[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r26744 - gnunet/src/transport
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r26744 - gnunet/src/transport |
|
Date: |
Wed, 3 Apr 2013 18:04:47 +0200 |
Author: wachs
Date: 2013-04-03 18:04:47 +0200 (Wed, 03 Apr 2013)
New Revision: 26744
Modified:
gnunet/src/transport/plugin_transport_http_server.c
gnunet/src/transport/transport.conf.in
Log:
initial server side change for MITM ssl validation
Modified: gnunet/src/transport/plugin_transport_http_server.c
===================================================================
--- gnunet/src/transport/plugin_transport_http_server.c 2013-04-03 16:01:42 UTC
(rev 26743)
+++ gnunet/src/transport/plugin_transport_http_server.c 2013-04-03 16:04:47 UTC
(rev 26744)
@@ -214,6 +214,12 @@
char *external_hostname;
/**
+ * Verify external address
+ */
+ int verify_external_hostname;
+
+
+ /**
* Maximum number of sockets the plugin can use
* Each http inbound /outbound connections are two connections
*/
@@ -2574,10 +2580,9 @@
/**
- * Function called when the service shuts down. Unloads our plugins
- * and cancels pending validations.
+ * Notify server about our external hostname
*
- * @param cls closure, unused
+ * @param cls plugin
* @param tc task context (unused)
*/
static void
@@ -2590,12 +2595,24 @@
if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
return;
- GNUNET_asprintf(&plugin->ext_addr, "%s://%s", plugin->protocol,
plugin->external_hostname);
+
+#if BUILD_HTTPS
+ GNUNET_asprintf(&plugin->ext_addr, "%s%s://%s", plugin->protocol,
+ (GNUNET_YES == plugin->verify_external_hostname) ? "+" : "",
+ plugin->external_hostname);
+#else
+ GNUNET_asprintf(&plugin->ext_addr, "%s://%s", plugin->protocol,
+ plugin->external_hostname);
+#endif
+
plugin->ext_addr_len = strlen (plugin->ext_addr) + 1;
GNUNET_log_from (GNUNET_ERROR_TYPE_DEBUG, plugin->name,
"Notifying transport about external hostname address
`%s'\n", plugin->ext_addr);
#if BUILD_HTTPS
+ if (GNUNET_YES == plugin->verify_external_hostname)
+ GNUNET_log_from (GNUNET_ERROR_TYPE_INFO, plugin->name,
+ "Enabling SSL verification for external hostname address
`%s'\n", plugin->ext_addr);
plugin->env->notify_address (plugin->env->cls, GNUNET_YES,
plugin->ext_addr, plugin->ext_addr_len,
"https_client");
@@ -2734,6 +2751,14 @@
GNUNET_free (bind6_address);
}
+ plugin->verify_external_hostname = GNUNET_NO;
+#if BUILD_HTTPS
+ plugin->verify_external_hostname = GNUNET_CONFIGURATION_get_value_yesno
(plugin->env->cfg, plugin->name,
+
"VERIFY_EXTERNAL_HOSTNAME");
+ if (GNUNET_SYSERR == plugin->verify_external_hostname)
+ plugin->verify_external_hostname = GNUNET_NO;
+#endif
+
if (GNUNET_YES == GNUNET_CONFIGURATION_get_value_string (plugin->env->cfg,
plugin->name,
"EXTERNAL_HOSTNAME",
&plugin->external_hostname))
{
Modified: gnunet/src/transport/transport.conf.in
===================================================================
--- gnunet/src/transport/transport.conf.in 2013-04-03 16:01:42 UTC (rev
26743)
+++ gnunet/src/transport/transport.conf.in 2013-04-03 16:04:47 UTC (rev
26744)
@@ -67,6 +67,8 @@
TESTING_IGNORE_KEYS = ACCEPT_FROM;
[transport-https_server]
+#EXTERNAL_HOSTNAME = <your hostname/path>
+#VERIFY_EXTERNAL_HOSTNAME = YES
PORT = 4433
ADVERTISED_PORT = 4433
CRYPTO_INIT = NORMAL
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r26744 - gnunet/src/transport,
gnunet <=