root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/demos/tunala/buffer.c

206 lines
4.8 KiB
C
Raw Normal View History

This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
#include "tunala.h"
#ifndef NO_BUFFER
void buffer_init(buffer_t *buf)
{
buf->used = 0;
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_in = buf->total_out = 0;
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
}
void buffer_close(buffer_t *buf)
{
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
/* Our data is static - nothing needs "release", just reset it */
buf->used = 0;
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
}
/* Code these simple ones in compact form */
unsigned int buffer_used(buffer_t *buf) {
return buf->used; }
unsigned int buffer_unused(buffer_t *buf) {
return (MAX_DATA_SIZE - buf->used); }
int buffer_full(buffer_t *buf) {
return (buf->used == MAX_DATA_SIZE ? 1 : 0); }
int buffer_notfull(buffer_t *buf) {
return (buf->used < MAX_DATA_SIZE ? 1 : 0); }
int buffer_empty(buffer_t *buf) {
return (buf->used == 0 ? 1 : 0); }
int buffer_notempty(buffer_t *buf) {
return (buf->used > 0 ? 1 : 0); }
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
unsigned long buffer_total_in(buffer_t *buf) {
return buf->total_in; }
unsigned long buffer_total_out(buffer_t *buf) {
return buf->total_out; }
/* These 3 static (internal) functions don't adjust the "total" variables as
* it's not sure when they're called how it should be interpreted. Only the
* higher-level "buffer_[to|from]_[fd|SSL|BIO]" functions should alter these
* values. */
Re-order a couple of static functions and "#if 0" out unused ones - this gets rid of gcc warnings.
2001-02-12 10:30:19 +08:00
#if 0 /* To avoid "unused" warnings */
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
static unsigned int buffer_adddata(buffer_t *buf, const unsigned char *ptr,
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
unsigned int size)
{
unsigned int added = MAX_DATA_SIZE - buf->used;
if(added > size)
added = size;
if(added == 0)
return 0;
memcpy(buf->data + buf->used, ptr, added);
buf->used += added;
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_in += added;
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
return added;
}
Re-order a couple of static functions and "#if 0" out unused ones - this gets rid of gcc warnings.
2001-02-12 10:30:19 +08:00
static unsigned int buffer_tobuffer(buffer_t *to, buffer_t *from, int cap)
{
unsigned int moved, tomove = from->used;
if((int)tomove > cap)
tomove = cap;
if(tomove == 0)
return 0;
moved = buffer_adddata(to, from->data, tomove);
if(moved == 0)
return 0;
buffer_takedata(from, NULL, moved);
return moved;
}
#endif
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
static unsigned int buffer_takedata(buffer_t *buf, unsigned char *ptr,
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
unsigned int size)
{
unsigned int taken = buf->used;
if(taken > size)
taken = size;
if(taken == 0)
return 0;
if(ptr)
memcpy(ptr, buf->data, taken);
buf->used -= taken;
/* Do we have to scroll? */
if(buf->used > 0)
memmove(buf->data, buf->data + taken, buf->used);
return taken;
}
#ifndef NO_IP
int buffer_from_fd(buffer_t *buf, int fd)
{
- Network errors could pollute the buffers because -1 isn't noticed in an "unsigned int". - Remove redundant processing with machine->ssl is NULL. - Remove compiler warnings about uninitialised 'ctx' (it's not used uninitialised, but gcc can't see that).
2002-01-10 14:03:12 +08:00
int toread = buffer_unused(buf);
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
if(toread == 0)
/* Shouldn't be called in this case! */
abort();
toread = read(fd, buf->data + buf->used, toread);
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
if(toread > 0) {
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
buf->used += toread;
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_in += toread;
}
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
return toread;
}
int buffer_to_fd(buffer_t *buf, int fd)
{
- Network errors could pollute the buffers because -1 isn't noticed in an "unsigned int". - Remove redundant processing with machine->ssl is NULL. - Remove compiler warnings about uninitialised 'ctx' (it's not used uninitialised, but gcc can't see that).
2002-01-10 14:03:12 +08:00
int towrite = buffer_used(buf);
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
if(towrite == 0)
/* Shouldn't be called in this case! */
abort();
towrite = write(fd, buf->data, towrite);
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
if(towrite > 0) {
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
buffer_takedata(buf, NULL, towrite);
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_out += towrite;
}
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
return towrite;
}
#endif /* !defined(NO_IP) */
#ifndef NO_OPENSSL
Minor tweaks and improvements to the tunala demo. - Add "-cipher" and "-out_state" command line arguments to control SSL cipher-suites and handshake debug output respectively. - Implemented error handling for SSL handshakes that break down. This uses a cheat - storing a non-NULL pointer as "app_data" in the SSL structure when the SSL should be killed.
2000-11-29 07:27:23 +08:00
static void int_ssl_check(SSL *s, int ret)
{
int e = SSL_get_error(s, ret);
switch(e) {
/* These seem to be harmless and already "dealt with" by our
* non-blocking environment. NB: "ZERO_RETURN" is the clean
* "error" indicating a successfully closed SSL tunnel. We let
* this happen because our IO loop should not appear to have
* broken on this condition - and outside the IO loop, the
* "shutdown" state is checked. */
case SSL_ERROR_NONE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_X509_LOOKUP:
case SSL_ERROR_ZERO_RETURN:
return;
/* These seem to be indications of a genuine error that should
* result in the SSL tunnel being regarded as "dead". */
case SSL_ERROR_SYSCALL:
case SSL_ERROR_SSL:
SSL_set_app_data(s, (char *)1);
return;
default:
break;
}
/* For any other errors that (a) exist, and (b) crop up - we need to
* interpret what to do with them - so "politely inform" the caller that
* the code needs updating here. */
abort();
}
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
void buffer_from_SSL(buffer_t *buf, SSL *ssl)
{
int ret;
if(!ssl || buffer_full(buf))
return;
ret = SSL_read(ssl, buf->data + buf->used, buffer_unused(buf));
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
if(ret > 0) {
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
buf->used += ret;
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_in += ret;
}
Minor tweaks and improvements to the tunala demo. - Add "-cipher" and "-out_state" command line arguments to control SSL cipher-suites and handshake debug output respectively. - Implemented error handling for SSL handshakes that break down. This uses a cheat - storing a non-NULL pointer as "app_data" in the SSL structure when the SSL should be killed.
2000-11-29 07:27:23 +08:00
if(ret < 0)
int_ssl_check(ssl, ret);
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
}
void buffer_to_SSL(buffer_t *buf, SSL *ssl)
{
int ret;
if(!ssl || buffer_empty(buf))
return;
ret = SSL_write(ssl, buf->data, buf->used);
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
if(ret > 0) {
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
buffer_takedata(buf, NULL, ret);
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_out += ret;
}
Minor tweaks and improvements to the tunala demo. - Add "-cipher" and "-out_state" command line arguments to control SSL cipher-suites and handshake debug output respectively. - Implemented error handling for SSL handshakes that break down. This uses a cheat - storing a non-NULL pointer as "app_data" in the SSL structure when the SSL should be killed.
2000-11-29 07:27:23 +08:00
if(ret < 0)
int_ssl_check(ssl, ret);
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
}
void buffer_from_BIO(buffer_t *buf, BIO *bio)
{
int ret;
if(!bio || buffer_full(buf))
return;
ret = BIO_read(bio, buf->data + buf->used, buffer_unused(buf));
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
if(ret > 0) {
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
buf->used += ret;
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_in += ret;
}
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
}
void buffer_to_BIO(buffer_t *buf, BIO *bio)
{
int ret;
if(!bio || buffer_empty(buf))
return;
ret = BIO_write(bio, buf->data, buf->used);
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
if(ret > 0) {
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
buffer_takedata(buf, NULL, ret);
Some minor changes to the "tunala" demo. * Seal off some buffer functions so that only the higher-level IO functions are exposed. * Using the above change to buffer, add support to tunala for displaying traffic totals when a tunnel closes. Useful in debugging and analysis - you get to see the total encrypted traffic versus the total tunneled traffic. This shows not only how much expansion your data suffers from SSL (a lot if you send/receive a few bytes at a time), but also the overhead of SSL handshaking relative to the payload sent through the tunnel. This is controlled by the "-out_totals" switch to tunala. * Fix and tweak some bits in the README. Eg. sample output of "-out_totals" from a tunnel client when tunneling a brief "telnet" session. Tunnel closing, traffic stats follow SSL (network) traffic to/from server; 7305 bytes in, 3475 bytes out tunnelled data to/from server; 4295 bytes in, 186 bytes out
2000-12-21 03:30:19 +08:00
buf->total_out += ret;
}
This is a demo that performs SSL tunneling (client and/or server) and is built using an abstracted state machine with a non-blocking IP wrapper around it. README will follow in the next commit.
2000-11-02 07:11:19 +08:00
}
#endif /* !defined(NO_OPENSSL) */
#endif /* !defined(NO_BUFFER) */