diff options
| author | Jakub Sławiński | 2005-06-07 12:06:18 +0200 |
|---|---|---|
| committer | Joshua Judson Rosen | 2014-07-17 21:14:58 +0200 |
| commit | 32aff2b27ccc3b3e51fb6f0bd77fe0073827c527 (patch) | |
| tree | f2fc2530a6960f6fdf4d63eb80c4f61342250bbd /src/make_ssl_handshake.c | |
| parent | v0.6 (diff) | |
| download | apf-32aff2b27ccc3b3e51fb6f0bd77fe0073827c527.tar.gz | |
v0.7
- Added: http proxy tunnels between afserver and afclient
- Fixed: sigint interception with threads enabled (in http proxy mode)
- Fixed: FATAL ERROR in afclient in some situations after close of afserver
when http proxy mode is enabled
- Added: afclients can connect directly to afserver with enabled proxy mode
- Fixed: timeout routine in http proxy tunnels
- Added: 'rshow' command in ra mode displays 'tunneltype'
- Fixed: printing IP of clients when http proxy mode is enabled
- Added: 'tunneltype' per client in ra mode after 'cshow' command
- Fixed: closing connection when http proxy mode is enabled
- Fixed: threads initialization
- Fixed: afserver closing after sigint
- Fixed: afclient threads initialization
- Added: 'version' option to display program version number
- Modified: establishing afclient<->afserver connection
- Added: 'keep-alive' option
- Fixed: using 'proxyport' without 'proxyname'
- Added: auto-reconnect feature to afclient
- Added: 'ar-tries' and 'ar-delay' options
- Modified: http proxy logging
- Fixed: closing connection with afclient after receiving id
- Fixed: thread closing due to wrong initialization sequence
- Fixed: small bug in initialization process
- Heavily Modified: logging routines
- Added: audit option
- Modified: default dateformat is now ISO 8601
- Modified: printing usage
- Fixed: bug in threads' initialization in afclient
- Added: 'timeout' and 'dateformat' options in ra mode
- Modified: empty dateformat disables printing '[] '
- Added: 'audit' and 'dnslookups' options in ra mode
- Fixed: afserver freeze bug
- Added: 'kuser' and 'kclient' options in ra mode
- Fixed: bug in starting afclient in ra mode
- Added: audit log printed also after kicking the client
Diffstat (limited to 'src/make_ssl_handshake.c')
| -rw-r--r-- | src/make_ssl_handshake.c | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/src/make_ssl_handshake.c b/src/make_ssl_handshake.c index a5c97eb..d4cdd55 100644 --- a/src/make_ssl_handshake.c +++ b/src/make_ssl_handshake.c @@ -18,10 +18,11 @@ * */ +#include <config.h> + #include "make_ssl_handshake.h" #include "stats.h" - -#include <config.h> +#include "logging.h" #include <errno.h> #include <openssl/err.h> @@ -30,7 +31,8 @@ void make_ssl_initialize(clifd *cliconn) { if (SSL_set_fd(cliconn->ssl, cliconn->commfd) != 1) { - aflog(0, "Problem with initializing ssl... exiting"); + aflog(LOG_T_INIT, LOG_I_CRIT, + "Problem with initializing ssl... exiting"); exit(1); } } @@ -40,7 +42,7 @@ make_ssl_accept(clifd *cliconn) { int result; if ((result = SSL_accept(cliconn->ssl)) != 1) { - return get_ssl_error(cliconn, " SSL_accept has failed", result); + return get_ssl_error(cliconn, "SSL_accept has failed", result); } return 0; } @@ -55,45 +57,55 @@ get_ssl_error(clifd *cliconn, char* info, int result) merror = SSL_get_error(cliconn->ssl, result); switch (merror) { case SSL_ERROR_NONE : { - aflog(2, "%s(%d): none", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): none", info, result); break; } case SSL_ERROR_ZERO_RETURN : { - aflog(2, "%s(%d): zero", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): zero", info, result); break; } case SSL_ERROR_WANT_READ : { - aflog(2, "%s(%d): w_read", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): w_read", info, result); break; } case SSL_ERROR_WANT_WRITE : { - aflog(2, "%s(%d): w_write", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): w_write", info, result); break; } case SSL_ERROR_WANT_CONNECT : { - aflog(2, "%s(%d): w_connect", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): w_connect", info, result); break; } case SSL_ERROR_WANT_X509_LOOKUP : { - aflog(2, "%s(%d): w_x509_lookup", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): w_x509_lookup", info, result); break; } case SSL_ERROR_SYSCALL : { - aflog(2, "%s(%d): syscall", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): syscall", info, result); break; } case SSL_ERROR_SSL : { SSL_load_error_strings(); #ifdef HAVE_ERR_ERROR_STRING - aflog(2, "%s(%d): ssl:%s", info, result, + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): ssl:%s", info, result, ERR_error_string(ERR_get_error(), err_buff)); #else - aflog(2, "%s(%d): ssl", info, result); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): ssl", info, result); #endif break; } default: { - aflog(2, "%s(%d): unrecognized error (%d)", info, result, errno); + aflog(LOG_T_MAIN, LOG_I_WARNING, + "%s(%d): unrecognized error (%d)", info, result, errno); } } if (merror == SSL_ERROR_WANT_READ) { |