mirror of
				git://git.psyced.org/git/psyced
				synced 2024-08-15 03:25:10 +00:00 
			
		
		
		
	general autodetect
This commit is contained in:
		
							parent
							
								
									2fb613538c
								
							
						
					
					
						commit
						86f6ec1749
					
				
					 1 changed files with 93 additions and 79 deletions
				
			
		|  | @ -83,6 +83,13 @@ object connect(int uid, int port, string service) { | |||
| 	} \ | ||||
|     } | ||||
| 
 | ||||
| // doesn't work. at this point autodetect hasn't completed.. so to
 | ||||
| // make sure TLS is enabled we need to check again later in the
 | ||||
| // server object.. FIXME  :(
 | ||||
| #define TLS_ENFORCE \ | ||||
|     if (tls_query_connection_state(ME) == 0) \ | ||||
| 	return (object) 0; | ||||
| 
 | ||||
| #if __EFUN_DEFINED__(tls_want_peer_certificate) | ||||
| // Specify that a subsequent call to tls_init_connection
 | ||||
| // should request a peer certificate.
 | ||||
|  | @ -98,25 +105,81 @@ object connect(int uid, int port, string service) { | |||
| # define TLS_INIT_GET_CERT TLS_INIT | ||||
| #endif | ||||
| 
 | ||||
| #if AUTODETECT | ||||
| # define TLS_INIT_AUTODETECT TLS_INIT | ||||
| #else | ||||
| # define TLS_INIT_AUTODETECT // do nothing
 | ||||
| #endif | ||||
| 
 | ||||
|     // we dont want the telnet machine most of the time
 | ||||
|     // but disabling and re-enabling it for telnet doesn't work
 | ||||
|     // in the first switch we handle ports that MUST not support
 | ||||
|     // immediate TLS (currently that's just 5269) or that want a
 | ||||
|     // peer certificate from the other side (PSYC). for all other
 | ||||
|     // ports the default is to attempt a TLS autodetection.
 | ||||
|     switch(port) { | ||||
| #if HAS_PORT(PSYC_PORT, PSYC_PATH) && AUTODETECT | ||||
|     case PSYC_PORT: | ||||
| 	// make TLS available even on the default psyc port using the autodetection feature
 | ||||
| #if HAS_PORT(JABBER_S2S_PORT, JABBER_PATH) | ||||
|     case JABBER_S2S_PORT: | ||||
| # ifdef DRIVER_HAS_CALL_BY_REFERENCE | ||||
| 	arg = ME; | ||||
| 	query_ip_number(&arg); | ||||
| 	// this assumes network byte order provided by driver
 | ||||
| 	peerport = pointerp(arg) ? (arg[2]*256 + arg[3]) : 0; | ||||
| 	if (peerport < 0) peerport = 65536 + peerport; | ||||
| 	if (peerport == JABBER_S2S_SERVICE) peerport = 0; | ||||
| # else | ||||
| 	// as long as the object names don't collide, this is okay too
 | ||||
| 	peerport = 65536 + random(9999999); | ||||
| # endif | ||||
| # if __EFUN_DEFINED__(enable_telnet) | ||||
| 	enable_telnet(0); | ||||
| # endif | ||||
| 	t = "S:xmpp:"+query_ip_number(); | ||||
| 	// it's just an object name, but let's be consequent minus peerport
 | ||||
| 	if (peerport) t += ":-"+peerport; | ||||
| # ifdef _flag_log_sockets_XMPP | ||||
| 	SIMUL_EFUN_FILE -> log_file("RAW_XMPP", "\n\n%O: %O -> load(%O, %O)", | ||||
| 				ME, t, | ||||
| #  ifdef _flag_log_hosts | ||||
|                                 query_ip_number(), | ||||
| #  else | ||||
|                                 "?", | ||||
| #  endif | ||||
|                                 -peerport); | ||||
| # endif | ||||
| 	P3(("%O -> load(%O, %O)\n", t, query_ip_number(), -peerport)) | ||||
| 	return t -> load(query_ip_number(), -peerport); | ||||
| #endif | ||||
| #if HAS_PORT(PSYCS_PORT, PSYC_PATH) | ||||
|     case PSYCS_PORT:	// inofficial & temporary
 | ||||
| #endif | ||||
| 	TLS_INIT_GET_CERT | ||||
| 	// fall thru
 | ||||
| #if HAS_PORT(PSYC_PORT, PSYC_PATH) &&! AUTODETECT | ||||
| 	break; | ||||
| #endif | ||||
| #if HAS_PORT(PSYC_PORT, PSYC_PATH) && AUTODETECT | ||||
|     case PSYC_PORT: | ||||
| 	// make TLS available on the default PSYC port
 | ||||
| 	// using the autodetection feature (official approach)
 | ||||
| 	TLS_INIT_GET_CERT | ||||
| 	break; | ||||
| #endif | ||||
| #if HAS_PORT(SPYCS_PORT, SPYC_PATH) | ||||
|     case SPYCS_PORT:	// even more inofficial
 | ||||
| 	TLS_INIT_GET_CERT | ||||
| 	break; | ||||
| #endif | ||||
| #if HAS_PORT(SPYC_PORT, SPYC_PATH) && AUTODETECT | ||||
|     case SPYC_PORT:	// even more inofficial
 | ||||
| 	TLS_INIT_GET_CERT | ||||
| 	break; | ||||
| #endif | ||||
|     default: | ||||
| #if AUTODETECT | ||||
| 	// if autodetect is available, let's check if this connection
 | ||||
| 	// has TLS enabled and activate it, no matter which protocol.
 | ||||
| 	TLS_INIT | ||||
| #endif | ||||
| 	break; | ||||
|     } | ||||
| 
 | ||||
|     // if we got here, we may have initialized TLS successfully
 | ||||
|     switch(port) { | ||||
| #if HAS_PORT(PSYCS_PORT, PSYC_PATH) | ||||
|     case PSYCS_PORT:	// inofficial & temporary
 | ||||
| 	TLS_ENFORCE | ||||
| #endif | ||||
| #if HAS_PORT(PSYC_PORT, PSYC_PATH) | ||||
|     case PSYC_PORT: | ||||
| #endif | ||||
| #if HAS_PORT(PSYC_PORT, PSYC_PATH) || HAS_PORT(PSYCS_PORT, PSYC_PATH) | ||||
|  | @ -145,13 +208,10 @@ object connect(int uid, int port, string service) { | |||
| 	return t -> load(query_ip_number(), -peerport); | ||||
| #endif | ||||
| 
 | ||||
| // dedicated SPYC port.. should not be used, we have AUTODETECT
 | ||||
| // dedicated SPYC port.. should not be used
 | ||||
| #if HAS_PORT(SPYCS_PORT, SPYC_PATH) | ||||
|     case SPYCS_PORT:	// interim name for PSYC 1.0 according to SPEC
 | ||||
| # if __EFUN_DEFINED__(tls_want_peer_certificate) | ||||
|         tls_want_peer_certificate(ME); | ||||
| # endif | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| #endif // fall thru
 | ||||
| #if HAS_PORT(SPYC_PORT, SPYC_PATH) | ||||
|     case SPYC_PORT: | ||||
|  | @ -186,7 +246,7 @@ object connect(int uid, int port, string service) { | |||
| 
 | ||||
| #if HAS_PORT(POP3S_PORT, POP3_PATH) | ||||
|     case POP3S_PORT: | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| 	return clone_object(POP3_PATH "server"); | ||||
| #endif | ||||
| #if HAS_PORT(POP3_PORT, POP3_PATH) | ||||
|  | @ -196,7 +256,7 @@ object connect(int uid, int port, string service) { | |||
| 
 | ||||
| #if HAS_PORT(SMTPS_PORT, NNTP_PATH) | ||||
|     case SMTPS_PORT: | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| 	return clone_object(SMTP_PATH "server"); | ||||
| #endif | ||||
| #if HAS_PORT(SMTP_PORT, SMTP_PATH) | ||||
|  | @ -212,7 +272,7 @@ object connect(int uid, int port, string service) { | |||
| 
 | ||||
| #if HAS_PORT(NNTPS_PORT, NNTP_PATH) | ||||
|     case NNTPS_PORT: | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| 	return clone_object(NNTP_PATH "server"); | ||||
| #endif | ||||
| #if HAS_PORT(NNTP_PORT, NNTP_PATH) | ||||
|  | @ -222,50 +282,19 @@ object connect(int uid, int port, string service) { | |||
| 
 | ||||
| #if HAS_PORT(JABBERS_PORT, JABBER_PATH) | ||||
|     case JABBERS_PORT: | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| 	return clone_object(JABBER_PATH "server"); | ||||
| #endif | ||||
| #if HAS_PORT(JABBER_PORT, JABBER_PATH) | ||||
|     case JABBER_PORT: | ||||
| # if __EFUN_DEFINED__(enable_telnet) | ||||
|     // we dont want the telnet machine most of the time
 | ||||
|     // but disabling and re-enabling it for telnet doesn't work
 | ||||
| 	enable_telnet(0);   // are you sure!???
 | ||||
| # endif | ||||
| 	return clone_object(JABBER_PATH "server"); | ||||
| #endif | ||||
| 
 | ||||
| #if HAS_PORT(JABBER_S2S_PORT, JABBER_PATH) | ||||
|     case JABBER_S2S_PORT: | ||||
| # ifdef DRIVER_HAS_CALL_BY_REFERENCE | ||||
| 	arg = ME; | ||||
| 	query_ip_number(&arg); | ||||
| 	// this assumes network byte order provided by driver
 | ||||
| 	peerport = pointerp(arg) ? (arg[2]*256 + arg[3]) : 0; | ||||
| 	if (peerport < 0) peerport = 65536 + peerport; | ||||
| 	if (peerport == JABBER_S2S_SERVICE) peerport = 0; | ||||
| # else | ||||
| 	// as long as the object names don't collide, this is okay too
 | ||||
| 	peerport = 65536 + random(9999999); | ||||
| # endif | ||||
| # if __EFUN_DEFINED__(enable_telnet) | ||||
| 	enable_telnet(0); | ||||
| # endif | ||||
| 	t = "S:xmpp:"+query_ip_number(); | ||||
| 	// it's just an object name, but let's be consequent minus peerport
 | ||||
| 	if (peerport) t += ":-"+peerport; | ||||
| # ifdef _flag_log_sockets_XMPP | ||||
| 	SIMUL_EFUN_FILE -> log_file("RAW_XMPP", "\n\n%O: %O -> load(%O, %O)", | ||||
| 				ME, t, | ||||
| #  ifdef _flag_log_hosts | ||||
|                                 query_ip_number(), | ||||
| #  else | ||||
|                                 "?", | ||||
| #  endif | ||||
|                                 -peerport); | ||||
| # endif | ||||
| 	P3(("%O -> load(%O, %O)\n", t, query_ip_number(), -peerport)) | ||||
| 	return t -> load(query_ip_number(), -peerport); | ||||
| #endif | ||||
| 
 | ||||
| #if 0 //__EFUN_DEFINED__(enable_binary)
 | ||||
|     // work in progress
 | ||||
|     case 8888: | ||||
|  | @ -280,12 +309,11 @@ object connect(int uid, int port, string service) { | |||
| 
 | ||||
| #if HAS_PORT(IRCS_PORT, IRC_PATH) | ||||
|     case IRCS_PORT: | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| 	return clone_object(IRC_PATH "server"); | ||||
| #endif | ||||
| #if HAS_PORT(IRC_PORT, IRC_PATH) | ||||
|     case IRC_PORT: | ||||
| 	TLS_INIT_AUTODETECT | ||||
| 	return clone_object(IRC_PATH "server"); | ||||
| #endif | ||||
| 
 | ||||
|  | @ -299,14 +327,13 @@ object connect(int uid, int port, string service) { | |||
| 
 | ||||
| #if HAS_PORT(TELNETS_PORT, TELNET_PATH) | ||||
|     case TELNETS_PORT: | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| 	// we could do the UID2NICK thing here, too, but why should we?
 | ||||
| 	// what do you need tls for on a localhost tcp link?
 | ||||
|         return clone_object(TELNET_PATH "server"); | ||||
| #endif | ||||
| #if HAS_PORT(TELNET_PORT, TELNET_PATH) | ||||
|     case TELNET_PORT: | ||||
| 	TLS_INIT_AUTODETECT | ||||
|         t = clone_object(TELNET_PATH "server"); | ||||
| # ifdef UID2NICK | ||||
|         if (uid && (arg = UID2NICK(uid))) { t -> sName(arg); } | ||||
|  | @ -316,42 +343,29 @@ object connect(int uid, int port, string service) { | |||
| 
 | ||||
| #if HAS_PORT(HTTPS_PORT, HTTP_PATH) | ||||
|     case HTTPS_PORT: | ||||
| 	t = tls_init_connection(this_object()); | ||||
| 	if (t < 0) { | ||||
| 		D1( if (t != ERR_TLS_NOT_DETECTED) PP(( "TLS(%O) on %O: %O\n", | ||||
| 					t, port, tls_error(t) )); ) | ||||
| #if !HAS_PORT(HTTP_PORT, HTTP_PATH) | ||||
| 		// if we have no http port, it may be intentional
 | ||||
|                 return (object)0; | ||||
| #endif | ||||
| 	} | ||||
| 	D2( else if (t > 0) PP(( "Setting up TLS connection in the background.\n" )); ) | ||||
| 	D2( else PP(( "Oh yeah, I'm initializing an https session!\n" )); ) | ||||
| 	TLS_ENFORCE | ||||
| 	return clone_object(HTTP_PATH "server"); | ||||
| #endif | ||||
| 	/* don't fall thru. allow for https: to be available without http: */ | ||||
| #if HAS_PORT(HTTP_PORT, HTTP_PATH) &&! AUTODETECT | ||||
| 	// don't fall thru. allow for https: to be available without http:
 | ||||
| #if HAS_PORT(HTTP_PORT, HTTP_PATH) | ||||
|     case HTTP_PORT: | ||||
| 	TLS_INIT_AUTODETECT | ||||
| 	return clone_object(HTTP_PATH "server"); | ||||
| #endif | ||||
| 
 | ||||
| #if HAS_PORT(MUDS_PORT, MUD_PATH) | ||||
|     case MUDS_PORT: | ||||
| 	TLS_INIT | ||||
| 	TLS_ENFORCE | ||||
| 	return clone_object(MUD_PATH "login"); | ||||
| #endif | ||||
| #if HAS_PORT(MUD_PORT, MUD_PATH) | ||||
|     default: | ||||
| 	// if you want to multiplex psyced with an LPMUD game
 | ||||
| 	TLS_INIT_AUTODETECT | ||||
| //	set_prompt("> ");
 | ||||
| 	return clone_object(MUD_PATH "login"); | ||||
| #endif | ||||
|     } | ||||
|      | ||||
|     PP(("Received connection on port %O which isn't configured.\n", | ||||
| 	port)); | ||||
| 
 | ||||
|     P0(("Received connection on port %O which isn't configured.\n", port)); | ||||
|     return (object)0; | ||||
| } | ||||
| 
 | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue