TLS preliminary tests ok

2025-07-25 13:16:12 +03:00 · 2018-12-09 13:20:02 +01:00
parent 340e641456
commit 29a5e60de7
17 changed files with 81 additions and 45 deletions
--- a/build/modules/configRead.o
+++ b/build/modules/configRead.o
--- a/build/modules/connection.o
+++ b/build/modules/connection.o
--- a/build/modules/daemon.o
+++ b/build/modules/daemon.o
--- a/build/modules/dynamicVectors.o
+++ b/build/modules/dynamicVectors.o
--- a/build/modules/fileManagement.o
+++ b/build/modules/fileManagement.o
--- a/build/modules/ftpCommandElaborate.o
+++ b/build/modules/ftpCommandElaborate.o
--- a/build/modules/ftpData.o
+++ b/build/modules/ftpData.o
--- a/build/modules/ftpServer.o
+++ b/build/modules/ftpServer.o
--- a/build/modules/logFunctions.o
+++ b/build/modules/logFunctions.o
--- a/build/modules/openSsl.o
+++ b/build/modules/openSsl.o
--- a/build/modules/signals.o
+++ b/build/modules/signals.o
--- a/build/uFTP
+++ b/build/uFTP
--- a/ftpCommandElaborate.c
+++ b/ftpCommandElaborate.c
@ -572,8 +572,10 @@ int parseCommandList(ftpDataType * data, int socketId)
    theNameToList = getFtpCommandArg("LIST", data->clients[socketId].theCommandReceived, 1);
    getFtpCommandArgWithOptions("LIST", data->clients[socketId].theCommandReceived, &data->clients[socketId].workerData.ftpCommand);
-    printf("\nLIST COMMAND ARG: %s", data->clients[socketId].workerData.ftpCommand.commandArgs.text);
+    if (data->clients[socketId].workerData.ftpCommand.commandArgs.text != NULL)
-    printf("\nLIST COMMAND OPS: %s", data->clients[socketId].workerData.ftpCommand.commandOps.text);
+    	printf("\nLIST COMMAND ARG: %s", data->clients[socketId].workerData.ftpCommand.commandArgs.text);
    if (data->clients[socketId].workerData.ftpCommand.commandOps.text != NULL)
    	printf("\nLIST COMMAND OPS: %s", data->clients[socketId].workerData.ftpCommand.commandOps.text);
    printf("\ntheNameToList: %s", theNameToList);
    cleanDynamicStringDataType(&data->clients[socketId].workerData.ftpCommand.commandArgs, 0);
--- a/ftpServer.c
+++ b/ftpServer.c
@ -78,6 +78,27 @@ void workerCleanup(void *socketId)
 				}
 			}
 		}
 		if(ftpData.clients[theSocketId].workerData.activeModeOn == 1)
 		{
 			printf("\nSSL worker Shutdown 1");
 			returnCode = SSL_shutdown(ftpData.clients[theSocketId].workerData.clientSsl);
 			printf(" return code : %d", returnCode);
 			if (returnCode < 0)
 			{
 				printf("SSL_shutdown failed return code %d", returnCode);
 			}
 			else if (returnCode == 0)
 			{
 				returnCode = SSL_shutdown(ftpData.clients[theSocketId].workerData.clientSsl);
 				if (returnCode <= 0)
 				{
 					printf("SSL_shutdown (2nd time) failed");
 				}
 			}
 		}
 	}
 	#endif
@ -95,6 +116,8 @@ void *connectionWorkerHandle(void * socketId)
  ftpData.clients[theSocketId].workerData.threadIsAlive = 1;
  int returnCode;
  printf("\nWORKER CREATED!");
  //Passive data connection mode
  if (ftpData.clients[theSocketId].workerData.passiveModeOn == 1)
  {
@ -215,6 +238,9 @@ void *connectionWorkerHandle(void * socketId)
    ftpData.clients[theSocketId].workerData.socketIsConnected = 1;
  }
  printf("\nftpData.clients[theSocketId].workerData.socketIsConnected = %d", ftpData.clients[theSocketId].workerData.socketIsConnected);
 //Endless loop ftp process
  while (1)
  {
@ -222,6 +248,7 @@ void *connectionWorkerHandle(void * socketId)
    if (ftpData.clients[theSocketId].workerData.socketIsConnected > 0)
    {
    	printf("\nWorker is waiting for commands!");
        //Conditional lock on thread actions
        pthread_mutex_lock(&ftpData.clients[theSocketId].workerData.conditionMutex);
        while (ftpData.clients[theSocketId].workerData.commandReceived == 0)
@ -497,7 +524,7 @@ void runFtpServer(void)
 						if ( ((int)time(NULL) - ftpData.clients[processingSock].tlsNegotiatingTimeStart) > TLS_NEGOTIATING_TIMEOUT )
 						{
 							ftpData.clients[processingSock].closeTheClient = 1;
-							printf("\nTLS timeout closing the client time:%lld, start time: %lls..", (int)time(NULL), ftpData.clients[processingSock].tlsNegotiatingTimeStart);
+							printf("\nTLS timeout closing the client time:%lld, start time: %lld..", (int)time(NULL), ftpData.clients[processingSock].tlsNegotiatingTimeStart);
 						}
 					}
@ -625,6 +652,9 @@ static int processCommand(int processingElement)
        (compareStringCaseInsensitive(ftpData.clients[processingElement].theCommandReceived, "USER", strlen("USER")) != 1 &&
         compareStringCaseInsensitive(ftpData.clients[processingElement].theCommandReceived, "PASS", strlen("PASS")) != 1 &&
         compareStringCaseInsensitive(ftpData.clients[processingElement].theCommandReceived, "QUIT", strlen("QUIT")) != 1 &&
 		 compareStringCaseInsensitive(ftpData.clients[processingElement].theCommandReceived, "PBSZ", strlen("PBSZ")) != 1 &&
 		 compareStringCaseInsensitive(ftpData.clients[processingElement].theCommandReceived, "PROT", strlen("PROT")) != 1 &&
 		 compareStringCaseInsensitive(ftpData.clients[processingElement].theCommandReceived, "CCC", strlen("CCC")) != 1 &&
         compareStringCaseInsensitive(ftpData.clients[processingElement].theCommandReceived, "AUTH", strlen("AUTH")) != 1))
        {
            toReturn = notLoggedInMessage(&ftpData, processingElement);
--- a/library/connection.c
+++ b/library/connection.c
@ -44,20 +44,23 @@
 int socketPrintf(ftpDataType * ftpData, int clientId, const char *__restrict __fmt, ...)
 {
 	#define COMMAND_BUFFER								9600
 	#define SOCKET_PRINTF_BUFFER						2048
 	int bytesWritten = 0;
 	char theBuffer[SOCKET_PRINTF_BUFFER];
-	int theStringSize = 0;
+	char commandBuffer[COMMAND_BUFFER];
 	int theStringSize = 0, theCommandSize = 0;
 	memset(&theBuffer, 0, SOCKET_PRINTF_BUFFER);
 	memset(&commandBuffer, 0, COMMAND_BUFFER);
 	printf("\nWriting to socket id %d, TLS %d: ", clientId, ftpData->clients[clientId].tlsIsEnabled);
 	pthread_mutex_lock(&ftpData->clients[clientId].writeMutex);
 	va_list args;
 	va_start(args, __fmt);
 	pthread_mutex_lock(&ftpData->clients[clientId].writeMutex);
 	while (*__fmt != '\0')
 	{
 		int i = 0;
 		theStringSize = 0;
 		switch(*__fmt)
 		{
@ -113,47 +116,34 @@ int socketPrintf(ftpDataType * ftpData, int clientId, const char *__restrict __f
 			break;
 		}
-		if (theStringSize >= SOCKET_PRINTF_BUFFER) {
+		for (i = 0; i <theStringSize; i++)
 			printf("\n String buffer is full!");
 		}
 		else if (theStringSize < SOCKET_PRINTF_BUFFER &&
 				theStringSize > 0)
 		{
-			int theReturnCode = 0;
+			if (theCommandSize < COMMAND_BUFFER)
 			if (ftpData->clients[clientId].tlsIsEnabled != 1)
 			{
-				theReturnCode = write(ftpData->clients[clientId].socketDescriptor, theBuffer, theStringSize);
+				commandBuffer[theCommandSize++] = theBuffer[i];
 			}
 			else if (ftpData->clients[clientId].tlsIsEnabled == 1)
 			{
 				#ifdef OPENSSL_ENABLED
 				theReturnCode = SSL_write(ftpData->clients[clientId].ssl, theBuffer, theStringSize);
 				#endif
 			}
 			printf("%s", theBuffer);
 			if (theReturnCode > 0)
 			{
 				bytesWritten += theReturnCode;
 			}
 			else
 			{
 				bytesWritten = theReturnCode;
 				break;
 			}
 		}
 		else if(theStringSize == 0)
 		{
 			printf("\n Nothing to write.. ");
 		}
 		++__fmt;
 	}
 	va_end(args);
 	if (ftpData->clients[clientId].tlsIsEnabled != 1)
 	{
 		bytesWritten = write(ftpData->clients[clientId].socketDescriptor, commandBuffer, theCommandSize);
 	}
 	else if (ftpData->clients[clientId].tlsIsEnabled == 1)
 	{
 		#ifdef OPENSSL_ENABLED
 		bytesWritten = SSL_write(ftpData->clients[clientId].ssl, commandBuffer, theCommandSize);
 		#endif
 	}
 	printf("\n%s", commandBuffer);
 	pthread_mutex_unlock(&ftpData->clients[clientId].writeMutex);
-	va_end(args);
+
 	return bytesWritten;
 }
@ -241,14 +231,18 @@ int socketWorkerPrintf(ftpDataType * ftpData, int clientId, const char *__restri
 			{
 				#ifdef OPENSSL_ENABLED
-				if (ftpData->clients[clientId].workerData.passiveModeOn == 1)
+				if (ftpData->clients[clientId].workerData.passiveModeOn == 1){
 					theReturnCode = SSL_write(ftpData->clients[clientId].workerData.serverSsl, theBuffer, theStringSize);
-				else if (ftpData->clients[clientId].workerData.activeModeOn == 1)
+					printf("passive: %s", theBuffer);
 				}
 				else if (ftpData->clients[clientId].workerData.activeModeOn == 1){
 					theReturnCode = SSL_write(ftpData->clients[clientId].workerData.clientSsl, theBuffer, theStringSize);
 					printf("Active: %s", theBuffer);
 				}
 				#endif
 			}
-			printf("%s", theBuffer);
+
 			if (theReturnCode > 0)
 			{
--- a/library/openSsl.c
+++ b/library/openSsl.c
@ -87,7 +87,7 @@ SSL_CTX *createClientContext(void)
 void configureClientContext(SSL_CTX *ctx, char *certificatePath, char* privateCertificatePath)
-{
+{/*
 	if (FILE_IsFile(certificatePath) != 1)
 	{
 		printf("\ncertificate file: %s not found!", certificatePath);
@ -100,7 +100,7 @@ void configureClientContext(SSL_CTX *ctx, char *certificatePath, char* privateCe
 		exit(0);
 	}
-    /* Set the key and cert */
+     Set the key and cert
    if (SSL_CTX_use_certificate_file(ctx, certificatePath, SSL_FILETYPE_PEM) <= 0) {
        ERR_print_errors_fp(stderr);
        exit(EXIT_FAILURE);
@ -109,7 +109,7 @@ void configureClientContext(SSL_CTX *ctx, char *certificatePath, char* privateCe
    if (SSL_CTX_use_PrivateKey_file(ctx, privateCertificatePath, SSL_FILETYPE_PEM) <= 0 ) {
        ERR_print_errors_fp(stderr);
        exit(EXIT_FAILURE);
-    }
+    } */
 }
 void configureContext(SSL_CTX *ctx, char *certificatePath, char* privateCertificatePath)
--- a/testNotes.txt
+++ b/testNotes.txt
@ -0,0 +1,10 @@
 #NOTES ONLY FOR DEVELOPERS
 #OPENSSL TEST COMMANDS
 openssl s_client -starttls ftp -connect 192.168.1.237:21
 sudo openssl s_server -key key.pem -cert cert.pem -accept 123
 USER username
 PASS password
 PROT P
 PORT 192,168,1,237,0,123
 LIST