#include "connection.h"
#include <arpa/inet.h>
+#include <assert.h>
#include <errno.h>
+#include <limits.h>
+#include <netinet/in.h>
#include <pthread.h>
#include <signal.h>
+#include <stdint.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
-#include <unistd.h>
#if GNUTLS_VERSION_NUMBER <= 0x020b00
/* Necessary for GnuTLS when used with threads. */
}
#ifdef USE_IPV4_ONLY
- server_socket = socket(PF_INET, SOCK_STREAM, 0);
+ server_socket = socket(AF_INET, SOCK_STREAM, 0);
#else
- server_socket = socket(PF_INET6, SOCK_STREAM, 0);
+ server_socket = socket(AF_INET6, SOCK_STREAM, 0);
#endif
if (server_socket < 0) {
perror("socket()");
if (global_log_level >= LOG_DEBUG1_LEVEL) {
printf("tlsproxy %s\n", VERSION);
printf("Listening for connections on port %d.\n", port);
+ printf("Priority string: %s.\n", PROXY_TLS_PRIORITIES);
if (global_proxy_host != NULL && global_proxy_port != NULL) {
printf("Using proxy: %s:%s.\n", global_proxy_host,
/* Default values. */
thread_count = 10;
#ifdef DEBUG
- global_log_level = LOG_DEBUG1_LEVEL;
+ global_log_level = LOG_DEBUG2_LEVEL;
#else
global_log_level = LOG_WARNING_LEVEL;
#endif
argv);
fprintf(stderr, "\n");
fprintf(stderr, "-a digest authentication file [default: none]\n");
- fprintf(stderr, "-d debug level: 0=errors only, 2=debug [default: 1]\n");
+ fprintf(stderr, "-d debug level: 0=errors only, 2=debug, 3=more debug [default: 1]\n");
fprintf(stderr, "-p proxy hostname and port\n");
fprintf(stderr, "-t number of threads [default: 10]\n");
fprintf(stderr, "-u passthrough connection if no certificate is stored \
#endif
/* Setup GnuTLS cipher suites. */
- result = gnutls_priority_init(&global_tls_priority_cache, "NORMAL", NULL);
+ result = gnutls_priority_init(&global_tls_priority_cache,
+ PROXY_TLS_PRIORITIES, NULL);
GNUTLS_ERROR_EXIT(result, "gnutls_priority_init()");
/* Read Diffie-Hellman parameters. */
exit(EXIT_FAILURE);
}
dh_parameters_datum.data = (unsigned char *)dh_parameters;
- dh_parameters_datum.size = strlen(dh_parameters);
+ assert(strlen(dh_parameters) <= UINT_MAX);
+ dh_parameters_datum.size = (unsigned int)(strlen(dh_parameters));
result = gnutls_dh_params_init(&global_tls_dh_params);
GNUTLS_ERROR_EXIT(result, "gnutls_dh_params_init()");