TLS Nufw server
[TLS servers]

Collaboration diagram for TLS Nufw server:


Files

file  nufw_servers.c
 Manage nufw servers.
file  tls_nufw.c
 Manage NuFW firewall connections and messages.

Data Structures

struct  tls_nufw_context_t

Functions

static int treat_nufw_request (nufw_session_t *c_session)
static int get_reverse_dns_info (struct sockaddr_storage *addr, char *buffer, size_t size)
int tls_nufw_accept (struct tls_nufw_context_t *context)
void tls_nufw_main_loop (struct tls_nufw_context_t *context, GMutex *mutex)
int tls_nufw_init (struct tls_nufw_context_t *context)
void * tls_nufw_authsrv (struct nuauth_thread_t *thread)
void tls_nufw_start_servers (GSList *servers)

Variables

int nuauth_tls_max_servers = NUAUTH_TLS_MAX_SERVERS
static int nufw_servers_connected = 0
nuauth_tls_t nuauth_tls

Function Documentation

static int get_reverse_dns_info ( struct sockaddr_storage *  addr,
char *  buffer,
size_t  size 
) [static]

Definition at line 174 of file tls_nufw.c.

Referenced by tls_nufw_accept().

int tls_nufw_accept ( struct tls_nufw_context_t context  ) 

Function called on new NuFW connection: create a new TLS session using tls_connect().

Returns:
If an error occurs returns 1, else returns 0.

Definition at line 196 of file tls_nufw.c.

References add_nufw_server(), nufw_session_t::alive, nufw_session_t::connect_timestamp, DEBUG, DEBUG_AREA_GW, DEBUG_AREA_MAIN, DEBUG_LEVEL_WARNING, format_ipv6(), get_reverse_dns_info(), ipv4_to_ipv6(), log_area_printf(), log_message, tls_nufw_context_t::mx, nuauth_tls_max_servers, nufw_session_t::nufw_client, nufw_servers_connected, nussl_get_error(), nussl_get_session_flag(), NUSSL_OK, NUSSL_SESSFLAG_IGNORE_ID_MISMATCH, nussl_session_accept(), nussl_session_destroy(), nussl_session_get_fd(), nussl_session_getpeer(), nussl_session_handshake(), nussl_set_hostinfo(), nussl_set_session_flag(), nufw_session_t::peername, PROTO_UNKNOWN, nufw_session_t::proto_version, tls_nufw_context_t::server, nufw_session_t::tls_lock, tls_nufw_context_t::tls_rx_set, TRUE, and nufw_session_t::usage.

Referenced by tls_nufw_main_loop().

Here is the call graph for this function:

void* tls_nufw_authsrv ( struct nuauth_thread_t thread  ) 

TLS nufw packet server thread: call tls_nufw_init() and then live in tls_nufw_main_loop().

Returns:
NULL

Definition at line 522 of file tls_nufw.c.

References nufw_threadtype::mutex, nuauth_ask_exit(), thread, tls_nufw_init(), and tls_nufw_main_loop().

Referenced by tls_nufw_start_servers().

Here is the call graph for this function:

int tls_nufw_init ( struct tls_nufw_context_t context  ) 

Initialize the NuFW TLS servers thread 0 if error, 1 on success

Definition at line 409 of file tls_nufw.c.

References tls_nufw_context_t::addr, nuauth_tls_t::ca, nuauth_tls_t::cert, nuauth_params::configfile, DEBUG_AREA_GW, DEBUG_AREA_MAIN, DH_BITS, FALSE, nuauth_tls_t::key, log_message, tls_nufw_context_t::mx, nuauth_bind(), nuauth_tls, nuauth_tls_max_servers, NUAUTH_TLS_MAX_SERVERS, nuauthconf, nubase_config_table_get_or_default_int(), nussl_get_error(), NUSSL_OK, NUSSL_SESSFLAG_IGNORE_ID_MISMATCH, nussl_session_create_with_fd(), nussl_session_set_dh_bits(), nussl_set_session_flag(), nussl_ssl_set_keypair(), nussl_ssl_trust_cert_file(), tls_nufw_context_t::port, nuauth_tls_t::request_cert, tls_nufw_context_t::sck_inet, tls_nufw_context_t::server, and tls_nufw_context_t::tls_rx_set.

Referenced by tls_nufw_authsrv().

Here is the call graph for this function:

void tls_nufw_main_loop ( struct tls_nufw_context_t context,
GMutex *  mutex 
)

NuFW TLS thread main loop:

Definition at line 306 of file tls_nufw.c.

References acquire_nufw_session_by_socket(), DEBUG, DEBUG_AREA_GW, DEBUG_AREA_MAIN, DEBUG_AREA_USER, debug_log_message, declare_dead_nufw_session(), log_message, tls_nufw_context_t::mx, NU_EXIT_ERROR, nuauth_ask_exit(), release_nufw_session(), tls_nufw_context_t::sck_inet, tls_nufw_accept(), tls_nufw_context_t::tls_rx_set, and treat_nufw_request().

Referenced by tls_nufw_authsrv().

Here is the call graph for this function:

void tls_nufw_start_servers ( GSList *  servers  ) 

Definition at line 535 of file tls_nufw.c.

References nuauth_params::authreq_port, DEBUG_AREA_GW, DEBUG_AREA_MAIN, init_nufw_servers(), log_message, nuauth_ask_exit(), nuauthconf, nuauthdatas, nufw_servers, nuauth_params::nufw_srv, parse_addr_port(), thread_new_wdata(), tls_nufw_authsrv(), and nuauth_datas::tls_nufw_servers.

Referenced by init_nuauthdata().

Here is the call graph for this function:

static int treat_nufw_request ( nufw_session_t c_session  )  [static]

Get RX paquet from a TLS client connection and send it to user authentication threads:

Parameters:
c_session SSL RX packet
Returns:
Returns 1 if read is done, EOF if read is completed

Definition at line 67 of file tls_nufw.c.

References apply_decision(), AUTH_STATE_AUTHREQ, AUTH_STATE_DONE, AUTH_STATE_HELLOMODE, authpckt_decode(), CLASSIC_NUFW_PACKET_SIZE, internal_message::datas, DEBUG, DEBUG_AREA_GW, debug_log_message, connection_t::decision, DECISION_DROP, nuauth_params::drop_if_no_logging, free_connection(), get_proto_version_from_packet(), increase_nufw_session_usage(), INSERT_MESSAGE, log_message, nuauth_datas::loggers_pool_full, NU_EXIT_ERROR, NU_EXIT_NO_RETURN, NU_EXIT_OK, nuauthconf, nuauthdatas, nufw_session_t::nufw_client, nussl_get_error(), nussl_read(), PROTO_UNKNOWN, nufw_session_t::proto_version, connection_t::socket, connection_t::state, connection_t::tls, TRUE, and internal_message::type.

Referenced by tls_nufw_main_loop().

Here is the call graph for this function:

Variable Documentation

struct nuauth_tls_t nuauth_tls

Definition at line 41 of file tls_sasl.c.

int nuauth_tls_max_servers = NUAUTH_TLS_MAX_SERVERS

Definition at line 40 of file tls_nufw.c.

Referenced by tls_nufw_accept(), and tls_nufw_init().

int nufw_servers_connected = 0 [static]

Definition at line 41 of file tls_nufw.c.

Referenced by tls_nufw_accept().

Generated on Sat Nov 22 04:01:04 2008 for NuFW by  doxygen 1.4.7