diff options
| author | David Troy <dave@popvox.com> | 2006-04-02 16:43:05 +0000 |
|---|---|---|
| committer | David Troy <dave@popvox.com> | 2006-04-02 16:43:05 +0000 |
| commit | 08192d2b732eaaff203012c0acda210b40261885 (patch) | |
| tree | 59c98652dec47199680095daf58ae14d1ffe9d8e | |
| parent | 55a533edf2e466a34179e12bf36e239902aad5fc (diff) | |
| download | astmanproxy-08192d2b732eaaff203012c0acda210b40261885.tar.gz astmanproxy-08192d2b732eaaff203012c0acda210b40261885.tar.xz astmanproxy-08192d2b732eaaff203012c0acda210b40261885.zip | |
git-svn-id: http://svncommunity.digium.com/svn/astmanproxy/branches/1.20pre@58 f02b47b9-160a-0410-81a6-dc3441afb0ec
| -rw-r--r-- | astmanproxy.conf | 9 | ||||
| -rw-r--r-- | src/astmanproxy.c | 2 | ||||
| -rw-r--r-- | src/common.c | 8 | ||||
| -rw-r--r-- | src/config.c | 16 | ||||
| -rw-r--r-- | src/include/astmanproxy.h | 3 |
5 files changed, 31 insertions, 7 deletions
diff --git a/astmanproxy.conf b/astmanproxy.conf index fdf7d66..b8ab5d3 100644 --- a/astmanproxy.conf +++ b/astmanproxy.conf @@ -21,6 +21,15 @@ retryinterval = 2 ; use 0 for infinitely, or some finite number maxretries = 10 +; How long do we wait on the manager port for an SSL session start? (ms) +sslclienthellotimeout = 200 + +; Do we accept encrypted SSL manager connections? +acceptencryptedconnection = yes + +; Do we accept unencrypted manager connections? +acceptunencryptedconnection = no + ; Amount of time to wait before timing out on writes to asterisk asteriskwritetimeout=100 diff --git a/src/astmanproxy.c b/src/astmanproxy.c index bb3d260..0a3a172 100644 --- a/src/astmanproxy.c +++ b/src/astmanproxy.c @@ -544,7 +544,7 @@ static void *accept_thread() /* For safety, make sure socket is non-blocking */ flags = fcntl(as, F_GETFL); - fcntl(as, F_SETFL, flags | O_NONBLOCK); + fcntl(get_real_fd(as), F_SETFL, flags | O_NONBLOCK); pthread_mutex_init(&s->lock, NULL); s->fd = as; diff --git a/src/common.c b/src/common.c index 8da909c..b52ee59 100644 --- a/src/common.c +++ b/src/common.c @@ -37,7 +37,9 @@ int get_input(struct mansession *s, char *output) s->inlen = 0; } debugmsg("attempting poll operation"); - fds[0].fd = s->fd; + /* get actual fd, even if a negative SSL fd */ + fds[0].fd = get_real_fd(s->fd); + fds[0].events = POLLIN; res = poll(fds, 1, -1); debugmsg("returned from poll op"); @@ -46,7 +48,9 @@ int get_input(struct mansession *s, char *output) } else if (res > 0) { pthread_mutex_lock(&s->lock); debugmsg("attempting socket read in get_input..."); - res = read(s->fd, s->inbuf + s->inlen, sizeof(s->inbuf) - 1 - s->inlen); + + /* read from socket; SSL or otherwise */ + res = m_recv(s->fd, s->inbuf + s->inlen, sizeof(s->inbuf) - 1 - s->inlen, 0); pthread_mutex_unlock(&s->lock); if (res < 1) return -1; diff --git a/src/config.c b/src/config.c index 2ffdd1a..824043b 100644 --- a/src/config.c +++ b/src/config.c @@ -99,6 +99,12 @@ void *processline(char *s) { pc.asteriskwritetimeout = atoi(value); else if (!strcmp(name,"clientwritetimeout") ) pc.clientwritetimeout = atoi(value); + else if (!strcmp(name,"sslclienthellotimeout") ) + pc.sslclhellotimeout = atoi(value); + else if (!strcmp(name,"acceptencryptedconnection") ) + pc.acceptencryptedconnection = strcmp(value,"yes") ? 0 : 1; + else if (!strcmp(name,"acceptunencryptedconnection") ) + pc.acceptunencryptedconnection = strcmp(value,"yes") ? 0 : 1; else if (!strcmp(name,"proxykey") ) strcpy(pc.key, value); else if (!strcmp(name,"proc_user") ) @@ -207,6 +213,12 @@ int ReadConfig() { memset( &pc, 0, sizeof pc ); + + /* Set nonzero config defaults */ + pc.asteriskwritetimeout = 100; + pc.clientwritetimeout = 100; + pc.sslclhellotimeout = 200; + sprintf(cfn, "%s/%s", CDIR, CFILE); FP = fopen( cfn, "r" ); @@ -226,10 +238,6 @@ int ReadConfig() { fclose(FP); - if (!pc.asteriskwritetimeout) - pc.asteriskwritetimeout = 100; - if (!pc.clientwritetimeout) - pc.clientwritetimeout = 100; return 0; } diff --git a/src/include/astmanproxy.h b/src/include/astmanproxy.h index 83dc1ba..fdd783d 100644 --- a/src/include/astmanproxy.h +++ b/src/include/astmanproxy.h @@ -70,6 +70,9 @@ struct proxyconfig { int maxretries; int asteriskwritetimeout; /* ms to wait when writing to asteriskfor ast_carefulwrite */ int clientwritetimeout; /* ms to wait when writing to client ast_carefulwrite */ + int sslclhellotimeout; /* ssl client hello timeout -- how long to wait before assuming not ssl */ + int acceptencryptedconnection; /* accept encrypted connections? */ + int acceptunencryptedconnection; /* accept unencrypted connections? */ }; struct iohandler { |