Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-06-07 14:12:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixed report of failing connexion attempts/recepts. Cleaned the code a little bit

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@5550 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2012-09-14 21:04:16 +00:00
parent c7bf36da7a
commit 8cca9608f2
5 changed files with 116 additions and 116 deletions
Download patch file Download diff file Expand all files Collapse all files

97
libretroshare/src/pqi/authssl.cc
View file

@ -978,7 +978,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx)
std::string sslid ; std::string sslid ;
getX509id(x509,sslid); getX509id(x509,sslid);
AuthSSL::getAuthSSL()->registerConnexionAttempt_ids(gpgid,sslid,sslcn) ; AuthSSL::getAuthSSL()->setCurrentConnectionAttemptInfo(gpgid,sslid,sslcn) ;
} }
return verify; return verify;
@ -1289,100 +1289,61 @@ bool AuthSSLimpl::decrypt(void *&out, int &outlen, const void *in, int inlen)
/********************************************************************************/ /********************************************************************************/
/********************************************************************************/ /********************************************************************************/
void AuthSSLimpl::registerConnexionAttempt_ids(const std::string& gpg_id,const std::string& ssl_id,const std::string& ssl_cn) void AuthSSLimpl::setCurrentConnectionAttemptInfo(const std::string& gpg_id,const std::string& ssl_id,const std::string& ssl_cn)
{ {
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL: registering connexion attempt from:" << std::endl; std::cerr << "AuthSSL: registering connexion attempt from:" << std::endl;
std::cerr << " GPG id: " << gpg_id << std::endl; std::cerr << " GPG id: " << gpg_id << std::endl;
std::cerr << " SSL id: " << ssl_id << std::endl; std::cerr << " SSL id: " << ssl_id << std::endl;
std::cerr << " SSL cn: " << ssl_cn << std::endl; std::cerr << " SSL cn: " << ssl_cn << std::endl;
#endif
_last_gpgid_to_connect = gpg_id ; _last_gpgid_to_connect = gpg_id ;
_last_sslid_to_connect = ssl_id ; _last_sslid_to_connect = ssl_id ;
_last_sslcn_to_connect = ssl_cn ; _last_sslcn_to_connect = ssl_cn ;
} }
void AuthSSLimpl::getCurrentConnectionAttemptInfo(std::string& gpg_id,std::string& ssl_id,std::string& ssl_cn)
{
gpg_id = _last_gpgid_to_connect ;
ssl_id = _last_sslid_to_connect ;
ssl_cn = _last_sslcn_to_connect ;
}
/* store for discovery */ /* store for discovery */
bool AuthSSLimpl::FailedCertificate(X509 *x509, const struct sockaddr_in& addr, bool incoming) bool AuthSSLimpl::FailedCertificate(X509 *x509, const std::string& gpgid,
const std::string& sslid,
const std::string& sslcn,
const struct sockaddr_in& addr,
bool incoming)
{ {
std::string gpgid = "Unknown GPG Id" ; std::string ip_address ;
std::string sslcn = "Unknown SSL location" ; rs_sprintf_append(ip_address, "%s:%u", rs_inet_ntoa(addr.sin_addr).c_str(), ntohs(addr.sin_port));
std::string sslid = "Unknown SSL Id" ;
if(x509 != NULL) bool authed = (x509 != NULL && AuthX509WithGPG(x509)) ;
{
if(!getX509id(x509, sslid))
{
std::cerr << "AuthSSLimpl::FailedCertificate() ERROR cannot extract X509id from certificate";
std::cerr << std::endl;
}
gpgid = getX509CNString(x509->cert_info->issuer); if(authed)
sslcn = getX509CNString(x509->cert_info->subject); LocalStoreCert(x509);
}
else if(incoming)
{
gpgid = _last_gpgid_to_connect ;
sslcn = _last_sslcn_to_connect ;
sslid = _last_sslid_to_connect ;
}
std::cerr << "AuthSSLimpl::FailedCertificate() "; std::cerr << "AuthSSLimpl::FailedCertificate() ";
if (incoming) if (incoming)
{ {
getPqiNotify()->AddPopupMessage(RS_POPUP_CONNECT_ATTEMPT, gpgid, sslcn, sslid);
getPqiNotify()->AddFeedItem(RS_FEED_ITEM_SEC_CONNECT_ATTEMPT, gpgid, sslid, sslcn, ip_address);
std::cerr << " Incoming from: "; std::cerr << " Incoming from: ";
} }
else else
{ {
if(authed)
getPqiNotify()->AddFeedItem(RS_FEED_ITEM_SEC_AUTH_DENIED, gpgid, sslid, sslcn, ip_address);
else
getPqiNotify()->AddFeedItem(RS_FEED_ITEM_SEC_UNKNOWN_OUT, gpgid, sslid, sslcn, ip_address);
std::cerr << " Outgoing to: "; std::cerr << " Outgoing to: ";
} }
// Hacky - adding IpAddress to SSLId.
std::string ip_address ;
rs_sprintf_append(ip_address, "%s:%u", rs_inet_ntoa(addr.sin_addr).c_str(), ntohs(addr.sin_port));
std::cerr << "GpgId: " << gpgid << " SSLcn: " << sslcn << " peerId: " << sslid << ", ip address: " << ip_address; std::cerr << "GpgId: " << gpgid << " SSLcn: " << sslcn << " peerId: " << sslid << ", ip address: " << ip_address;
std::cerr << std::endl; std::cerr << std::endl;
uint32_t notifyType = 0;
/* if auths -> store */
if(x509 != NULL && AuthX509WithGPG(x509))
{
std::cerr << "AuthSSLimpl::FailedCertificate() Cert Checked Out, so passing to Notify";
std::cerr << std::endl;
if (incoming)
{
notifyType = RS_FEED_ITEM_SEC_CONNECT_ATTEMPT;
getPqiNotify()->AddPopupMessage(RS_POPUP_CONNECT_ATTEMPT, gpgid, sslcn, sslid);
}
else
{
notifyType = RS_FEED_ITEM_SEC_AUTH_DENIED;
}
getPqiNotify()->AddFeedItem(notifyType, gpgid, sslid, sslcn, ip_address);
LocalStoreCert(x509);
return true;
}
else
{
/* unknown peer! */
if (incoming)
{
notifyType = RS_FEED_ITEM_SEC_CONNECT_ATTEMPT;
getPqiNotify()->AddPopupMessage(RS_POPUP_CONNECT_ATTEMPT, gpgid, sslcn, sslid);
}
else
{
notifyType = RS_FEED_ITEM_SEC_UNKNOWN_OUT;
}
getPqiNotify()->AddFeedItem(notifyType, gpgid, sslid, sslcn, ip_address);
}
return false; return false;
} }

11
libretroshare/src/pqi/authssl.h
View file

@ -152,8 +152,10 @@ virtual bool ValidateCertificate(X509 *x509, std::string &peerId) = 0; /* valid
virtual SSL_CTX *getCTX() = 0; virtual SSL_CTX *getCTX() = 0;
/* Restored these functions: */ /* Restored these functions: */
virtual void registerConnexionAttempt_ids(const std::string& gpg_id,const std::string& ssl_id,const std::string& ssl_cn) = 0 ; virtual void setCurrentConnectionAttemptInfo(const std::string& gpg_id,const std::string& ssl_id,const std::string& ssl_cn) = 0 ;
virtual bool FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming) = 0; /* store for discovery */ virtual void getCurrentConnectionAttemptInfo( std::string& gpg_id, std::string& ssl_id, std::string& ssl_cn) = 0 ;
virtual bool FailedCertificate(X509 *x509, const std::string& gpgid,const std::string& sslid,const std::string& sslcn,const struct sockaddr_in &addr, bool incoming) = 0; /* store for discovery */
virtual bool CheckCertificate(std::string peerId, X509 *x509) = 0; /* check that they are exact match */ virtual bool CheckCertificate(std::string peerId, X509 *x509) = 0; /* check that they are exact match */
}; };
@ -227,8 +229,9 @@ virtual bool ValidateCertificate(X509 *x509, std::string &peerId); /* validate
virtual SSL_CTX *getCTX(); virtual SSL_CTX *getCTX();
/* Restored these functions: */ /* Restored these functions: */
virtual void registerConnexionAttempt_ids(const std::string& gpg_id,const std::string& ssl_id,const std::string& ssl_cn) ; virtual void setCurrentConnectionAttemptInfo(const std::string& gpg_id,const std::string& ssl_id,const std::string& ssl_cn) ;
virtual bool FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming); /* store for discovery */ virtual void getCurrentConnectionAttemptInfo( std::string& gpg_id, std::string& ssl_id, std::string& ssl_cn) ;
virtual bool FailedCertificate(X509 *x509, const std::string& gpgid,const std::string& sslid,const std::string& sslcn,const struct sockaddr_in &addr, bool incoming); /* store for discovery */
virtual bool CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */ virtual bool CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */

9
libretroshare/src/pqi/pqissl.cc
View file

@ -1143,7 +1143,14 @@ int pqissl::Extract_Failed_SSL_Certificate()
// we actually connected to remote_addr, // we actually connected to remote_addr,
// which could be // which could be
// (pqissl's case) sslcert->serveraddr or sslcert->localaddr. // (pqissl's case) sslcert->serveraddr or sslcert->localaddr.
AuthSSL::getAuthSSL()->FailedCertificate(peercert, remote_addr, false);
std::string sslid ;
getX509id(peercert, sslid) ;
std::string gpgid = getX509CNString(peercert->cert_info->issuer);
std::string sslcn = getX509CNString(peercert->cert_info->subject);
AuthSSL::getAuthSSL()->FailedCertificate(peercert, gpgid,sslid,sslcn,remote_addr, false);
return 1; return 1;
} }

94
libretroshare/src/pqi/pqissllistener.cc
View file

@ -363,26 +363,43 @@ int pqissllistenbase::acceptconnection()
// Negotiate certificates. SSL stylee. // Negotiate certificates. SSL stylee.
// Allow negotiations for secure transaction. // Allow negotiations for secure transaction.
SSL *ssl = SSL_new(AuthSSL::getAuthSSL() -> getCTX()); IncomingSSLInfo incoming_connexion_info ;
SSL_set_fd(ssl, fd);
return continueSSL(ssl, remote_addr, true); // continue and save if incomplete. incoming_connexion_info.ssl = SSL_new(AuthSSL::getAuthSSL() -> getCTX());
incoming_connexion_info.addr = remote_addr ;
incoming_connexion_info.gpgid = "" ;
incoming_connexion_info.sslid = "" ;
incoming_connexion_info.sslcn = "" ;
SSL_set_fd(incoming_connexion_info.ssl, fd);
return continueSSL(incoming_connexion_info, true); // continue and save if incomplete.
} }
int pqissllistenbase::continueSSL(SSL *ssl, struct sockaddr_in remote_addr, bool addin) int pqissllistenbase::continueSSL(IncomingSSLInfo& incoming_connexion_info, bool addin)
{ {
// attempt the accept again. // attempt the accept again.
int fd = SSL_get_fd(ssl); int fd = SSL_get_fd(incoming_connexion_info.ssl);
int err = SSL_accept(ssl);
// clear the connexion info that will be filled in by the callback.
//
AuthSSL::getAuthSSL()->setCurrentConnectionAttemptInfo(std::string(),std::string(),std::string()) ;
int err = SSL_accept(incoming_connexion_info.ssl);
// No grab the connexion info that was filled in by the callback.
//
AuthSSL::getAuthSSL()->getCurrentConnectionAttemptInfo(incoming_connexion_info.gpgid,incoming_connexion_info.sslid,incoming_connexion_info.sslcn) ;
if (err <= 0) if (err <= 0)
{ {
int ssl_err = SSL_get_error(ssl, err); int ssl_err = SSL_get_error(incoming_connexion_info.ssl, err);
int err_err = ERR_get_error(); int err_err = ERR_get_error();
{ {
std::string out; std::string out;
rs_sprintf(out, "pqissllistenbase::continueSSL() Issues with SSL Accept(%d)!\n", err); rs_sprintf(out, "pqissllistenbase::continueSSL() Issues with SSL Accept(%d)!\n", err);
printSSLError(ssl, err, ssl_err, err_err, out); printSSLError(incoming_connexion_info.ssl, err, ssl_err, err_err, out);
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, out); pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, out);
} }
@ -396,7 +413,7 @@ int pqissllistenbase::continueSSL(SSL *ssl, struct sockaddr_in remote_addr, bool
out += "pqissllistenbase::continueSSL() Adding SSL to incoming!"; out += "pqissllistenbase::continueSSL() Adding SSL to incoming!";
// add to incomingqueue. // add to incomingqueue.
incoming_ssl[ssl] = remote_addr; incoming_ssl.push_back(incoming_connexion_info) ;
} }
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, out); pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, out);
@ -406,9 +423,9 @@ int pqissllistenbase::continueSSL(SSL *ssl, struct sockaddr_in remote_addr, bool
} }
/* we have failed -> get certificate if possible */ /* we have failed -> get certificate if possible */
Extract_Failed_SSL_Certificate(ssl, &remote_addr); Extract_Failed_SSL_Certificate(incoming_connexion_info);
closeConnection(fd, ssl); closeConnection(fd, incoming_connexion_info.ssl) ;
pqioutput(PQL_WARNING, pqissllistenzone, "Read Error on the SSL Socket\nShutting it down!"); pqioutput(PQL_WARNING, pqissllistenzone, "Read Error on the SSL Socket\nShutting it down!");
@ -417,7 +434,7 @@ int pqissllistenbase::continueSSL(SSL *ssl, struct sockaddr_in remote_addr, bool
} }
// if it succeeds // if it succeeds
if (0 < completeConnection(fd, ssl, remote_addr)) if (0 < completeConnection(fd, incoming_connexion_info))
{ {
return 1; return 1;
} }
@ -426,7 +443,7 @@ int pqissllistenbase::continueSSL(SSL *ssl, struct sockaddr_in remote_addr, bool
pqioutput(PQL_WARNING, pqissllistenzone, pqioutput(PQL_WARNING, pqissllistenzone,
"pqissllistenbase::completeConnection() Failed!"); "pqissllistenbase::completeConnection() Failed!");
closeConnection(fd, ssl); closeConnection(fd, incoming_connexion_info.ssl) ;
pqioutput(PQL_WARNING, pqissllistenzone, "Shutting it down!"); pqioutput(PQL_WARNING, pqissllistenzone, "Shutting it down!");
@ -461,23 +478,29 @@ int pqissllistenbase::closeConnection(int fd, SSL *ssl)
int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in *addr) int pqissllistenbase::Extract_Failed_SSL_Certificate(const IncomingSSLInfo& info)
{ {
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, "pqissllistenbase::Extract_Failed_SSL_Certificate()");
"pqissllistenbase::Extract_Failed_SSL_Certificate()");
std::cerr << "pqissllistenbase::Extract_Failed_SSL_Certificate() FAILED CONNECTION due to security!"; std::cerr << "pqissllistenbase::Extract_Failed_SSL_Certificate() FAILED CONNECTION due to security!";
std::cerr << std::endl; std::cerr << std::endl;
// Get the Peer Certificate.... // Get the Peer Certificate....
X509 *peercert = SSL_get_peer_certificate(ssl); X509 *peercert = SSL_get_peer_certificate(info.ssl);
std::cerr << "Extract_Failed_SSL_Certificate: " << std::endl;
std::cerr << " SSL = " << (void*)info.ssl << std::endl;
std::cerr << " GPG id = " << info.gpgid << std::endl;
std::cerr << " SSL id = " << info.sslid << std::endl;
std::cerr << " SSL cn = " << info.sslcn << std::endl;
std::cerr << " addr+p = " << rs_inet_ntoa(info.addr.sin_addr) << ":" << ntohs(info.addr.sin_port) << std::endl;
if (peercert == NULL) if (peercert == NULL)
{ {
std::string out; std::string out;
rs_sprintf(out, "pqissllistenbase::Extract_Failed_SSL_Certificate() from: %s:%u ERROR Peer didn't give Cert!", rs_inet_ntoa(addr->sin_addr).c_str(), ntohs(addr->sin_port)); rs_sprintf(out, "pqissllistenbase::Extract_Failed_SSL_Certificate() from: %s:%u ERROR Peer didn't give Cert!", rs_inet_ntoa(info.addr.sin_addr).c_str(), ntohs(info.addr.sin_port));
std::cerr << out << std::endl; std::cerr << out << std::endl;
AuthSSL::getAuthSSL()->FailedCertificate(peercert, *addr, true); AuthSSL::getAuthSSL()->FailedCertificate(peercert, info.gpgid,info.sslid,info.sslcn,info.addr, true);
pqioutput(PQL_WARNING, pqissllistenzone, out); pqioutput(PQL_WARNING, pqissllistenzone, out);
return -1; return -1;
@ -488,7 +511,7 @@ int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_
{ {
std::string out; std::string out;
rs_sprintf(out, "pqissllistenbase::Extract_Failed_SSL_Certificate() from: %s:%u Passing Cert to AuthSSL() for analysis", rs_inet_ntoa(addr->sin_addr).c_str(), ntohs(addr->sin_port)); rs_sprintf(out, "pqissllistenbase::Extract_Failed_SSL_Certificate() from: %s:%u Passing Cert to AuthSSL() for analysis", rs_inet_ntoa(info.addr.sin_addr).c_str(), ntohs(info.addr.sin_port));
std::cerr << out << std::endl; std::cerr << out << std::endl;
pqioutput(PQL_WARNING, pqissllistenzone, out); pqioutput(PQL_WARNING, pqissllistenzone, out);
@ -497,7 +520,7 @@ int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_
// save certificate... (and ip locations) // save certificate... (and ip locations)
// false for outgoing.... // false for outgoing....
AuthSSL::getAuthSSL()->FailedCertificate(peercert, *addr, true); AuthSSL::getAuthSSL()->FailedCertificate(peercert, info.gpgid,info.sslid,info.sslcn,info.addr, true);
return 1; return 1;
} }
@ -507,25 +530,22 @@ int pqissllistenbase::continueaccepts()
{ {
// for each of the incoming sockets.... call continue. // for each of the incoming sockets.... call continue.
std::map<SSL *, struct sockaddr_in>::iterator it, itd;
for(it = incoming_ssl.begin(); it != incoming_ssl.end();) for(std::list<IncomingSSLInfo>::iterator it = incoming_ssl.begin(); it != incoming_ssl.end();)
{ {
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, "pqissllistenbase::continueaccepts() Continuing SSL");
"pqissllistenbase::continueaccepts() Continuing SSL");
if (0 != continueSSL(it->first, it->second, false)) if (0 != continueSSL( *it, false))
{ {
pqioutput(PQL_DEBUG_ALERT, pqissllistenzone, pqioutput(PQL_DEBUG_ALERT, pqissllistenzone,
"pqissllistenbase::continueaccepts() SSL Complete/Dead!"); "pqissllistenbase::continueaccepts() SSL Complete/Dead!");
/* save and increment -> so we can delete */ /* save and increment -> so we can delete */
itd = it++; std::list<IncomingSSLInfo>::iterator itd = it++;
incoming_ssl.erase(itd); incoming_ssl.erase(itd);
} }
else else
{
it++; it++;
}
} }
return 1; return 1;
} }
@ -720,11 +740,11 @@ int pqissllistener::status()
return 1; return 1;
} }
int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &remote_addr) int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info)
{ {
// Get the Peer Certificate.... // Get the Peer Certificate....
X509 *peercert = SSL_get_peer_certificate(ssl); X509 *peercert = SSL_get_peer_certificate(info.ssl);
if (peercert == NULL) if (peercert == NULL)
{ {
@ -786,7 +806,7 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
if (found == false) if (found == false)
{ {
std::string out = "No Matching Certificate for Connection:" + rs_inet_ntoa(remote_addr.sin_addr) +"\npqissllistenbase: Will shut it down!"; std::string out = "No Matching Certificate for Connection:" + rs_inet_ntoa(info.addr.sin_addr) +"\npqissllistenbase: Will shut it down!";
pqioutput(PQL_WARNING, pqissllistenzone, out); pqioutput(PQL_WARNING, pqissllistenzone, out);
// but as it passed the authentication step, // but as it passed the authentication step,
@ -808,15 +828,15 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
// Pushback into Accepted List. // Pushback into Accepted List.
AcceptedSSL as; AcceptedSSL as;
as.mFd = fd; as.mFd = fd;
as.mSSL = ssl; as.mSSL = info.ssl;
as.mPeerId = newPeerId; as.mPeerId = newPeerId;
as.mAddr = remote_addr; as.mAddr = info.addr;
as.mAcceptTS = time(NULL); as.mAcceptTS = time(NULL);
accepted_ssl.push_back(as); accepted_ssl.push_back(as);
std::string out = "pqissllistener::completeConnection() Successful Connection with: " + newPeerId; std::string out = "pqissllistener::completeConnection() Successful Connection with: " + newPeerId;
out += " for Connection:" + rs_inet_ntoa(remote_addr.sin_addr) + " Adding to WAIT-ACCEPT Queue"; out += " for Connection:" + rs_inet_ntoa(info.addr.sin_addr) + " Adding to WAIT-ACCEPT Queue";
pqioutput(PQL_WARNING, pqissllistenzone, out); pqioutput(PQL_WARNING, pqissllistenzone, out);
return 1; return 1;

21
libretroshare/src/pqi/pqissllistener.h
View file

@ -85,11 +85,21 @@ int acceptconnection();
int continueaccepts(); int continueaccepts();
int finaliseAccepts(); int finaliseAccepts();
int continueSSL(SSL *ssl, struct sockaddr_in remote_addr, bool); struct IncomingSSLInfo
{
SSL *ssl ;
sockaddr_in addr ;
std::string gpgid ;
std::string sslid ;
std::string sslcn ;
};
// fn to get cert, anyway
int continueSSL(IncomingSSLInfo&, bool);
int closeConnection(int fd, SSL *ssl); int closeConnection(int fd, SSL *ssl);
int isSSLActive(int fd, SSL *ssl); int isSSLActive(int fd, SSL *ssl);
virtual int completeConnection(int sockfd, SSL *in_connection, struct sockaddr_in &raddr) = 0; virtual int completeConnection(int sockfd, IncomingSSLInfo&) = 0;
virtual int finaliseConnection(int fd, SSL *ssl, std::string peerId, struct sockaddr_in &raddr) = 0; virtual int finaliseConnection(int fd, SSL *ssl, std::string peerId, struct sockaddr_in &raddr) = 0;
protected: protected:
@ -98,13 +108,12 @@ virtual int finaliseConnection(int fd, SSL *ssl, std::string peerId, struct sock
private: private:
// fn to get cert, anyway int Extract_Failed_SSL_Certificate(const IncomingSSLInfo&);
int Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in *inaddr);
bool active; bool active;
int lsock; int lsock;
std::map<SSL *, struct sockaddr_in> incoming_ssl; std::list<IncomingSSLInfo> incoming_ssl ;
protected: protected:
@ -126,7 +135,7 @@ int removeListenPort(std::string id);
//virtual int tick(); //virtual int tick();
virtual int status(); virtual int status();
virtual int completeConnection(int sockfd, SSL *in_connection, struct sockaddr_in &raddr); virtual int completeConnection(int sockfd, IncomingSSLInfo&);
virtual int finaliseConnection(int fd, SSL *ssl, std::string peerId, struct sockaddr_in &raddr); virtual int finaliseConnection(int fd, SSL *ssl, std::string peerId, struct sockaddr_in &raddr);
private: private: