jimloco / csocket Goto Github PK

View Code? Open in Web Editor NEW

20.0 20.0 22.0 1.1 MB

Asynchronous TCP socket classes

C++ 100.00%

csocket's People

Contributors

Stargazers

Watchers

csocket's Issues

Non-SSL build is broken

../src/Csocket.cpp:1536:1: error: unknown type name 'SSL_CTX'
SSL_CTX * Csock::SetupServerCTX()
^
../src/Csocket.cpp:1538:2: error: unknown type name 'SSL_CTX'
        SSL_CTX * pCTX = NULL;
        ^
../src/Csocket.cpp:1542:23: error: use of undeclared identifier 'SSLv3_server_method'
                pCTX = SSL_CTX_new( SSLv3_server_method() );
                                    ^
../src/Csocket.cpp:1570:23: error: use of undeclared identifier 'TLSv1_server_method'
                pCTX = SSL_CTX_new( TLSv1_server_method() );
                                    ^
../src/Csocket.cpp:1579:23: error: use of undeclared identifier 'SSLv2_server_method'
                pCTX = SSL_CTX_new( SSLv2_server_method() );
                                    ^
../src/Csocket.cpp:1594:23: error: use of undeclared identifier 'SSLv23_server_method'
                pCTX = SSL_CTX_new( SSLv23_server_method() );
                                    ^
../src/Csocket.cpp:1626:3: error: use of undeclared identifier 'SSLErrors'
                SSLErrors( __FILE__, __LINE__ );
                ^
../src/Csocket.cpp:1634:3: error: use of undeclared identifier 'SSLErrors'
                SSLErrors( __FILE__, __LINE__ );
                ^
../src/Csocket.cpp:1649:2: error: unknown type name 'DH'
        DH * dhParams = PEM_read_DHparams( dhParamsFile, NULL, NULL, NULL );
        ^
../src/Csocket.cpp:1649:18: error: use of undeclared identifier 'PEM_read_DHparams'
        DH * dhParams = PEM_read_DHparams( dhParamsFile, NULL, NULL, NULL );
                        ^
../src/Csocket.cpp:1657:4: error: use of undeclared identifier 'SSLErrors'
                        SSLErrors( __FILE__, __LINE__ );
                        ^
../src/Csocket.cpp:1667:3: error: use of undeclared identifier 'ERR_clear_error'
                ERR_clear_error();
                ^
../src/Csocket.cpp:3583:4: error: cannot initialize object parameter of type 'CSockCommon' with an expression of type 'Csock'
                        pcSock->Cron(); // call the Cron handler here
                        ^~~~~~
../src/Csocket.cpp:3622:3: error: cannot initialize object parameter of type 'CSockCommon' with an expression of type 'Csock'
                pcSock->AssignFDs( miiReadyFds, &tv );
                ^~~~~~
../src/Csocket.cpp:3773:3: error: cannot initialize object parameter of type 'CSockCommon' with an expression of type 'Csock'
                pcSock->CheckFDs( miiReadyFds );
                ^~~~~~
../src/Csocket.cpp:3925:41: error: cannot initialize object parameter of type 'const CSockCommon' with an expression of type 'Csock'
                const std::vector<CCron *> & vCrons = pSock->GetCrons();
                                                      ^~~~~
In file included from ../src/Csocket.cpp:41:
../include/znc/Csocket.h:1164:35: warning: private field 'm_bNoSSLCompression' is not used [-Wunused-private-field]
        bool            m_bIsIPv6, m_bSkipConnect, m_bNoSSLCompression;
                                                   ^
1 warning and 16 errors generated.

1b96a7b is the culprit

Allow shutting down a socket (after write queue)

Instead of a pull request I am making an issue so we can discuss how this should be implemented as I can see various different routes. The easiest would be abusing the close type of a socket as follows: http://snippt.herokuapp.com/Z0yLSJ/

Why do we need this?

With HTTP, we need to shutdown the write sock for keep-alive.

LibreSSL support?

libressl works, but it needs an extra header to be included in csocket or it won't compile

via znc/znc#894 (comment)

I am still unsure if it would break anything else as can be seen from that discussion, but it probably wouldn't hurt if it was supported (and didn't break anything). At least OS X has libressl in homebrew.

Fix warnings of -Weffc++

There are lots of warnings when -Weffc++ is enabled: http://cutebin.fi/pipwgpbvw. The majority of warnings are due to members not being initialized in the initialization list.

Ref. znc/znc#270

Queue any TLS handshake after the current write queue is empty

Write("We're about to switch to TLS");
StartTLS();

With the current implementation, the TLS handshake will occur before anything in the write queue, so if you write before this might not happen until after.

Cygwin: connection is not refused

Details are at znc/znc#1061

Compilation fails on OS X (e00323f9f1)

# clang++ -c -o Csocket.o Csocket.cc
Csocket.cc:591:8: error: cannot initialize return object of type 'const char *' with an rvalue of type 'int'
        return( strerror_r( iErrno, pszBuff, uBuffLen ) );
              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.

(Also happens with GCC.)

Pretty much, OS X only provides the POSIX compliant strerror_r with an int return type.

Perhaps the feature test should simply be !defined( _GNU_SOURCE )? Not sure, though.

LibreSSL: support recent versions

since some time its not possible anymore to compile Csocket against a 'recent' LibreSSL-Version.
i encounter this while trying to compile latest znc/znc@efe6400

LibreSSL 3.0.2 (https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.0.2.tar.gz) is installed with --prefix $HOME and znc is configured with ./configure CXXFLAGS=-I$HOME/include/openssl LDFLAGS=-L$HOME/lib --prefix=$HOME

but Csocket shows a error:

Linking znc...
src/Csocket.o: In function `Csock::ConfigureCTXOptions(ssl_ctx_st*)':
Csocket.cpp:(.text+0x316d): undefined reference to `SSL_CTX_set_options'
src/Csocket.o: In function `Csock::SetupServerCTX()':
Csocket.cpp:(.text+0x6bdb): undefined reference to `SSL_CTX_set_options'
src/SSLVerifyHost.o: In function `ZNC_SSLVerifyHost(CString const&, x509_st const*, CString&)':
SSLVerifyHost.cpp:(.text+0x14fb): undefined reference to `OPENSSL_sk_num'
SSLVerifyHost.cpp:(.text+0x15b3): undefined reference to `OPENSSL_sk_value'
SSLVerifyHost.cpp:(.text+0x17de): undefined reference to `OPENSSL_sk_pop_free'
SSLVerifyHost.cpp:(.text+0x1dab): undefined reference to `OPENSSL_sk_pop_free'
SSLVerifyHost.cpp:(.text+0x218b): undefined reference to `OPENSSL_sk_pop_free'
collect2: error: ld returned 1 exit status

since i saw #47 - maybe someone could be so kind to update Csocket.

i also mentioned this error some time ago at the znc-issues:
znc/znc#1648

Support HAProxy's PROXY Protocol

The HAProxy team devised a TCP-level analogue to HTTP's X-Forwarded-For header called PROXY Protocol. It works by including a header to TCP connections with information about the true source of the connection. As the name implies, this is useful when running a TCP service behind a load balancer or reverse proxy. It would be nice if Csocket supported this, providing a method that would cause a listening socket to expect the PROXY Protocol header and use the information provided there for things like Csock::GetRemoteIP().

Support SNI (Server name indication) (OpenSSL)

This is simple to do, just use SSL_set_tlsext_host_name(context, hostname). It just needs to be added to the correct place in the TLS code.

Compilation against musl instead of glibc

Hi,

Kuja tried building ZNC against musl. This resulted in one warning (repeatedly) and one error:

Building core object Csocket...
In file included from ./include/znc/Csocket.h:48:0,
                 from src/Csocket.cpp:41:
/usr/include/sys/fcntl.h:1:2: warning: #warning redirecting incorrect #include <sys/fcntl.h> to <fcntl.h> [-Wcpp]
src/Csocket.cpp: In function ‘const char* CS_StrError(int, char*, size_t)’:
src/Csocket.cpp:625:50: error: invalid conversion from ‘int’ to ‘const char*’ [-fpermissive]

The error is about strerror_r()'s return value. I don't have any good suggestions on what to do about this.

Cheers,
Uli

Please allow to disable SSL / TLS compression to mitigate the "CRIME" attack

References:

TCP keepalive

An option for TCP keepalive feature could be nice, when Csocket is used e.g. for connecting to IRC networks (see issue znc/znc#415).

RFC1122 suggests to put keepalive default to off. But it's also from 1989 and things have changed a bit since then :)

Maybe it can also be included in a fixed way, but this I don't know.

Question: Should Csocket (on Unix) support Unix sockets?

Hi,

there is a feature request asking that ZNC should support listening on Unix sockets. The question now is if this should be done in Csocket or only in ZNC. I guess on Windows, the API would just not be available.
What do you think about this? Should I implement the low-level bits of this in Csocket or in ZNC?

Csock::GetPeerFingerprint should support SHA256 or SHA512

currently only supports SHA1

jimloco / csocket Goto Github PK

csocket's People

Contributors

Stargazers

Watchers

Forkers

csocket's Issues

Why do we need this?

Recommend Projects

Recommend Topics

Recommend Org