2
2
* stunnel Universal SSL tunnel
3
* Copyright (c) 1998-2004 Michal Trojnara <Michal.Trojnara@mirt.net>
3
* Copyright (c) 1998-2005 Michal Trojnara <Michal.Trojnara@mirt.net>
4
4
* All Rights Reserved
6
6
* This program is free software; you can redistribute it and/or modify
24
24
#include "common.h"
26
/**************************************** Network data structure */
30
typedef union sockaddr_union {
32
struct sockaddr_in in;
33
#if defined(USE_IPv6) || defined(USE_WIN32)
34
struct sockaddr_in6 in6;
38
typedef struct sockaddr_list { /* list of addresses */
39
SOCKADDR_UNION addr[MAX_HOSTS]; /* the list of addresses */
40
u16 cur; /* current address for round-robin */
41
u16 num; /* how many addresses are used */
26
44
/**************************************** Prototypes for stunnel.c */
28
46
extern int num_clients;
30
48
void main_initialize(char *, char *);
31
49
void main_execute(void);
33
void sockerror(char *);
34
void log_error(int, int, char *);
35
char *my_strerror(int);
36
int set_socket_options(int, int);
37
50
char *stunnel_info(void);
39
char *safe_ntoa(char *, struct in_addr);
41
52
/**************************************** Prototypes for ssl.c */
55
COMP_NONE, COMP_ZLIB, COMP_RLE
43
59
void context_init(void);
44
60
void context_free(void);
45
61
void sslerror(char *);
49
65
void log_open(void);
50
66
void log_close(void);
51
#if defined (USE_WIN32) || defined (__vms)
52
/* This conflicts with the "double log (double __x)" routine from math.h */
53
#define log stunnel_log
55
void log(int, const char *, ...)
67
void s_log(int, const char *, ...)
57
69
__attribute__ ((format (printf, 2, 3)));
79
void ioerror(const char *);
80
void sockerror(const char *);
81
void log_error(int, int, const char *);
82
char *my_strerror(int);
68
84
/**************************************** Prototypes for sthreads.c */
71
CRIT_KEYGEN, CRIT_NTOA, CRIT_CLIENTS, CRIT_WIN_LOG, CRIT_SECTIONS
87
CRIT_KEYGEN, CRIT_INET, CRIT_CLIENTS, CRIT_WIN_LOG, CRIT_SESSION,
74
void enter_critical_section(section_code);
75
void leave_critical_section(section_code);
91
void enter_critical_section(SECTION_CODE);
92
void leave_critical_section(SECTION_CODE);
76
93
void sthreads_init(void);
77
94
unsigned long stunnel_process_id(void);
78
95
unsigned long stunnel_thread_id(void);
96
113
/* some data for SSL initialization in ssl.c */
114
COMP_TYPE compression; /* compression type */
116
#if (SSLEAY_VERSION_NUMBER >= 0x00907000L) && defined(HAVE_OSSL_ENGINE_H)
117
char *engine; /* hardware SSL engine */
97
119
char *ca_dir; /* directory for hashed certs */
98
120
char *ca_file; /* file containing bunches of certs */
99
121
char *crl_dir; /* directory for hashed CRLs */
149
171
extern GLOBAL_OPTIONS options;
151
173
typedef struct local_options {
152
struct local_options *next; /* next node in the services list */
154
char local_address[16]; /* Dotted-decimal address to bind */
156
/* name of service */
157
char *servname; /* service name for loggin & permission checking */
174
struct local_options *next; /* next node in the services list */
175
char *servname; /* service name for loggin & permission checking */
176
SSL_SESSION *session; /* Recently used session */
177
char local_address[IPLEN]; /* Dotted-decimal address to bind */
159
179
/* service-specific data for client.c */
160
180
int fd; /* file descriptor accepting connections for this service */
161
unsigned short localport, remoteport;
162
181
char *execname, **execargs; /* program name and arguments for local mode */
163
u32 *localnames, *remotenames;
182
SOCKADDR_LIST local_addr, remote_addr;
183
SOCKADDR_LIST source_addr;
166
185
char *remote_address;
167
186
int timeout_busy; /* Maximum waiting for data time */
187
int timeout_close; /* Maximum close_notify time */
188
int timeout_connect; /* Maximum connect() time */
168
189
int timeout_idle; /* Maximum idle connection time */
169
int timeout_close; /* Maximum close_notify time */
171
191
/* protocol name for protocol.c */
209
229
void parse_config(char *, char *);
210
int name2nums(char *, char *, u32 **, u_short *);
212
231
/**************************************** Prototypes for client.c */
222
241
LOCAL_OPTIONS *opt;
223
char accepting_address[16], connecting_address[16]; /* Dotted-decimal */
224
struct sockaddr_in addr; /* Local address */
242
char accepting_address[IPLEN], connecting_address[IPLEN]; /* text */
243
SOCKADDR_LIST peer_addr; /* Peer address */
225
244
FD local_rfd, local_wfd; /* Read and write local descriptors */
226
245
FD remote_fd; /* Remote descriptor */
227
246
SSL *ssl; /* SSL Connection */
228
int bind_ip; /* IP for explicit local bind or transparent proxy */
247
SOCKADDR_LIST bind_addr; /* IP for explicit local bind or transparent proxy */
229
248
unsigned long pid; /* PID of local process */
230
u32 *resolved_addresses; /* List of IP addresses for delayed lookup */
232
250
char sock_buff[BUFFSIZE]; /* Socket read buffer */
233
251
char ssl_buff[BUFFSIZE]; /* SSL read buffer */
242
260
extern int max_fds;
245
#define sock_rd (c->sock_rfd->rd)
246
#define sock_wr (c->sock_wfd->wr)
247
#define ssl_rd (c->ssl_rfd->rd)
248
#define ssl_wr (c->ssl_wfd->wr)
250
263
void *alloc_client_session(LOCAL_OPTIONS *, int, int);
251
264
void *client(void *);
255
268
int negotiate(CLI *c);
257
/**************************************** Prototypes for select.c */
259
int sselect(int, fd_set *, fd_set *, fd_set *, struct timeval *);
260
int waitforsocket(int, int, int);
270
/**************************************** Prototypes for network.c */
276
struct pollfd ufds[MAX_FD];
279
fd_set irfds, iwfds, orfds, owfds;
284
void s_poll_zero(s_poll_set *);
285
void s_poll_add(s_poll_set *, int, int, int);
286
int s_poll_canread(s_poll_set *, int);
287
int s_poll_canwrite(s_poll_set *, int);
288
int s_poll_wait(s_poll_set *, int);
261
290
#ifndef USE_WIN32
262
void sselect_init(fd_set *, int *);
291
int signal_pipe_init(void);
263
292
void exec_status(void);
294
int set_socket_options(int, int);
265
297
int write_blocking(CLI *, int fd, u8 *, int);
266
298
int read_blocking(CLI *, int fd, u8 *, int);
267
299
/* descriptor versions of fprintf/fscanf */
313
/**************************************** Prototypes for resolver.c */
315
int name2addrlist(SOCKADDR_LIST *, char *, char *);
316
int hostport2addrlist(SOCKADDR_LIST *, char *, char *);
317
char *s_ntop(char *, SOCKADDR_UNION *);
281
319
/**************************************** Prototypes for gui.c */
284
322
void win_log(char *);
285
323
void exit_stunnel(int);
286
324
int pem_passwd_cb(char *, int, int, void *);
326
typedef int (CALLBACK * GETADDRINFO) (const char *,
327
const char *, const struct addrinfo *, struct addrinfo **);
328
typedef void (CALLBACK * FREEADDRINFO) (struct addrinfo FAR *);
329
typedef int (CALLBACK * GETNAMEINFO) (const struct sockaddr *, socklen_t,
330
char *, size_t, char *, size_t, int);
332
extern GETADDRINFO s_getaddrinfo;
333
extern FREEADDRINFO s_freeaddrinfo;
334
extern GETNAMEINFO s_getnameinfo;
289
337
#endif /* defined PROTOTYPES_H */