[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[minion-cvs] Start of server impl, module manager, serverinfo genera...

To: mixminion-cvs@freehaven.net
Subject: [minion-cvs] Start of server impl, module manager, serverinfo genera...
From: nickm@seul.org (Nick Mathewson)
Date: Tue, 6 Aug 2002 12:09:23 -0400 (EDT)
Delivered-To: archiver@seul.org
Delivered-To: mixminion-cvs-outgoing@seul.org
Delivered-To: mixminion-cvs@seul.org
Delivery-Date: Tue, 06 Aug 2002 12:09:25 -0400
Reply-To: mixminion-cvs@freehaven.net
Sender: owner-mixminion-cvs@freehaven.net

Update of /home/minion/cvsroot/src/minion/src
In directory moria.seul.org:/tmp/cvs-serv21049/minion/src

Modified Files:
	crypt.c tls.c 
Log Message:
Start of server impl, module manager, serverinfo generation, and much more.

ServerMain:
	New file to hold main loop and state for server.  Will need to be
		refactored.

BuildMessage, Packet, test:
	Rename Local to MBOX

Config:
	Support for loadable modules

MMTPClient, MMTPServer:
	Change magic strings to match spec changes

MMTPServer:
	Blow up more intelligently on bad protocol list.
	Handle new padding format
	Add message to sent callback
	Add first cut of generic MMTPServer class

Modules:
	Add new module manager code, and an example MBOX module.

Queue:
	Log queue creation.
	Worry more about directory permissions

ServerInfo:
	Deal with spec changes; move MBox into a module

crypt.c:
	Accept (but ignore) bits argument on DH generation

tls.c:
	Add separate 'server mode' for sockets to allow incoming cipher
		suites that we'd otherwise reject.



Index: crypt.c
===================================================================
RCS file: /home/minion/cvsroot/src/minion/src/crypt.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- crypt.c	28 Jul 2002 22:42:33 -0000	1.9
+++ crypt.c	6 Aug 2002 16:09:21 -0000	1.10
@@ -828,7 +828,7 @@
 }
 
 const char mm_generate_dh_parameters__doc__[] = 
-   "generate_dh_parameters(filename, [bits, [verbose]])\n\n"
+   "generate_dh_parameters(filename, [verbose, [bits]])\n\n"
    "Generate a DH parameter file named <filename>. The parameters will be of\n"
    "size <bits>, which defaults to 512.  If <verbose>, a pattern of dots\n"
    "will appear on the screen to let you know that the program is still\n"
@@ -837,7 +837,7 @@
 PyObject *
 mm_generate_dh_parameters(PyObject *self, PyObject *args, PyObject *kwargs)
 {
-	static char *kwlist[] = { "filename", "verbose", NULL };
+	static char *kwlist[] = { "filename", "verbose", "bits", NULL };
 	char *filename;
 	int bits=512, verbose=0;
 	
@@ -845,9 +845,9 @@
 	DH *dh = NULL;
 
 	if (!PyArg_ParseTupleAndKeywords(args, kwargs, 
-					 "s|i:generate_dh_parameters", 
+					 "s|ii:generate_dh_parameters", 
 					 kwlist,
-					 &filename, &verbose))
+					 &filename, &verbose, &bits))
 		return NULL;
 	
 	if (!(out = BIO_new_file(filename, "w")))

Index: tls.c
===================================================================
RCS file: /home/minion/cvsroot/src/minion/src/tls.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- tls.c	28 Jul 2002 22:42:33 -0000	1.6
+++ tls.c	6 Aug 2002 16:09:21 -0000	1.7
@@ -93,6 +93,7 @@
    "Allocates a new TLSContext object.  The files, if provided, are used\n"
    "contain the PEM-encoded X509 public keys, private key, and DH\n"
    "parameters for this context.\n\n"
+   "If a cert is provided, assume we're working in server mode, and allow\n"
    "BUG:In the future, certs, pks, and dh parameters will be first-class.\n\n"
    "LIMITATION: We don\'t expose any more features than Mixminion needs.\n";
 
@@ -174,15 +175,17 @@
 }
 
 static char mm_TLSContext_sock__doc__[] = 
-   "context.sock(socket)\n\n"
+   "context.sock(socket, [serverMode])\n\n"
    "Creates a new TLS socket to send and receive from a given underlying\n"
-   "socket.";
+   "socket.\n\n"
+   "If serverMode is set, allow incoming non-DHE connections.\n";
 
 static PyObject *
 mm_TLSContext_sock(PyObject *self, PyObject *args, PyObject *kwargs)
 {
-	static char *kwlist[] = { "socket", NULL };
+	static char *kwlist[] = { "socket", "serverMode", NULL };
 	PyObject *sockObj;
+	int serverMode = 0;
 	int sock;
 
 	SSL_CTX *ctx;
@@ -190,8 +193,8 @@
 	SSL *ssl;
 	mm_TLSSock *ret;
 	
-	if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O:sock", 
-					 kwlist, &sockObj))
+	if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O|i:sock", 
+					 kwlist, &sockObj, &serverMode))
 		return NULL;
 	assert(mm_TLSContext_Check(self));
 
@@ -204,6 +207,12 @@
 
 	if (!(ssl = SSL_new(ctx))) {
 		mm_SSL_ERR(0); return NULL;
+	}
+
+	if (serverMode && !SSL_set_cipher_list(ssl, 
+		    TLS1_TXT_DHE_RSA_WITH_AES_128_SHA ":"
+		    SSL3_TXT_RSA_DES_192_CBC3_SHA)) {
+		mm_SSL_ERR(0); SSL_free(ssl); return NULL;
 	}
 
 	if (!(bio = BIO_new_socket(sock, BIO_NOCLOSE))) {

Prev by Date: [minion-cvs] Start of server impl, module manager, serverinfo genera...
Next by Date: [minion-cvs] Start of server impl, module manager, serverinfo genera...
Prev by thread: [minion-cvs] Start of server impl, module manager, serverinfo genera...
Next by thread: [minion-cvs] Start of server impl, module manager, serverinfo genera...
Index(es):
- Date
- Thread