diff --git a/contrib/epee/include/net/net_helper.h b/contrib/epee/include/net/net_helper.h index f59f94a1..bb6bbcc2 100644 --- a/contrib/epee/include/net/net_helper.h +++ b/contrib/epee/include/net/net_helper.h @@ -48,6 +48,7 @@ #include "misc_helpers.h" //#include "profile_tools.h" #include "../string_tools.h" + #ifndef MAKE_IP #define MAKE_IP( a1, a2, a3, a4 ) (a1|(a2<<8)|(a3<<16)|(a4<<24)) #endif @@ -57,37 +58,6 @@ namespace epee { namespace net_utils { - -#ifdef _WIN32 - // https://stackoverflow.com/questions/40307541 - #include - static void add_windows_root_certs(boost::asio::ssl::context& ctx) noexcept - { - HCERTSTORE hStore = CertOpenSystemStore(0, "ROOT"); - if (hStore == NULL) { - return; - } - - X509_STORE *store = X509_STORE_new(); - PCCERT_CONTEXT pContext = NULL; - while ((pContext = CertEnumCertificatesInStore(hStore, pContext)) != NULL) { - // convert from DER to internal format - X509 *x509 = d2i_X509(NULL, - (const unsigned char **)&pContext->pbCertEncoded, - pContext->cbCertEncoded); - if(x509 != NULL) { - X509_STORE_add_cert(store, x509); - X509_free(x509); - } - } - - CertFreeCertificateContext(pContext); - CertCloseStore(hStore, 0); - - // attach X509_STORE to boost ssl context - SSL_CTX_set_cert_store(ctx.native_handle(), store); - } -#endif template struct socket_backend; @@ -100,12 +70,11 @@ namespace epee { // Create a context that uses the default paths for // finding CA certificates. -#ifdef _WIN32 - add_windows_root_certs(m_ssl_context); -#else m_ssl_context.set_default_verify_paths(); -#endif - m_ssl_context.set_verify_mode(boost::asio::ssl::verify_peer); + /*m_socket.set_verify_mode(boost::asio::ssl::verify_peer); + m_socket.set_verify_callback( + boost::bind(&socket_backend::verify_certificate, this, _1, _2));*/ + } /* @@ -132,21 +101,7 @@ namespace epee void set_domain(const std::string& domain_name) { - SSL* ssl = m_socket.native_handle(); - - SSL_set_tlsext_host_name(ssl, domain_name.c_str()); -#if BOOST_VERSION >= 107300 - m_socket.set_verify_callback(boost::asio::ssl::host_name_verification(domain_name)); -#else - m_socket.set_verify_callback(boost::asio::ssl::rfc2818_verification(domain_name)); -#endif - - X509_VERIFY_PARAM* param = SSL_get0_param(ssl); - X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); - if (X509_VERIFY_PARAM_set1_host(param, domain_name.c_str(), 0) != 1) - { - LOG_PRINT_L0("Failed to set expected hostname: " << domain_name); - } + SSL_set_tlsext_host_name(m_socket.native_handle(), domain_name.c_str()); } boost::asio::ip::tcp::socket& get_socket() @@ -159,27 +114,11 @@ namespace epee return m_socket; } - bool on_after_connect() + void on_after_connect() { LOG_PRINT_L2("SSL Handshake...."); - m_socket.set_verify_mode(boost::asio::ssl::verify_peer); - - boost::system::error_code ec; - m_socket.handshake(boost::asio::ssl::stream_base::client, ec); - - if (ec) - { - long vr = SSL_get_verify_result(m_socket.native_handle()); - LOG_PRINT_L0("TLS Handshake failed: " << ec.message() << " (verify: " << X509_verify_cert_error_string(vr) << ")"); - ERR_clear_error(); - boost::system::error_code ignored; - m_socket.lowest_layer().shutdown(boost::asio::ip::tcp::socket::shutdown_both, ignored); - m_socket.lowest_layer().close(ignored); - return false; - } - + m_socket.handshake(boost::asio::ssl::stream_base::client); LOG_PRINT_L2("SSL Handshake OK"); - return true; } private: @@ -208,9 +147,9 @@ namespace epee return m_socket; } - bool on_after_connect() + void on_after_connect() { - return true; + } void reset() @@ -243,7 +182,7 @@ namespace epee return m_pbackend->get_stream(); } - bool on_after_connect() + void on_after_connect() { return m_pbackend->on_after_connect(); } @@ -382,16 +321,13 @@ namespace epee { m_io_service.run_one(); } + if (!ec && m_sct_back.get_socket().is_open()) { - if (!m_sct_back.on_after_connect()) - { - return false; - } - - m_connected = true; + m_sct_back.on_after_connect(); + m_connected = true; m_deadline.expires_at(boost::posix_time::pos_infin); - LOG_PRINT_L1("TLS connected OK: " << addr << ":" << port); + LOG_PRINT_L1("Connected OK: " << addr << ":" << port); return true; } else diff --git a/tests/performance_tests/main.cpp b/tests/performance_tests/main.cpp index 023c6025..521ec083 100644 --- a/tests/performance_tests/main.cpp +++ b/tests/performance_tests/main.cpp @@ -74,8 +74,7 @@ void test_plain_wallet() { //std::string res = plain_wallet::init("195.201.107.230", "33340", "C:\\Users\\roky\\home\\", 0); //std::string res = plain_wallet::init("", "", "C:\\Users\\roky\\home\\", 0); - // std::string res = plain_wallet::init("https://195.201.107.230", "443", "C:\\git_repos\\zano\\build_msvc2022_64\\src\\Debug\\", LOG_LEVEL_2); - std::string res = plain_wallet::init("https://node.zano.org", "443", "C:\\git_repos\\zano\\build_msvc2022_64\\src\\Debug\\", LOG_LEVEL_2); + std::string res = plain_wallet::init("https://node.zano.org", "443", "C:\\Users\\roky\\home\\", LOG_LEVEL_2); //std::string res = plain_wallet::init("127.0.0.1", "12111", "C:\\Users\\roky\\home22\\", 0); plain_wallet::configure_object conf = AUTO_VAL_INIT(conf); @@ -229,16 +228,16 @@ void multithread_test_of_get_coinbase_hash_cached() int main(int argc, char** argv) { epee::string_tools::set_module_name_and_folder(argv[0]); - epee::log_space::get_set_log_detalisation_level(true, LOG_LEVEL_3); - epee::log_space::log_singletone::add_logger(LOGGER_CONSOLE, NULL, NULL, LOG_LEVEL_3); + epee::log_space::get_set_log_detalisation_level(true, LOG_LEVEL_2); + epee::log_space::log_singletone::add_logger(LOGGER_CONSOLE, NULL, NULL, LOG_LEVEL_2); //epee::log_space::log_singletone::add_logger(LOGGER_FILE, // epee::log_space::log_singletone::get_default_log_file().c_str(), // epee::log_space::log_singletone::get_default_log_folder().c_str()); - //multithread_test_of_get_coinbase_hash_cached(); + multithread_test_of_get_coinbase_hash_cached(); //test_tx_json_serialization(); //test_base64_serialization(); - test_plain_wallet(); + //test_plain_wallet(); //parse_weird_tx(); //thread_pool_tests();