planix.org/actube
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Wtpman can now handle ssl certificates.

Browse Source 
FossilOrigin-Name: 181e84f0e22285ce71f439073077eeeb8d18306063415da8509290dd0803d747
This commit is contained in:
7u83@mail.ru 2014-08-02 12:22:37 +00:00
parent bbdce4c404
commit 6c6084eff4
1 changed files with 25 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/ac/wtpman.c
View File

@ -52,14 +52,13 @@ static void wtpman_run_discovery(void *arg)
struct cwrmsg * cwrmsg; struct cwrmsg * cwrmsg;
printf("con get message\n");
// do { // do {
cwrmsg = conn_get_message(wtpman->conn); cwrmsg = conn_get_message(wtpman->conn);
// }while (!cwrmsg); // }while (!cwrmsg);
printf("cwrmsg = %p\n",cwrmsg); // printf("cwrmsg = %p\n",cwrmsg);
printf("RID: %d, WBID %d\n",cwrmsg->rid,cwrmsg->wbid); // printf("RID: %d, WBID %d\n",cwrmsg->rid,cwrmsg->wbid);
if ( !cwrmsg) if ( !cwrmsg)
@ -69,7 +68,7 @@ static void wtpman_run_discovery(void *arg)
} }
printf("cwrmswg type = %08X\n",cwrmsg->type); // printf("cwrmswg type = %08X\n",cwrmsg->type);
if (cwrmsg->type==CWMSG_DISCOVERY_REQUEST){ if (cwrmsg->type==CWMSG_DISCOVERY_REQUEST){
process_discovery_request(&wtpman->wtpinfo,cwrmsg->msgelems,cwrmsg->msgelems_len); process_discovery_request(&wtpman->wtpinfo,cwrmsg->msgelems,cwrmsg->msgelems_len);
@ -115,7 +114,6 @@ static void wtpman_run(void *arg)
struct wtpman * wtpman = (struct wtpman *)arg; struct wtpman * wtpman = (struct wtpman *)arg;
struct cwrmsg * cwrmsg = conn_get_message(wtpman->conn); struct cwrmsg * cwrmsg = conn_get_message(wtpman->conn);
printf("Running DTLS\n");
if (socklist[wtpman->socklistindex].type != SOCKLIST_UNICAST_SOCKET){ if (socklist[wtpman->socklistindex].type != SOCKLIST_UNICAST_SOCKET){
cw_log_debug0("Dropping connection from %s to non-unicast socket", CLIENT_IP); cw_log_debug0("Dropping connection from %s to non-unicast socket", CLIENT_IP);
@ -126,16 +124,30 @@ static void wtpman_run(void *arg)
cw_log_debug0("Establishing DTLS connection from %s",CLIENT_IP); cw_log_debug0("Establishing DTLS connection from %s",CLIENT_IP);
#ifdef WITH_DTLS #ifdef WITH_DTLS
if (!conf_dtls_psk){
cw_log(LOG_ERR,"Cant' establish DTLS connection, no psk set in config file");
wtpman_remove(wtpman); int dtls_ok=0;
return; if (conf_sslkeyfilename && conf_sslcertfilename){
wtpman->conn->dtls_key_file = conf_sslkeyfilename;
wtpman->conn->dtls_cert_file = conf_sslcertfilename;
wtpman->conn->dtls_key_pass = conf_sslkeypass;
wtpman->conn->dtls_cipher=CAPWAP_CIPHER;
dtls_ok=1;
} }
if (conf_dtls_psk){
wtpman->conn->dtls_psk=conf_dtls_psk; wtpman->conn->dtls_psk=conf_dtls_psk;
wtpman->conn->dtls_psk_len=strlen(conf_dtls_psk); wtpman->conn->dtls_psk_len=strlen(conf_dtls_psk);
wtpman->conn->dtls_cipher=CAPWAP_CIPHER; wtpman->conn->dtls_cipher=CAPWAP_CIPHER;
dtls_ok=1;
}
printf ("Goin to dtls accept\n"); if (!dtls_ok){
cw_log(LOG_ERR,"Cant' establish DTLS connection, neither psk nor certs set in config file");
wtpman_remove(wtpman);
return;
}
if ( !dtls_accept(wtpman->conn) ){ if ( !dtls_accept(wtpman->conn) ){
cw_log_debug0("Error establishing DTLS connection from %s",CLIENT_IP); cw_log_debug0("Error establishing DTLS connection from %s",CLIENT_IP);
@ -143,11 +155,10 @@ static void wtpman_run(void *arg)
return; return;
} }
printf("DTLS Done\n");
#endif #endif
// const struct sockaddr *sa, char *s, size_t maxlen // const struct sockaddr *sa, char *s, size_t maxlen
cw_log_debug0("DTLS Session established with %s", CLIENT_IP); cw_log_debug0("DTLS Session established with %s, cipher=%s", CLIENT_IP,dtls_get_cipher(wtpman->conn));
cwrmsg = conn_get_message(wtpman->conn); cwrmsg = conn_get_message(wtpman->conn);