_close(s);
#else
if(ssl_context){ssl_shutdown(ssl_context);} net_close(s);
#endif
#ifdef DEBUGERRORS
InfoPrompt("Unsupported encoding");
#endif
return 0;
}
if (buffer != NULL)
{
if(!silent)
ShowAction("Downloading...");
if(inflatetype){ //Compressed content
u8 * inflate_me = (u8 *) mem2_malloc(content_length, MEM2_OTHER);
if(!inflate_me){
#ifdef DEBUGERRORS
if(ssl_context){
if(ssl_shutdown(ssl_context)){
InfoPrompt("ssl_shutdown() 4");
}
}
net_close(s);
#else
if(ssl_context){ssl_shutdown(ssl_context);} net_close(s);
#endif
#ifdef DEBUGERRORS
InfoPrompt("!inflate_me");
#endif
return 0;
}
#ifdef DEBUGHEADERS
int tcpread = tcp_read(*scktctx, inflate_me, content_length, chunked);
char atoi[64];
sprintf(atoi, "%d", tcpread);
WindowPrompt("tcp_read()", atoi, "ok", 0);
#else
int tcpread = tcp_read(*scktctx, inflate_me, content_length, chunked);
#endif
/*
static int s = 0;
char path[256];
sprintf(path, "sd:/catcha%d", s++);
SaveFile ((char *)inflate_me, path, tcpread, 1);
*/
sizeread = httpInflate(buffer, inflate_me, tcpread, inflatetype);
if(sizeread < 0){
mem2_free(inflate_me, MEM2_OTHER);
#ifdef DEBUGERRORS
if(ssl_context){
if(ssl_shutdown(ssl_context)){
InfoPrompt("ssl_shutdown() 5");
}
}
net_close(s);
#else
if(ssl_context){ssl_shutdown(ssl_context);} net_close(s);
#endif
#ifdef DEBUGERRORS
InfoPrompt("sizeread < 0");
#endif
return 0;
}
mem2_free(inflate_me, MEM2_OTHER);
}else{ //Uncomprpessed content
sizeread = tcp_read(*scktctx, buffer, content_length, chunked);
}
if(!silent)
CancelAction();
}
else // write into file
{
/* Uncompressed data. This may fail if the content is chunked and longer than 32KB+2B but chunked is not used in such scenarios */
u32 bufSize = (1024 * 32);
u32 bytesLeft = content_length;
u32 readSize;
if(!silent)
ShowProgress("Downloading...", 0, content_length);
u8 * fbuffer = (u8 *) malloc(bufSize);
if(fbuffer)
{
while (bytesLeft > 0)
{
if (bytesLeft < bufSize)
readSize = bytesLeft;
else
readSize = bufSize;
res = tcp_read(*scktctx, fbuffer, readSize, chunked);
if (!res)
break;
sizeread += res;
bytesLeft -= res;
res = fwrite(fbuffer, 1, res, hfile);
if (!res)
break;
if(!silent)
ShowProgress("Downloading...", (content_length - bytesLeft), content_length);
}
free(fbuffer);
}
if(!silent)
CancelAction();
}
#ifdef DEBUGERRORS
if(ssl_context){
if(ssl_shutdown(ssl_context)){
InfoPrompt("ssl_shutdown() 6");
}
}
net_close(s);
#else
if(ssl_context){ssl_shutdown(ssl_context);} net_close(s);
#endif
if (content_length < maxsize && sizeread != content_length && !inflatetype)
{
#ifdef DEBUGERRORS
InfoPrompt("ERR_RECEIVE");
#endif
result = HTTPR_ERR_RECEIVE;
return 0;
}
if (http_status != 200){
#ifdef DEBUGERRORS
InfoPrompt("http_status != 200");
#endif
return 0;
}
if(result) //Avoid ugly compiler warning :p
result = HTTPR_OK;
return sizeread;
}
static enum cliret do_client(struct conf *conf,
enum action action, int vss_restore, int json)
{
enum cliret ret=CLIENT_OK;
int rfd=-1;
int resume=0;
SSL *ssl=NULL;
SSL_CTX *ctx=NULL;
struct cntr *cntr=NULL;
char *incexc=NULL;
long name_max=0;
enum action act=action;
struct async *as=NULL;
struct asfd *asfd=NULL;
// as->settimers(0, 100);
logp("begin client\n");
if(!(cntr=cntr_alloc()) || cntr_init(cntr, conf->cname)) goto error;
conf->cntr=cntr;
if(act!=ACTION_ESTIMATE
&& ssl_setup(&rfd, &ssl, &ctx, conf))
goto error;
if(!(as=async_alloc())
|| !(asfd=asfd_alloc())
|| as->init(as, act==ACTION_ESTIMATE)
|| asfd->init(asfd, as, rfd, ssl, conf))
goto end;
as->add_asfd(as, asfd);
// Set quality of service bits on backup packets.
if(act==ACTION_BACKUP
|| act==ACTION_BACKUP_TIMED
|| act==ACTION_TIMER_CHECK)
as->asfd->set_bulk_packets(as->asfd);
if(act!=ACTION_ESTIMATE)
{
if((ret=initial_comms(as, &act, &incexc, &name_max, conf)))
goto end;
}
rfd=-1;
switch(act)
{
case ACTION_BACKUP:
ret=backup_wrapper(asfd, act, "backupphase1",
incexc, resume, name_max, conf);
break;
case ACTION_BACKUP_TIMED:
ret=backup_wrapper(asfd, act, "backupphase1timed",
incexc, resume, name_max, conf);
break;
case ACTION_TIMER_CHECK:
ret=backup_wrapper(asfd, act, "backupphase1timedcheck",
incexc, resume, name_max, conf);
break;
case ACTION_RESTORE:
case ACTION_VERIFY:
ret=restore_wrapper(asfd, act, vss_restore, conf);
break;
case ACTION_ESTIMATE:
if(do_backup_client(asfd, conf, act, name_max, 0))
goto error;
break;
case ACTION_DELETE:
if(do_delete_client(asfd, conf)) goto error;
break;
case ACTION_LIST:
case ACTION_LONG_LIST:
default:
if(do_list_client(asfd, conf, act, json)) goto error;
break;
}
goto end;
error:
ret=CLIENT_ERROR;
end:
close_fd(&rfd);
async_free(&as);
asfd_free(&asfd);
if(ctx) ssl_destroy_ctx(ctx);
if(incexc) free(incexc);
conf->cntr=NULL;
if(cntr) cntr_free(&cntr);
//logp("end client\n");
return ret;
}
static enum cliret do_client(struct conf **confs,
enum action action, int vss_restore)
{
enum cliret ret=CLIENT_OK;
int rfd=-1;
SSL *ssl=NULL;
SSL_CTX *ctx=NULL;
struct cntr *cntr=NULL;
char *incexc=NULL;
enum action act=action;
struct async *as=NULL;
struct asfd *asfd=NULL;
// as->settimers(0, 100);
// logp("begin client\n");
// logp("action %d\n", action);
// Status monitor forks a child process instead of connecting to
// the server directly.
if(action==ACTION_STATUS
|| action==ACTION_STATUS_SNAPSHOT)
{
#ifdef HAVE_WIN32
logp("Status mode not implemented on Windows.\n");
goto error;
#endif
if(status_client_ncurses_init(act)
|| status_client_ncurses(confs)) ret=CLIENT_ERROR;
goto end;
}
if(!(cntr=cntr_alloc())
|| cntr_init(cntr, get_string(confs[OPT_CNAME]))) goto error;
set_cntr(confs[OPT_CNTR], cntr);
if(act!=ACTION_ESTIMATE
&& ssl_setup(&rfd, &ssl, &ctx, action, confs))
goto could_not_connect;
if(!(as=async_alloc())
|| !(asfd=asfd_alloc())
|| as->init(as, act==ACTION_ESTIMATE)
|| asfd->init(asfd, "main socket", as, rfd, ssl,
ASFD_STREAM_STANDARD, confs))
goto end;
as->asfd_add(as, asfd);
// Set quality of service bits on backup packets.
if(act==ACTION_BACKUP
|| act==ACTION_BACKUP_TIMED
|| act==ACTION_TIMER_CHECK)
as->asfd->set_bulk_packets(as->asfd);
if(act!=ACTION_ESTIMATE)
{
if((ret=initial_comms(as, &act, &incexc, confs)))
goto end;
}
rfd=-1;
switch(act)
{
case ACTION_BACKUP:
ret=backup_wrapper(asfd, act, "backupphase1",
incexc, confs);
break;
case ACTION_BACKUP_TIMED:
ret=backup_wrapper(asfd, act, "backupphase1timed",
incexc, confs);
break;
case ACTION_TIMER_CHECK:
ret=backup_wrapper(asfd, act, "backupphase1timedcheck",
incexc, confs);
break;
case ACTION_RESTORE:
case ACTION_VERIFY:
ret=restore_wrapper(asfd, act, vss_restore, confs);
break;
case ACTION_ESTIMATE:
if(do_backup_client(asfd, confs, act, 0))
goto error;
break;
case ACTION_DELETE:
if(do_delete_client(asfd, confs)) goto error;
break;
case ACTION_MONITOR:
if(do_monitor_client(asfd, confs)) goto error;
break;
case ACTION_DIFF:
case ACTION_DIFF_LONG:
/*
if(!strcmp(get_string(confs[OPT_BACKUP2]), "n"))
// Do a phase1 scan and diff that.
ret=backup_wrapper(asfd, act,
"backupphase1diff", incexc, confs);
else
*/
// Diff two backups that already exist.
// Fall through, the list code is all we need
// for simple diffs on the client side.
case ACTION_LIST:
case ACTION_LIST_LONG:
default:
if(do_list_client(asfd, act, confs)) goto error;
break;
}
if(asfd_flush_asio(asfd))
ret=CLIENT_ERROR;
goto end;
error:
ret=CLIENT_ERROR; goto end;
could_not_connect:
ret=CLIENT_COULD_NOT_CONNECT;
end:
close_fd(&rfd);
async_free(&as);
asfd_free(&asfd);
if(ctx) ssl_destroy_ctx(ctx);
free_w(&incexc);
set_cntr(confs[OPT_CNTR], NULL);
cntr_free(&cntr);
//logp("end client\n");
return ret;
}
