Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:37:47 +0000 (14:37 -0300)]
Handle ERROR event as a CLOSE one and use masks not case to test events.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:35:44 +0000 (14:35 -0300)]
Block/ignore SIGPIPE.
Thadeu Lima de Souza Cascardo [Mon, 20 Jul 2009 17:34:43 +0000 (14:34 -0300)]
FIX: use ssl connection as lower layer for pop connection, not channel
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 21:05:14 +0000 (18:05 -0300)]
Library linking flag should be in LIBS variable.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 20:54:58 +0000 (17:54 -0300)]
Allow sysadmin to set the default policy.
Instead of assuming the empty allow database as a default allow policy,
let the sysadmin pick up the default policy in the configuration file.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 20:54:36 +0000 (17:54 -0300)]
Do not use quotes for filenames.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 20:42:37 +0000 (17:42 -0300)]
User GDBM instead of QDBM.
This will make it easier to support CentOS 5 without extra requirements.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 18:39:47 +0000 (15:39 -0300)]
Added option server_ssl to indicate whether server is SSL enabled.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 18:12:10 +0000 (15:12 -0300)]
Added support for configuring certificate and key files.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 18:06:01 +0000 (15:06 -0300)]
Change anonymous SSL credentials to X.509 credentials.
We load files from the current directory, but must use files from the
configuration file.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:42:32 +0000 (14:42 -0300)]
Added separate header for SSL connection support.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:39:47 +0000 (14:39 -0300)]
Changed header protection macro name.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:38:24 +0000 (14:38 -0300)]
Added support for server-side SSL with anonymous credentials.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:25:18 +0000 (14:25 -0300)]
Add function to create client connection channel.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:09:28 +0000 (14:09 -0300)]
Added comment to fix address printing later.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:08:47 +0000 (14:08 -0300)]
Allow set_driver to fail and handle this case.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 17:01:03 +0000 (14:01 -0300)]
Split code so we can reuse it without copying it.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 16:53:19 +0000 (13:53 -0300)]
Rename functions so we can distinguish client and server SSL support.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 15:49:37 +0000 (12:49 -0300)]
Split SSL data initialization into GNUTLS session and others.
This will allow us to use another session initialization function later
and have server-side SSL support.
Thadeu Lima de Souza Cascardo [Tue, 7 Jul 2009 01:36:50 +0000 (22:36 -0300)]
Remove no more needed files: nethook and null hook.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:14:21 +0000 (18:14 -0300)]
Use POP connection layer, reintroducing POP access control.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:14:01 +0000 (18:14 -0300)]
No nethook available anymore.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:13:26 +0000 (18:13 -0300)]
Check if connection to server is successfull.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 21:11:46 +0000 (18:11 -0300)]
Rewrite POP nethook as a connection layer.
It seemed the most simple thing to do so we could drop the nethook
interface entirely.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 18:35:34 +0000 (15:35 -0300)]
Remove dependency on nethook and null hook.
With SSL as a connection layer, it's very simple to implement a
reverse pass-through proxy simply plugging the two connections.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 19:58:27 +0000 (16:58 -0300)]
Close the other end of the connection too.
When the proxy is the one to close the connection, it should close both
ends, since there will be no event indicating one of the ends was
closed.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:28:32 +0000 (14:28 -0300)]
Handle close event in SSL layer watch.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:26:47 +0000 (14:26 -0300)]
Check for driver methods before calling them and reset them on close.
This may avoid some hickups when methods are improperly called.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:25:21 +0000 (14:25 -0300)]
Use close instead of shutdown.
The difference is that close will push the remaining data to be sent
before closing the connection.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 17:24:26 +0000 (14:24 -0300)]
Handle other socket events and push them forward.
Handle HUP event and the case where the other end has closed the
connection and read returns 0.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:45:24 +0000 (02:45 -0300)]
Only start logging after successfully starting server.
User GLib log messages instead of printing to stderr, but only set log
handler to syslog after successfully start waiting for connections.
Then, the user will get proper error messages at the console if proxy
cannot be started.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:27:16 +0000 (02:27 -0300)]
Add option to make program run in foreground.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:14:52 +0000 (02:14 -0300)]
Added some comments and reminders in connection system.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 05:09:34 +0000 (02:09 -0300)]
Update documentation to popproxy, instead of improxy.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:59:54 +0000 (01:59 -0300)]
Implement server port support and update copyright year and style.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:53:21 +0000 (01:53 -0300)]
Remove the ssl hook files, since we don't need them any more.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:51:22 +0000 (01:51 -0300)]
Use the null hook instead of the ssl hook.
This will allow us to remove the ssl hook entirely, since it's repeating
code from the ssl connection driver and complicates things more than
necessary.
We lose server port configuration now, but it should be plain easy to
get it back.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:49:54 +0000 (01:49 -0300)]
Make null hook use SSL connection driver and pop3s port by default.
This null hook should get parameters for both the port and SSL support.
Using URIs would be the best way to do it.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 04:45:46 +0000 (01:45 -0300)]
Export ssl connection driver in header and reorganize Makefile.am.
This includes hcconn_ssl.c effectively into the building system and
headers, allowing it to be used by other modules.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 22:07:09 +0000 (19:07 -0300)]
Added SSL client layer.
This layer should be easily migrated into a server layer too. It should
make things easier when communicating with SSL peers, since it's pretty
transparent to the peer proxy connection.
Thadeu Lima de Souza Cascardo [Fri, 3 Jul 2009 01:40:05 +0000 (22:40 -0300)]
Fix memory leak: destroy channel layer when closing.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 23:47:16 +0000 (20:47 -0300)]
Separate iochannel implementation from HCConn interface.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 23:06:49 +0000 (20:06 -0300)]
Split copyright years in different lines.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 23:05:23 +0000 (20:05 -0300)]
Remove watch before closing connection.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 20:13:46 +0000 (17:13 -0300)]
Allow server to reuse bound address.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 20:04:26 +0000 (17:04 -0300)]
Split internal details of HCConn into header to allow other layers.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:56:19 +0000 (15:56 -0300)]
Remove unneeded server name information in ssl status.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:45:22 +0000 (15:45 -0300)]
Rename iochannel to hcconn.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:40:41 +0000 (15:40 -0300)]
BUG: write call was replaced by a read call
Instead of writing, we were reading from the socket. Fix it.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:36:24 +0000 (15:36 -0300)]
Only set socket as non blocking after sending connection notice.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:35:49 +0000 (15:35 -0300)]
Do not consider handshaking done if some error was returned.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 18:00:07 +0000 (15:00 -0300)]
Remove the write hook.
We never needed this and we shall never need it. As long as connection
system is able to buffer writes, we are OK.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 17:59:08 +0000 (14:59 -0300)]
Dispatch connect event.
The connect event is needed to do TLS handshaking. This is not the best
implementation, since we don't do async connections right now.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 17:49:13 +0000 (14:49 -0300)]
Change from GNet to HCConn.
Now, we use our own implementation of TCP connection and server, instead
of using GNet. There is some missing pieces and it doesn't work right
now, but it's easier to hack on and we don't depend on this library
anymore.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 17:47:56 +0000 (14:47 -0300)]
Let user set HCConn callback function and data.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 16:55:29 +0000 (13:55 -0300)]
Added connection structure to replace GNet.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 16:08:06 +0000 (13:08 -0300)]
Added watch for server connections.
Register a callback to be called when a server socket receives a
connection.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 15:37:55 +0000 (12:37 -0300)]
Added support for creating a TCP server.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 04:47:14 +0000 (01:47 -0300)]
Make some internal functions static.
Thadeu Lima de Souza Cascardo [Thu, 2 Jul 2009 04:46:28 +0000 (01:46 -0300)]
Added library to do a TCP connection.
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 21:53:39 +0000 (18:53 -0300)]
Really remove unused files for popproxy
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 19:19:03 +0000 (16:19 -0300)]
Make server port configurable
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:35:37 +0000 (14:35 -0300)]
Tell automake to include the configuration file in distribution
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:31:33 +0000 (14:31 -0300)]
Remove protocol detection altogether
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:30:10 +0000 (14:30 -0300)]
Do not require jabber headers
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:29:13 +0000 (14:29 -0300)]
Remove jabber files from Makefile too
Thadeu Lima de Souza Cascardo [Wed, 1 Jul 2009 17:23:41 +0000 (14:23 -0300)]
Remove unneeded libraries for popproxy
Thadeu Lima de Souza Cascardo [Mon, 22 Jun 2009 15:21:14 +0000 (12:21 -0300)]
Stop leaking connections to the server when denying access.
Thadeu Lima de Souza Cascardo [Mon, 22 Jun 2009 14:22:08 +0000 (11:22 -0300)]
Close databases for every query to avoid concurrency.
This allows to manipulate the database while proxy is running. This also
solves the problem when a database exists but is empty. In this case,
consider as if it does not exist.
Thadeu Lima de Souza Cascardo [Mon, 22 Jun 2009 14:21:38 +0000 (11:21 -0300)]
Implement database listing.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 02:29:29 +0000 (23:29 -0300)]
Destroy SSL connection properly.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 02:27:24 +0000 (23:27 -0300)]
Added a manager that adds and removes users from allow and deny tables.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 01:51:33 +0000 (22:51 -0300)]
Deny map is deny.db, not allow.db.
Thadeu Lima de Souza Cascardo [Sat, 20 Jun 2009 01:31:14 +0000 (22:31 -0300)]
Use QDBM to look up for user access permission.
Thadeu Lima de Souza Cascardo [Fri, 19 Jun 2009 22:24:13 +0000 (19:24 -0300)]
Added stub support for access control, with deny by default.
Thadeu Lima de Souza Cascardo [Thu, 11 Jun 2009 00:00:28 +0000 (21:00 -0300)]
Check for the user trying to authenticate.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 23:22:36 +0000 (20:22 -0300)]
Read line by line from client and write it to server.
Now, it is possible to look at a whole line in case we receive only part
of it in a given TCP segment.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 23:01:05 +0000 (20:01 -0300)]
Added buffer so we can buffer entire lines in a later patch.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 17:31:56 +0000 (14:31 -0300)]
Added a hook on top of the SSL layer, allowing to filter data.
Thadeu Lima de Souza Cascardo [Wed, 10 Jun 2009 17:13:04 +0000 (14:13 -0300)]
Split SSL server support from SSL client support.
Thadeu Lima de Souza Cascardo [Sun, 7 Jun 2009 16:55:10 +0000 (13:55 -0300)]
Use configuration default values.
When there is no value for a given configuration key, use default
values.
Thadeu Lima de Souza Cascardo [Sun, 7 Jun 2009 16:54:50 +0000 (13:54 -0300)]
Free strings allocated from reading the configuration file.
Thadeu Lima de Souza Cascardo [Sun, 7 Jun 2009 15:40:48 +0000 (12:40 -0300)]
Exit if not able to read and parse the configuration file.
Thadeu Lima de Souza Cascardo [Sun, 7 Jun 2009 15:35:20 +0000 (12:35 -0300)]
Exit if not able to create server.
If we cannot bind to the address, exit. Only log the listen address if
it is successfull.
Thadeu Lima de Souza Cascardo [Sat, 6 Jun 2009 22:32:15 +0000 (19:32 -0300)]
Added support for SSL when connecting to server.
Thadeu Lima de Souza Cascardo [Thu, 4 Jun 2009 15:10:24 +0000 (12:10 -0300)]
Initialize and deinitialize gnutls in main program.
Thadeu Lima de Souza Cascardo [Thu, 4 Jun 2009 15:03:10 +0000 (12:03 -0300)]
Detects GNUTLS and build with it.
Thadeu Lima de Souza Cascardo [Thu, 4 Jun 2009 14:53:40 +0000 (11:53 -0300)]
Added .gitignore to ignore built files.
This ignore built files, including files that were built using autoconf
and automake.
Thadeu Lima de Souza Cascardo [Thu, 4 Jun 2009 14:50:02 +0000 (11:50 -0300)]
Implement pretty simple bypass client-server hook.
We no longer do any protocol detection. Instead, we assume that we have
a POP3 connection. We may use different server sockets for different
protocols in the future. This simple null hook always connect to a given
server and passes all bytes from one connection to the other.
Thadeu Lima de Souza Cascardo [Thu, 4 Jun 2009 14:10:51 +0000 (11:10 -0300)]
Changed some references from improxy to popproxy.
Since this is now a project about a POP3 proxy, and not a IM/XMPP proxy,
the project and program name, as well as the configuration filename, the
default port and the log init function name have been changed.
Thadeu Lima de Souza Cascardo [Thu, 4 Jun 2009 14:14:06 +0000 (11:14 -0300)]
Git works better when changes are not made when renaming.
This commit will not build, but it will allow us to track the history of
some renamed files better.
Thadeu Lima de Souza Cascardo [Thu, 4 Jun 2009 14:05:03 +0000 (11:05 -0300)]
Only daemonize right before running loop.
If we daemonize prematurely, the user may not see messages produced by
the options parser, for example. Now, --help works as intended.
Thadeu Lima de Souza Cascardo [Fri, 8 Dec 2006 20:07:22 +0000 (20:07 +0000)]
Changed private data for jabber connection to include SASL context
The private hook data for jabber connections, which consisted solely
of the iksemel (XML) parser, now includes GNU SASL context and
client/server sessions. Functions for creating and destroying the data
are provided.
Thadeu Lima de Souza Cascardo [Fri, 8 Dec 2006 20:03:18 +0000 (20:03 +0000)]
Detects GNU SASL
Detects GNU SASL using autoconf and builds with it.
Thadeu Lima de Souza Cascardo [Mon, 22 Sep 2008 18:31:34 +0000 (15:31 -0300)]
Removed autogenerated/copied file by automake
INSTALL file is copied/linked from automake. Since this is
autogenerated, it is not that interesting to keep it version-controlled.
Removing it.
Thadeu Lima de Souza Cascardo [Sat, 9 Dec 2006 02:48:52 +0000 (02:48 +0000)]
Identifies user authentication ID using SASL PLAIN mechanism
Identifies user authentication ID when user authenticates using SASL
PLAIN mechanism. It simply base64 decodes the first SASL message sent
by client.
Thadeu Lima de Souza Cascardo [Sat, 9 Dec 2006 01:33:11 +0000 (01:33 +0000)]
proxy advertises only SASL PLAIN mechanism if it is supported by server
If server supports SASL PLAIN mechanism, instead of advertising all
supported mechanisms to client, the proxy advertises only PLAIN. This
way, client is forced to use PLAIN. If server does not support or
allow use of PLAIN mechanism, proxy announces all of them. In the
future, it will announce only PLAIN and use whichever mechanism is
safer in the path from proxy to server.
Thadeu Lima de Souza Cascardo [Thu, 30 Nov 2006 23:23:22 +0000 (23:23 +0000)]
Fixed warning with a missing function declaration
jabber_new_start is used in two files and was not declared in a
header.
Thadeu Lima de Souza Cascardo [Fri, 20 Oct 2006 15:55:45 +0000 (15:55 +0000)]
Filter TLS support from server
TLS support from server is not communicated to the client. Then,
clients requesting TLS will not try to stablish a chypered connection,
which the proxy wouldn't be able to filter.
Thadeu Lima de Souza Cascardo [Fri, 20 Oct 2006 15:27:00 +0000 (15:27 +0000)]
Removed unused variable
Removed unused variable in function jabber_new_start.