Remove duplicates

config/60-kromek-radangel.rules

@@ -1 +0,0 @@
-SUBSYSTEM=="usb", ATTR{idVendor}=="04d8", ATTR{idProduct}=="0100", MODE="0666"

config/nginx-default-datasrc-location.conf

@@ -1,123 +0,0 @@
-##
-# You should look at the following URL's in order to grasp a solid understanding
-# of Nginx configuration files in order to fully unleash the power of Nginx.
-# https://www.nginx.com/resources/wiki/start/
-# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
-# https://wiki.debian.org/Nginx/DirectoryStructure
-#
-# In most cases, administrators will remove this file from sites-enabled/ and
-# leave it as reference inside of sites-available where it will continue to be
-# updated by the nginx packaging team.
-#
-# This file will automatically load configuration files provided by other
-# applications, such as Drupal or Wordpress. These applications will be made
-# available underneath a path with that package name, such as /drupal8.
-#
-# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
-##
-
-# Default server configuration
-#
-server {
-	listen 80 default_server;
-	listen [::]:80 default_server;
-
-	# SSL configuration
-	#
-	# listen 443 ssl default_server;
-	# listen [::]:443 ssl default_server;
-	#
-	# Note: You should disable gzip for SSL traffic.
-	# See: https://bugs.debian.org/773332
-	#
-	# Read up on ssl_ciphers to ensure a secure configuration.
-	# See: https://bugs.debian.org/765782
-	#
-	# Self signed certs generated by the ssl-cert package
-	# Don't use them in a production server!
-	#
-	# include snippets/snakeoil.conf;
-
-	root /var/www/html;
-
-	# Add index.php to the list if you are using PHP
-	index index.html index.htm index.nginx-debian.html;
-
-	server_name _;
-
-	location / {
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-	}
-
-	# pass PHP scripts to FastCGI server
-	#
-	#location ~ \.php$ {
-	#	include snippets/fastcgi-php.conf;
-	#
-	#	# With php-fpm (or other unix sockets):
-	#	fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
-	#	# With php-cgi (or other tcp sockets):
-	#	fastcgi_pass 127.0.0.1:9000;
-	#}
-
-	# deny access to .htaccess files, if Apache's document root
-	# concurs with nginx's one
-	#
-	#location ~ /\.ht {
-	#	deny all;
-	#}
-
-    ## <DATASRC> ##
-
-    location /data/hist.tsv {
-        alias /tmp/stats.tsv;
-    }
-
-    location /data/stream.tsv { 
-        alias /tmp/event.tsv;
-    }
-
-    location /data/stream.ws {
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade         $http_upgrade;
-        proxy_set_header Connection      "upgrade";
-
-        proxy_set_header Host            $host; # $http_host;
-        proxy_set_header X-Real-IP       $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-NginX-Proxy   true;
-
-        proxy_read_timeout 3600;
-        proxy_buffering off;
-        tcp_nodelay on;
-
-        error_page 502 = /data/stream.tsv; # serve http for non-ws clients
-
-        proxy_pass http://127.0.0.1:5800/websockify;
-    }
-
-    ## </DATASRC> ##
-
-}
-
-
-# Virtual Host configuration for example.com
-#
-# You can move that to a different file under sites-available/ and symlink that
-# to sites-enabled/ to enable it.
-#
-#server {
-#	listen 80;
-#	listen [::]:80;
-#
-#	server_name example.com;
-#
-#	root /var/www/example.com;
-#	index index.html;
-#
-#	location / {
-#		try_files $uri $uri/ =404;
-#	}
-#}

src/contrib/Makefile

@@ -1,14 +0,0 @@
-TARGETS=websockify
-CFLAGS += -fPIC
-
-all: $(TARGETS)
-
-websockify: websockify.o websocket.o
-	$(CC) $(LDFLAGS) $^ -lssl -lcrypto -o $@
-
-websocket.o: websocket.c websocket.h
-websockify.o: websockify.c websocket.h
-
-clean:
-	rm -f websockify *.o
-

src/contrib/websocket.c

@@ -1,914 +0,0 @@
-/*
- * WebSocket lib with support for "wss://" encryption.
- * Copyright 2010 Joel Martin
- * Licensed under LGPL version 3 (see docs/LICENSE.LGPL-3)
- *
- * You can make a cert/key with openssl using:
- * openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
- * as taken from http://docs.python.org/dev/library/ssl.html#certificates
- */
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <string.h>
-#include <sys/types.h> 
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-#include <signal.h> // daemonizing
-#include <fcntl.h>  // daemonizing
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-#include <openssl/bio.h> /* base64 encode/decode */
-#include <openssl/md5.h> /* md5 hash */
-#include <openssl/sha.h> /* sha1 hash */
-#include "websocket.h"
-
-/*
- * Global state
- *
- *   Warning: not thread safe
- */
-int ssl_initialized = 0;
-int pipe_error = 0;
-settings_t settings;
-
-
-void traffic(const char * token) {
-    if ((settings.verbose) && (! settings.daemon)) {
-        fprintf(stdout, "%s", token);
-        fflush(stdout);
-    }
-}
-
-void error(char *msg)
-{
-    perror(msg);
-}
-
-void fatal(char *msg)
-{
-    perror(msg);
-    exit(1);
-}
-
-/* resolve host with also IP address parsing */ 
-int resolve_host(struct in_addr *sin_addr, const char *hostname) 
-{ 
-    if (!inet_aton(hostname, sin_addr)) { 
-        struct addrinfo *ai, *cur; 
-        struct addrinfo hints; 
-        memset(&hints, 0, sizeof(hints)); 
-        hints.ai_family = AF_INET; 
-        if (getaddrinfo(hostname, NULL, &hints, &ai)) 
-            return -1; 
-        for (cur = ai; cur; cur = cur->ai_next) { 
-            if (cur->ai_family == AF_INET) { 
-                *sin_addr = ((struct sockaddr_in *)cur->ai_addr)->sin_addr; 
-                freeaddrinfo(ai); 
-                return 0; 
-            } 
-        } 
-        freeaddrinfo(ai); 
-        return -1; 
-    } 
-    return 0; 
-} 
-
-
-/*
- * SSL Wrapper Code
- */
-
-ssize_t ws_recv(ws_ctx_t *ctx, void *buf, size_t len) {
-    if (ctx->ssl) {
-        //handler_msg("SSL recv\n");
-        return SSL_read(ctx->ssl, buf, len);
-    } else {
-        return recv(ctx->sockfd, buf, len, 0);
-    }
-}
-
-ssize_t ws_send(ws_ctx_t *ctx, const void *buf, size_t len) {
-    if (ctx->ssl) {
-        //handler_msg("SSL send\n");
-        return SSL_write(ctx->ssl, buf, len);
-    } else {
-        return send(ctx->sockfd, buf, len, 0);
-    }
-}
-
-ws_ctx_t *alloc_ws_ctx() {
-    ws_ctx_t *ctx;
-    if (! (ctx = malloc(sizeof(ws_ctx_t))) )
-        { fatal("malloc()"); }
-
-    if (! (ctx->cin_buf = malloc(BUFSIZE)) )
-        { fatal("malloc of cin_buf"); }
-    if (! (ctx->cout_buf = malloc(BUFSIZE)) )
-        { fatal("malloc of cout_buf"); }
-    if (! (ctx->tin_buf = malloc(BUFSIZE)) )
-        { fatal("malloc of tin_buf"); }
-    if (! (ctx->tout_buf = malloc(BUFSIZE)) )
-        { fatal("malloc of tout_buf"); }
-
-    ctx->headers = malloc(sizeof(headers_t));
-    ctx->ssl = NULL;
-    ctx->ssl_ctx = NULL;
-    return ctx;
-}
-
-void free_ws_ctx(ws_ctx_t *ctx) {
-    free(ctx->cin_buf);
-    free(ctx->cout_buf);
-    free(ctx->tin_buf);
-    free(ctx->tout_buf);
-    free(ctx);
-}
-
-ws_ctx_t *ws_socket(ws_ctx_t *ctx, int socket) {
-    ctx->sockfd = socket;
-    return ctx;
-}
-
-ws_ctx_t *ws_socket_ssl(ws_ctx_t *ctx, int socket, char * certfile, char * keyfile) {
-    int ret;
-    char msg[1024];
-    char * use_keyfile;
-    ws_socket(ctx, socket);
-
-    if (keyfile && (keyfile[0] != '\0')) {
-        // Separate key file
-        use_keyfile = keyfile;
-    } else {
-        // Combined key and cert file
-        use_keyfile = certfile;
-    }
-
-    // Initialize the library
-    if (! ssl_initialized) {
-        SSL_library_init();
-        OpenSSL_add_all_algorithms();
-        SSL_load_error_strings();
-        ssl_initialized = 1;
-
-    }
-
-    //ctx->ssl_ctx = SSL_CTX_new(TLSv1_server_method());
-    ctx->ssl_ctx = SSL_CTX_new(TLS_server_method());
-    if (ctx->ssl_ctx == NULL) {
-        ERR_print_errors_fp(stderr);
-        fatal("Failed to configure SSL context");
-    }
-
-    if (SSL_CTX_use_PrivateKey_file(ctx->ssl_ctx, use_keyfile,
-                                    SSL_FILETYPE_PEM) <= 0) {
-        sprintf(msg, "Unable to load private key file %s\n", use_keyfile);
-        fatal(msg);
-    }
-
-    if (SSL_CTX_use_certificate_chain_file(ctx->ssl_ctx, certfile) <= 0) {
-        sprintf(msg, "Unable to load certificate file %s\n", certfile);
-        fatal(msg);
-    }
-
-//    if (SSL_CTX_set_cipher_list(ctx->ssl_ctx, "DEFAULT") != 1) {
-//        sprintf(msg, "Unable to set cipher\n");
-//        fatal(msg);
-//    }
-
-    // Associate socket and ssl object
-    ctx->ssl = SSL_new(ctx->ssl_ctx);
-    SSL_set_fd(ctx->ssl, socket);
-
-    ret = SSL_accept(ctx->ssl);
-    if (ret < 0) {
-        ERR_print_errors_fp(stderr);
-        return NULL;
-    }
-
-    return ctx;
-}
-
-void ws_socket_free(ws_ctx_t *ctx) {
-    if (ctx->ssl) {
-        SSL_free(ctx->ssl);
-        ctx->ssl = NULL;
-    }
-    if (ctx->ssl_ctx) {
-        SSL_CTX_free(ctx->ssl_ctx);
-        ctx->ssl_ctx = NULL;
-    }
-    if (ctx->sockfd) {
-        shutdown(ctx->sockfd, SHUT_RDWR);
-        close(ctx->sockfd);
-        ctx->sockfd = 0;
-    }
-}
-
-int ws_b64_ntop(const unsigned char const * src, size_t srclen, char * dst, size_t dstlen) {
-    int len = 0;
-    int total_len = 0;
-
-    BIO *buff, *b64f;
-    BUF_MEM *ptr;
-
-    b64f = BIO_new(BIO_f_base64());
-    buff = BIO_new(BIO_s_mem());
-    buff = BIO_push(b64f, buff);
-
-    BIO_set_flags(buff, BIO_FLAGS_BASE64_NO_NL);
-    BIO_set_close(buff, BIO_CLOSE);
-    do {
-        len = BIO_write(buff, src + total_len, srclen - total_len);
-        if (len > 0)
-            total_len += len;
-    } while (len && BIO_should_retry(buff));
-
-    BIO_flush(buff);
-
-    BIO_get_mem_ptr(buff, &ptr);
-    len = ptr->length;
-
-    memcpy(dst, ptr->data, dstlen < len ? dstlen : len);
-    dst[dstlen < len ? dstlen : len] = '\0';
-
-    BIO_free_all(buff);
-
-    if (dstlen < len)
-        return -1;
-
-    return len;
-}
-
-int ws_b64_pton(const char const * src, unsigned char * dst, size_t dstlen) {
-    int len = 0;
-    int total_len = 0;
-    int pending = 0;
-
-    BIO *buff, *b64f;
-
-    b64f = BIO_new(BIO_f_base64());
-    buff = BIO_new_mem_buf(src, -1);
-    buff = BIO_push(b64f, buff);
-
-    BIO_set_flags(buff, BIO_FLAGS_BASE64_NO_NL);
-    BIO_set_close(buff, BIO_CLOSE);
-    do {
-        len = BIO_read(buff, dst + total_len, dstlen - total_len);
-        if (len > 0)
-            total_len += len;
-    } while (len && BIO_should_retry(buff));
-
-    dst[total_len] = '\0';
-
-    pending = BIO_ctrl_pending(buff);
-
-    BIO_free_all(buff);
-
-    if (pending)
-        return -1;
-
-    return len;
-}
-
-/* ------------------------------------------------------- */
-
-
-int encode_hixie(u_char const *src, size_t srclength,
-                 char *target, size_t targsize) {
-    int sz = 0, len = 0;
-    target[sz++] = '\x00';
-    len = ws_b64_ntop(src, srclength, target+sz, targsize-sz);
-    if (len < 0) {
-        return len;
-    }
-    sz += len;
-    target[sz++] = '\xff';
-    return sz;
-}
-
-int decode_hixie(char *src, size_t srclength,
-                 u_char *target, size_t targsize,
-                 unsigned int *opcode, unsigned int *left) {
-    char *start, *end, cntstr[4];
-    int i, len, framecount = 0, retlen = 0;
-    unsigned char chr;
-    if ((src[0] != '\x00') || (src[srclength-1] != '\xff')) {
-        handler_emsg("WebSocket framing error\n");
-        return -1;
-    }
-    *left = srclength;
-
-    if (srclength == 2 &&
-        (src[0] == '\xff') && 
-        (src[1] == '\x00')) {
-        // client sent orderly close frame
-        *opcode = 0x8; // Close frame
-        return 0;
-    }
-    *opcode = 0x1; // Text frame
-
-    start = src+1; // Skip '\x00' start
-    do {
-        /* We may have more than one frame */
-        end = (char *)memchr(start, '\xff', srclength);
-        *end = '\x00';
-        len = ws_b64_pton(start, target+retlen, targsize-retlen);
-        if (len < 0) {
-            return len;
-        }
-        retlen += len;
-        start = end + 2; // Skip '\xff' end and '\x00' start 
-        framecount++;
-    } while (end < (src+srclength-1));
-    if (framecount > 1) {
-        //snprintf(cntstr, 3, "%d", framecount);
-        snprintf(cntstr, 4, "%d",  framecount > 999 ? 999 : framecount);
-        traffic(cntstr);
-    }
-    *left = 0;
-    return retlen;
-}
-
-int encode_hybi(u_char const *src, size_t srclength,
-                char *target, size_t targsize, unsigned int opcode)
-{
-    unsigned long long payload_offset = 2;
-    int len = 0;
-
-    if (opcode != OPCODE_TEXT && opcode != OPCODE_BINARY) {
-        handler_emsg("Invalid opcode. Opcode must be 0x01 for text mode, or 0x02 for binary mode.\n");
-        return -1;
-    }
-
-    target[0] = (char)((opcode & 0x0F) | 0x80);
-
-    if ((int)srclength <= 0) {
-        return 0;
-    }
-
-    if (opcode & OPCODE_TEXT) {
-        len = ((srclength - 1) / 3) * 4 + 4;
-    } else {
-        len = srclength;
-    }
-
-    if (len <= 125) {
-        target[1] = (char) len;
-        payload_offset = 2;
-    } else if ((len > 125) && (len < 65536)) {
-        target[1] = (char) 126;
-        *(u_short*)&(target[2]) = htons(len);
-        payload_offset = 4;
-    } else {
-        handler_emsg("Sending frames larger than 65535 bytes not supported\n");
-        return -1;
-        //target[1] = (char) 127;
-        //*(u_long*)&(target[2]) = htonl(b64_sz);
-        //payload_offset = 10;
-    }
-
-    if (opcode & OPCODE_TEXT) {
-        len = ws_b64_ntop(src, srclength, target+payload_offset, targsize-payload_offset);
-    } else {
-        memcpy(target+payload_offset, src, srclength);
-        len = srclength;
-    }
-
-    if (len < 0) {
-        return len;
-    }
-
-    return len + payload_offset;
-}
-
-int decode_hybi(unsigned char *src, size_t srclength,
-                u_char *target, size_t targsize,
-                unsigned int *opcode, unsigned int *left)
-{
-    unsigned char *frame, *mask, *payload, save_char;
-    char cntstr[4];
-    int masked = 0;
-    int i = 0, len, framecount = 0;
-    size_t remaining;
-    unsigned int target_offset = 0, hdr_length = 0, payload_length = 0;
-    
-    *left = srclength;
-    frame = src;
-
-    //printf("Deocde new frame\n");
-    while (1) {
-        // Need at least two bytes of the header
-        // Find beginning of next frame. First time hdr_length, masked and
-        // payload_length are zero
-        frame += hdr_length + 4*masked + payload_length;
-        //printf("frame[0..3]: 0x%x 0x%x 0x%x 0x%x (tot: %d)\n",
-        //       (unsigned char) frame[0],
-        //       (unsigned char) frame[1],
-        //       (unsigned char) frame[2],
-        //       (unsigned char) frame[3], srclength);
-
-        if (frame > src + srclength) {
-            //printf("Truncated frame from client, need %d more bytes\n", frame - (src + srclength) );
-            break;
-        }
-        remaining = (src + srclength) - frame;
-        if (remaining < 2) {
-            //printf("Truncated frame header from client\n");
-            break;
-        }
-        framecount ++;
-
-        *opcode = frame[0] & 0x0f;
-        masked = (frame[1] & 0x80) >> 7;
-
-        if (*opcode == 0x8) {
-            // client sent orderly close frame
-            break;
-        }
-
-        payload_length = frame[1] & 0x7f;
-        if (payload_length < 126) {
-            hdr_length = 2;
-            //frame += 2 * sizeof(char);
-        } else if (payload_length == 126) {
-            payload_length = (frame[2] << 8) + frame[3];
-            hdr_length = 4;
-        } else {
-            handler_emsg("Receiving frames larger than 65535 bytes not supported\n");
-            return -1;
-        }
-        if ((hdr_length + 4*masked + payload_length) > remaining) {
-            continue;
-        }
-        //printf("    payload_length: %u, raw remaining: %u\n", payload_length, remaining);
-        payload = frame + hdr_length + 4*masked;
-
-        if (*opcode != OPCODE_TEXT && *opcode != OPCODE_BINARY) {
-            handler_msg("Ignoring non-data frame, opcode 0x%x\n", *opcode);
-            continue;
-        }
-
-        if (payload_length == 0) {
-            handler_msg("Ignoring empty frame\n");
-            continue;
-        }
-
-        if ((payload_length > 0) && (!masked)) {
-            handler_emsg("Received unmasked payload from client\n");
-            return -1;
-        }
-
-        // Terminate with a null for base64 decode
-        save_char = payload[payload_length];
-        payload[payload_length] = '\0';
-
-        // unmask the data
-        mask = payload - 4;
-        for (i = 0; i < payload_length; i++) {
-            payload[i] ^= mask[i%4];
-        }
-
-        if (*opcode & OPCODE_TEXT) {
-            // base64 decode the data
-            len = ws_b64_pton((const char*)payload, target+target_offset, targsize);
-        } else {
-            memcpy(target+target_offset, payload, payload_length);
-            len = payload_length;
-        }
-
-        // Restore the first character of the next frame
-        payload[payload_length] = save_char;
-        if (len < 0) {
-            handler_emsg("Base64 decode error code %d", len);
-            return len;
-        }
-        target_offset += len;
-
-        //printf("    len %d, raw %s\n", len, frame);
-    }
-
-    if (framecount > 1) {
-        //snprintf(cntstr, 3, "%d", framecount);
-        snprintf(cntstr, 4, "%d",  framecount > 999 ? 999 : framecount);
-        traffic(cntstr);
-    }
-    
-    *left = remaining;
-    return target_offset;
-}
-
-
-
-int parse_handshake(ws_ctx_t *ws_ctx, char *handshake) {
-    char *start, *end;
-    headers_t *headers = ws_ctx->headers;
-
-    headers->key1[0] = '\0';
-    headers->key2[0] = '\0';
-    headers->key3[0] = '\0';
-    
-    if ((strlen(handshake) < 92) || (bcmp(handshake, "GET ", 4) != 0)) {
-        return 0;
-    }
-    start = handshake+4;
-    end = strstr(start, " HTTP/1.1");
-    if (!end) { return 0; }
-    strncpy(headers->path, start, end-start);
-    headers->path[end-start] = '\0';
-
-    start = strstr(handshake, "\r\nHost: ");
-    if (!start) { return 0; }
-    start += 8;
-    end = strstr(start, "\r\n");
-    strncpy(headers->host, start, end-start);
-    headers->host[end-start] = '\0';
-
-    headers->origin[0] = '\0';
-    start = strstr(handshake, "\r\nOrigin: ");
-    if (start) {
-        start += 10;
-    } else {
-        start = strstr(handshake, "\r\nSec-WebSocket-Origin: ");
-        if (!start) { return 0; }
-        start += 24;
-    }
-    end = strstr(start, "\r\n");
-    strncpy(headers->origin, start, end-start);
-    headers->origin[end-start] = '\0';
-   
-    start = strstr(handshake, "\r\nSec-WebSocket-Version: ");
-    if (start) {
-        // HyBi/RFC 6455
-        start += 25;
-        end = strstr(start, "\r\n");
-        strncpy(headers->version, start, end-start);
-        headers->version[end-start] = '\0';
-        ws_ctx->hixie = 0;
-        ws_ctx->hybi = strtol(headers->version, NULL, 10);
-
-        start = strstr(handshake, "\r\nSec-WebSocket-Key: ");
-        if (!start) { return 0; }
-        start += 21;
-        end = strstr(start, "\r\n");
-        strncpy(headers->key1, start, end-start);
-        headers->key1[end-start] = '\0';
-   
-        start = strstr(handshake, "\r\nConnection: ");
-        if (!start) { return 0; }
-        start += 14;
-        end = strstr(start, "\r\n");
-        strncpy(headers->connection, start, end-start);
-        headers->connection[end-start] = '\0';
-   
-        start = strstr(handshake, "\r\nSec-WebSocket-Protocol: ");
-        if (!start) { return 0; }
-        start += 26;
-        end = strstr(start, "\r\n");
-        strncpy(headers->protocols, start, end-start);
-        headers->protocols[end-start] = '\0';
-    } else {
-        // Hixie 75 or 76
-        ws_ctx->hybi = 0;
-
-        start = strstr(handshake, "\r\n\r\n");
-        if (!start) { return 0; }
-        start += 4;
-        if (strlen(start) == 8) {
-            ws_ctx->hixie = 76;
-            strncpy(headers->key3, start, 8);
-            headers->key3[8] = '\0';
-
-            start = strstr(handshake, "\r\nSec-WebSocket-Key1: ");
-            if (!start) { return 0; }
-            start += 22;
-            end = strstr(start, "\r\n");
-            strncpy(headers->key1, start, end-start);
-            headers->key1[end-start] = '\0';
-        
-            start = strstr(handshake, "\r\nSec-WebSocket-Key2: ");
-            if (!start) { return 0; }
-            start += 22;
-            end = strstr(start, "\r\n");
-            strncpy(headers->key2, start, end-start);
-            headers->key2[end-start] = '\0';
-        } else {
-            ws_ctx->hixie = 75;
-        }
-
-    }
-
-    return 1;
-}
-
-int parse_hixie76_key(char * key) {
-    unsigned long i, spaces = 0, num = 0;
-    for (i=0; i < strlen(key); i++) {
-        if (key[i] == ' ') {
-            spaces += 1;
-        }
-        if ((key[i] >= 48) && (key[i] <= 57)) {
-            num = num * 10 + (key[i] - 48);
-        }
-    }
-    return num / spaces;
-}
-
-int gen_md5(headers_t *headers, char *target) {
-    unsigned long key1 = parse_hixie76_key(headers->key1);
-    unsigned long key2 = parse_hixie76_key(headers->key2);
-    char *key3 = headers->key3;
-
-    MD5_CTX c;
-    char in[HIXIE_MD5_DIGEST_LENGTH] = {
-        key1 >> 24, key1 >> 16, key1 >> 8, key1,
-        key2 >> 24, key2 >> 16, key2 >> 8, key2,
-        key3[0], key3[1], key3[2], key3[3],
-        key3[4], key3[5], key3[6], key3[7]
-    };
-
-    MD5_Init(&c);
-    MD5_Update(&c, (void *)in, sizeof in);
-    MD5_Final((void *)target, &c);
-
-    target[HIXIE_MD5_DIGEST_LENGTH] = '\0';
-
-    return 1;
-}
-
-static void gen_sha1(headers_t *headers, char *target) {
-    SHA_CTX c;
-    unsigned char hash[SHA_DIGEST_LENGTH];
-    int r;
-
-    SHA1_Init(&c);
-    SHA1_Update(&c, headers->key1, strlen(headers->key1));
-    SHA1_Update(&c, HYBI_GUID, 36);
-    SHA1_Final(hash, &c);
-
-    r = ws_b64_ntop(hash, sizeof hash, target, HYBI10_ACCEPTHDRLEN);
-    //assert(r == HYBI10_ACCEPTHDRLEN - 1);
-}
-
-
-ws_ctx_t *do_handshake(int sock) {
-    char handshake[4096], response[4096], sha1[29], trailer[17];
-    char *scheme, *pre;
-    headers_t *headers;
-    int len, ret, i, offset;
-    ws_ctx_t * ws_ctx;
-    char *response_protocol;
-
-    // Peek, but don't read the data
-    len = recv(sock, handshake, 1024, MSG_PEEK);
-    handshake[len] = 0;
-    if (len == 0) {
-        handler_msg("ignoring empty handshake\n");
-        return NULL;
-    } else if ((bcmp(handshake, "\x16", 1) == 0) ||
-               (bcmp(handshake, "\x80", 1) == 0)) {
-        // SSL
-        if (!settings.cert) {
-            handler_msg("SSL connection but no cert specified\n");
-            return NULL;
-        } else if (access(settings.cert, R_OK) != 0) {
-            handler_msg("SSL connection but '%s' not found\n",
-                        settings.cert);
-            return NULL;
-        }
-        ws_ctx = alloc_ws_ctx();
-        ws_socket_ssl(ws_ctx, sock, settings.cert, settings.key);
-        if (! ws_ctx) { return NULL; }
-        scheme = "wss";
-        handler_msg("using SSL socket\n");
-    } else if (settings.ssl_only) {
-        handler_msg("non-SSL connection disallowed\n");
-        return NULL;
-    } else {
-        ws_ctx = alloc_ws_ctx();
-        ws_socket(ws_ctx, sock);
-        if (! ws_ctx) { return NULL; }
-        scheme = "ws";
-        handler_msg("using plain (not SSL) socket\n");
-    }
-    offset = 0;
-    for (i = 0; i < 10; i++) {
-        /* (offset + 1): reserve one byte for the trailing '\0' */
-        if (0 > (len = ws_recv(ws_ctx, handshake + offset, sizeof(handshake) - (offset + 1)))) {
-            handler_emsg("Read error during handshake: %m\n");
-            free_ws_ctx(ws_ctx);
-            return NULL;
-        } else if (0 == len) {
-            handler_emsg("Client closed during handshake\n");
-            free_ws_ctx(ws_ctx);
-            return NULL;
-        }
-        offset += len;
-        handshake[offset] = 0;
-        if (strstr(handshake, "\r\n\r\n")) {
-            break;
-        } else if (sizeof(handshake) <= (size_t)(offset + 1)) {
-            handler_emsg("Oversized handshake\n");
-            free_ws_ctx(ws_ctx);
-            return NULL;
-        } else if (9 == i) {
-            handler_emsg("Incomplete handshake\n");
-            free_ws_ctx(ws_ctx);
-            return NULL;
-        }
-        usleep(10);
-    }
-
-    //handler_msg("handshake: %s\n", handshake);
-    if (!parse_handshake(ws_ctx, handshake)) {
-        handler_emsg("Invalid WS request\n");
-        free_ws_ctx(ws_ctx);
-        return NULL;
-    }
-
-    headers = ws_ctx->headers;
-
-    response_protocol = strtok(headers->protocols, ",");
-    if (!response_protocol || !strlen(response_protocol)) {
-        ws_ctx->opcode = OPCODE_BINARY;
-        response_protocol = "null";
-    } else if (!strcmp(response_protocol, "base64")) {
-      ws_ctx->opcode = OPCODE_TEXT;
-    } else {
-        ws_ctx->opcode = OPCODE_BINARY;
-    }
-
-    if (ws_ctx->hybi > 0) {
-        handler_msg("using protocol HyBi/IETF 6455 %d\n", ws_ctx->hybi);
-        gen_sha1(headers, sha1);
-        snprintf(response, sizeof(response), SERVER_HANDSHAKE_HYBI, sha1, response_protocol);
-    } else {
-        if (ws_ctx->hixie == 76) {
-            handler_msg("using protocol Hixie 76\n");
-            gen_md5(headers, trailer);
-            pre = "Sec-";
-        } else {
-            handler_msg("using protocol Hixie 75\n");
-            trailer[0] = '\0';
-            pre = "";
-        }
-        snprintf(response, sizeof(response), SERVER_HANDSHAKE_HIXIE, pre, headers->origin,
-                 pre, scheme, headers->host, headers->path, pre, "base64", trailer);
-    }
-    
-    //handler_msg("response: %s\n", response);
-    ws_send(ws_ctx, response, strlen(response));
-
-    return ws_ctx;
-}
-
-void signal_handler(int sig) {
-    switch (sig) {
-        case SIGHUP: break; // ignore for now
-        case SIGPIPE: pipe_error = 1; break; // handle inline
-        case SIGTERM: exit(0); break;
-    }
-}
-
-void daemonize(int keepfd) {
-    int pid, i;
-
-    umask(0);
-    if (!chdir("/")) { handler_emsg("Unable to chdir(\"/\").\n"); }
-    if (!setgid(getgid())) { handler_emsg("Unable to setgid().\n"); }
-    if (!setuid(getuid())) { handler_emsg("Unable to setuid().\n"); }
-
-    /* Double fork to daemonize */
-    pid = fork();
-    if (pid<0) { fatal("fork error"); }
-    if (pid>0) { exit(0); }  // parent exits
-    setsid();                // Obtain new process group
-    pid = fork();
-    if (pid<0) { fatal("fork error"); }
-    if (pid>0) { exit(0); }  // parent exits
-
-    /* Signal handling */
-    signal(SIGHUP, signal_handler);   // catch HUP
-    signal(SIGTERM, signal_handler);  // catch kill
-
-    /* Close open files */
-    for (i=getdtablesize(); i>=0; --i) {
-        if (i != keepfd) {
-            close(i);
-        } else if (settings.verbose) {
-            printf("keeping fd %d\n", keepfd);
-        }
-    }
-    i=open("/dev/null", O_RDWR);  // Redirect stdin
-    if (!dup(i)) { handler_emsg("Unable redirect stdout.\n"); } // Redirect stdout
-    if (!dup(i)) { handler_emsg("Unable redirect stderr.\n"); } // Redirect stderr
-}
-
-
-void start_server() {
-    int lsock, csock, pid, sopt = 1, i;
-    struct sockaddr_in serv_addr, cli_addr;
-    socklen_t clilen;
-    ws_ctx_t *ws_ctx;
-
-
-    /* Initialize buffers */
-    lsock = socket(AF_INET, SOCK_STREAM, 0);
-    if (lsock < 0) { error("ERROR creating listener socket"); }
-    bzero((char *) &serv_addr, sizeof(serv_addr));
-    serv_addr.sin_family = AF_INET;
-    serv_addr.sin_port = htons(settings.listen_port);
-
-    /* Resolve listen address */
-    if (settings.listen_host && (settings.listen_host[0] != '\0')) {
-        if (resolve_host(&serv_addr.sin_addr, settings.listen_host) < -1) {
-            fatal("Could not resolve listen address");
-        }
-    } else {
-        serv_addr.sin_addr.s_addr = INADDR_ANY;
-    }
-
-    setsockopt(lsock, SOL_SOCKET, SO_REUSEADDR, (char *)&sopt, sizeof(sopt));
-    if (bind(lsock, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) {
-        fatal("ERROR on binding listener socket");
-    }
-    listen(lsock,100);
-
-    signal(SIGPIPE, signal_handler);  // catch pipe
-
-    if (settings.daemon) {
-        daemonize(lsock);
-    }
-
-
-    // Reep zombies
-    signal(SIGCHLD, SIG_IGN);
-
-    printf("Waiting for connections on %s:%d\n",
-            settings.listen_host, settings.listen_port);
-
-    while (1) {
-        clilen = sizeof(cli_addr);
-        pipe_error = 0;
-        pid = 0;
-        csock = accept(lsock, 
-                       (struct sockaddr *) &cli_addr, 
-                       &clilen);
-        if (csock < 0) {
-            error("ERROR on accept");
-            continue;
-        }
-        handler_msg("got client connection from %s\n",
-                    inet_ntoa(cli_addr.sin_addr));
-
-        if (!settings.run_once) {
-            handler_msg("forking handler process\n");
-            pid = fork();
-        }
-
-        if (pid == 0) {  // handler process
-            ws_ctx = do_handshake(csock);
-            if (settings.run_once) {
-                if (ws_ctx == NULL) {
-                    // Not a real WebSocket connection
-                    continue;
-                } else {
-                    // Successful connection, stop listening for new
-                    // connections
-                    close(lsock);
-                }
-            }
-            if (ws_ctx == NULL) {
-                handler_msg("No connection after handshake\n");
-                break;   // Child process exits
-            }
-
-            settings.handler(ws_ctx);
-            if (pipe_error) {
-                handler_emsg("Closing due to SIGPIPE\n");
-            }
-            break;   // Child process exits
-        } else {         // parent process
-            settings.handler_id += 1;
-            close(csock);
-        }
-    }
-    if (pid == 0) {
-        if (ws_ctx) {
-            ws_socket_free(ws_ctx);
-            free_ws_ctx(ws_ctx);
-        } else {
-            shutdown(csock, SHUT_RDWR);
-            close(csock);
-        }
-        handler_msg("handler exit\n");
-    } else {
-        handler_msg("websockify exit\n");
-    }
-
-}
-

src/contrib/websocket.h

@@ -1,104 +0,0 @@
-#include <openssl/ssl.h>
-
-#define BUFSIZE 65536
-#define DBUFSIZE (BUFSIZE * 3) / 4 - 20
-
-#define SERVER_HANDSHAKE_HIXIE "HTTP/1.1 101 Web Socket Protocol Handshake\r\n\
-Upgrade: WebSocket\r\n\
-Connection: Upgrade\r\n\
-%sWebSocket-Origin: %s\r\n\
-%sWebSocket-Location: %s://%s%s\r\n\
-%sWebSocket-Protocol: %s\r\n\
-\r\n%s"
-
-#define SERVER_HANDSHAKE_HYBI "HTTP/1.1 101 Switching Protocols\r\n\
-Upgrade: websocket\r\n\
-Connection: Upgrade\r\n\
-Sec-WebSocket-Accept: %s\r\n\
-Sec-WebSocket-Protocol: %s\r\n\
-\r\n"
-
-#define HYBI_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
-
-#define HYBI10_ACCEPTHDRLEN 29
-
-#define HIXIE_MD5_DIGEST_LENGTH 16
-
-#define POLICY_RESPONSE "<cross-domain-policy><allow-access-from domain=\"*\" to-ports=\"*\" /></cross-domain-policy>\n"
-
-#define OPCODE_TEXT    0x01
-#define OPCODE_BINARY  0x02
-
-typedef struct {
-    char path[1024+1];
-    char host[1024+1];
-    char origin[1024+1];
-    char version[1024+1];
-    char connection[1024+1];
-    char protocols[1024+1];
-    char key1[1024+1];
-    char key2[1024+1];
-    char key3[8+1];
-} headers_t;
-
-typedef struct {
-    int        sockfd;
-    SSL_CTX   *ssl_ctx;
-    SSL       *ssl;
-    int        hixie;
-    int        hybi;
-    int        opcode;
-    headers_t *headers;
-    char      *cin_buf;
-    char      *cout_buf;
-    char      *tin_buf;
-    char      *tout_buf;
-} ws_ctx_t;
-
-typedef struct {
-    int verbose;
-    char listen_host[256];
-    int listen_port;
-    void (*handler)(ws_ctx_t*);
-    int handler_id;
-    char *cert;
-    char *key;
-    int ssl_only;
-    int daemon;
-    int run_once;
-} settings_t;
-
-
-int resolve_host(struct in_addr *sin_addr, const char *hostname);
-
-ssize_t ws_recv(ws_ctx_t *ctx, void *buf, size_t len);
-
-ssize_t ws_send(ws_ctx_t *ctx, const void *buf, size_t len);
-
-/* base64.c declarations */
-//int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize);
-//int b64_pton(char const *src, u_char *target, size_t targsize);
-
-#define gen_handler_msg(stream, ...) \
-    if (! settings.daemon) { \
-        fprintf(stream, "  %d: ", settings.handler_id); \
-        fprintf(stream, __VA_ARGS__); \
-    }
-
-#define handler_msg(...) gen_handler_msg(stdout, __VA_ARGS__);
-#define handler_emsg(...) gen_handler_msg(stderr, __VA_ARGS__);
-
-void traffic(const char * token);
-
-int encode_hixie(u_char const *src, size_t srclength,
-                 char *target, size_t targsize);
-int decode_hixie(char *src, size_t srclength,
-                 u_char *target, size_t targsize,
-                 unsigned int *opcode, unsigned int *left);
-int encode_hybi(u_char const *src, size_t srclength,
-                char *target, size_t targsize, unsigned int opcode);
-int decode_hybi(unsigned char *src, size_t srclength,
-                u_char *target, size_t targsize,
-                unsigned int *opcode, unsigned int *left);
-
-void start_server();

src/contrib/websockify.c

@@ -1,388 +0,0 @@
-/*
- * A WebSocket to TCP socket proxy with support for "wss://" encryption.
- * Copyright 2010 Joel Martin
- * Licensed under LGPL version 3 (see docs/LICENSE.LGPL-3)
- *
- * You can make a cert/key with openssl using:
- * openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
- * as taken from http://docs.python.org/dev/library/ssl.html#certificates
- */
-#include <stdio.h>
-#include <errno.h>
-#include <limits.h>
-#include <getopt.h>
-#include <string.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#include <sys/select.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <sys/stat.h>
-#include "websocket.h"
-
-char traffic_legend[] = "\n\
-Traffic Legend:\n\
-    }  - Client receive\n\
-    }. - Client receive partial\n\
-    {  - Target receive\n\
-\n\
-    >  - Target send\n\
-    >. - Target send partial\n\
-    <  - Client send\n\
-    <. - Client send partial\n\
-";
-
-char USAGE[] = "Usage: [options] " \
-               "[source_addr:]source_port target_addr:target_port\n\n" \
-               "  --verbose|-v       verbose messages and per frame traffic\n" \
-               "  --daemon|-D        become a daemon (background process)\n" \
-               "  --run-once         handle a single WebSocket connection and exit\n" \
-               "  --cert CERT        SSL certificate file\n" \
-               "  --key KEY          SSL key file (if separate from cert)\n" \
-               "  --ssl-only         disallow non-encrypted connections";
-
-#define usage(fmt, args...) \
-    fprintf(stderr, "%s\n\n", USAGE); \
-    fprintf(stderr, fmt , ## args); \
-    exit(1);
-
-char target_host[256];
-int target_port;
-
-extern int pipe_error;
-extern settings_t settings;
-
-void do_proxy(ws_ctx_t *ws_ctx, int target) {
-    fd_set rlist, wlist, elist;
-    struct timeval tv;
-    int i, maxfd, client = ws_ctx->sockfd;
-    unsigned int opcode, left, ret;
-    unsigned int tout_start, tout_end, cout_start, cout_end;
-    unsigned int tin_start, tin_end;
-    ssize_t len, bytes;
-
-    tout_start = tout_end = cout_start = cout_end;
-    tin_start = tin_end = 0;
-    maxfd = client > target ? client+1 : target+1;
-
-    while (1) {
-        tv.tv_sec = 1;
-        tv.tv_usec = 0;
-
-        FD_ZERO(&rlist);
-        FD_ZERO(&wlist);
-        FD_ZERO(&elist);
-
-        FD_SET(client, &elist);
-        FD_SET(target, &elist);
-
-        if (tout_end == tout_start) {
-            // Nothing queued for target, so read from client
-            FD_SET(client, &rlist);
-        } else {
-            // Data queued for target, so write to it
-            FD_SET(target, &wlist);
-        }
-        if (cout_end == cout_start) {
-            // Nothing queued for client, so read from target
-            FD_SET(target, &rlist);
-        } else {
-            // Data queued for client, so write to it
-            FD_SET(client, &wlist);
-        }
-
-        ret = select(maxfd, &rlist, &wlist, &elist, &tv);
-        if (pipe_error) { break; }
-
-        if (FD_ISSET(target, &elist)) {
-            handler_emsg("target exception\n");
-            break;
-        }
-        if (FD_ISSET(client, &elist)) {
-            handler_emsg("client exception\n");
-            break;
-        }
-
-        if (ret == -1) {
-            handler_emsg("select(): %s\n", strerror(errno));
-            break;
-        } else if (ret == 0) {
-            //handler_emsg("select timeout\n");
-            continue;
-        }
-
-        if (FD_ISSET(target, &wlist)) {
-            len = tout_end-tout_start;
-            bytes = send(target, ws_ctx->tout_buf + tout_start, len, 0);
-            if (pipe_error) { break; }
-            if (bytes < 0) {
-                handler_emsg("target connection error: %s\n",
-                             strerror(errno));
-                break;
-            }
-            tout_start += bytes;
-            if (tout_start >= tout_end) {
-                tout_start = tout_end = 0;
-                traffic(">");
-            } else {
-                traffic(">.");
-            }
-        }
-
-        if (FD_ISSET(client, &wlist)) {
-            len = cout_end-cout_start;
-            bytes = ws_send(ws_ctx, ws_ctx->cout_buf + cout_start, len);
-            if (pipe_error) { break; }
-            if (len < 3) {
-                handler_emsg("len: %d, bytes: %d: %d\n",
-                             (int) len, (int) bytes,
-                             (int) *(ws_ctx->cout_buf + cout_start));
-            }
-            cout_start += bytes;
-            if (cout_start >= cout_end) {
-                cout_start = cout_end = 0;
-                traffic("<");
-            } else {
-                traffic("<.");
-            }
-        }
-
-        if (FD_ISSET(target, &rlist)) {
-            bytes = recv(target, ws_ctx->cin_buf, DBUFSIZE , 0);
-            if (pipe_error) { break; }
-            if (bytes <= 0) {
-                handler_emsg("target closed connection\n");
-                break;
-            }
-            cout_start = 0;
-            if (ws_ctx->hybi) {
-                cout_end = encode_hybi(ws_ctx->cin_buf, bytes,
-                                   ws_ctx->cout_buf, BUFSIZE, ws_ctx->opcode);
-            } else {
-                cout_end = encode_hixie(ws_ctx->cin_buf, bytes,
-                                    ws_ctx->cout_buf, BUFSIZE);
-            }
-            /*
-            printf("encoded: ");
-            for (i=0; i< cout_end; i++) {
-                printf("%u,", (unsigned char) *(ws_ctx->cout_buf+i));
-            }
-            printf("\n");
-            */
-            if (cout_end < 0) {
-                handler_emsg("encoding error\n");
-                break;
-            }
-            traffic("{");
-        }
-
-        if (FD_ISSET(client, &rlist)) {
-            bytes = ws_recv(ws_ctx, ws_ctx->tin_buf + tin_end, BUFSIZE-1);
-            if (pipe_error) { break; }
-            if (bytes <= 0) {
-                handler_emsg("client closed connection\n");
-                break;
-            }
-            tin_end += bytes;
-            /*
-            printf("before decode: ");
-            for (i=0; i< bytes; i++) {
-                printf("%u,", (unsigned char) *(ws_ctx->tin_buf+i));
-            }
-            printf("\n");
-            */
-            if (ws_ctx->hybi) {
-                len = decode_hybi(ws_ctx->tin_buf + tin_start,
-                                  tin_end-tin_start,
-                                  ws_ctx->tout_buf, BUFSIZE-1,
-                                  &opcode, &left);
-            } else {
-                len = decode_hixie(ws_ctx->tin_buf + tin_start,
-                                   tin_end-tin_start,
-                                   ws_ctx->tout_buf, BUFSIZE-1,
-                                   &opcode, &left);
-            }
-
-            if (opcode == 8) {
-                handler_msg("client sent orderly close frame\n");
-                break;
-            }
-
-            /*
-            printf("decoded: ");
-            for (i=0; i< len; i++) {
-                printf("%u,", (unsigned char) *(ws_ctx->tout_buf+i));
-            }
-            printf("\n");
-            */
-            if (len < 0) {
-                handler_emsg("decoding error\n");
-                break;
-            }
-            if (left) {
-                tin_start = tin_end - left;
-                //printf("partial frame from client");
-            } else {
-                tin_start = 0;
-                tin_end = 0;
-            }
-
-            traffic("}");
-            tout_start = 0;
-            tout_end = len;
-        }
-    }
-}
-
-void proxy_handler(ws_ctx_t *ws_ctx) {
-    int tsock = 0;
-    struct sockaddr_in taddr;
-
-    handler_msg("connecting to: %s:%d\n", target_host, target_port);
-
-    tsock = socket(AF_INET, SOCK_STREAM, 0);
-    if (tsock < 0) {
-        handler_emsg("Could not create target socket: %s\n",
-                     strerror(errno));
-        return;
-    }
-    bzero((char *) &taddr, sizeof(taddr));
-    taddr.sin_family = AF_INET;
-    taddr.sin_port = htons(target_port);
-
-    /* Resolve target address */
-    if (resolve_host(&taddr.sin_addr, target_host) < -1) {
-        handler_emsg("Could not resolve target address: %s\n",
-                     strerror(errno));
-    }
-
-    if (connect(tsock, (struct sockaddr *) &taddr, sizeof(taddr)) < 0) {
-        handler_emsg("Could not connect to target: %s\n",
-                     strerror(errno));
-        close(tsock);
-        return;
-    }
-
-    if ((settings.verbose) && (! settings.daemon)) {
-        printf("%s", traffic_legend);
-    }
-
-    do_proxy(ws_ctx, tsock);
-
-    shutdown(tsock, SHUT_RDWR);
-    close(tsock);
-}
-
-int main(int argc, char *argv[])
-{
-    int fd, c, option_index = 0;
-    static int ssl_only = 0, daemon = 0, run_once = 0, verbose = 0;
-    char *found;
-    static struct option long_options[] = {
-        {"verbose",    no_argument,       &verbose,    'v'},
-        {"ssl-only",   no_argument,       &ssl_only,    1 },
-        {"daemon",     no_argument,       &daemon,     'D'},
-        /* ---- */
-        {"run-once",   no_argument,       0,           'r'},
-        {"cert",       required_argument, 0,           'c'},
-        {"key",        required_argument, 0,           'k'},
-        {0, 0, 0, 0}
-    };
-
-    settings.cert = realpath("self.pem", NULL);
-    if (!settings.cert) {
-        /* Make sure it's always set to something */
-        settings.cert = "self.pem";
-    }
-    settings.key = "";
-
-    while (1) {
-        c = getopt_long (argc, argv, "vDrc:k:",
-                         long_options, &option_index);
-
-        /* Detect the end */
-        if (c == -1) { break; }
-
-        switch (c) {
-            case 0:
-                break; // ignore
-            case 1:
-                break; // ignore
-            case 'v':
-                verbose = 1;
-                break;
-            case 'D':
-                daemon = 1;
-                break;
-            case 'r':
-                run_once = 1;
-                break;
-            case 'c':
-                settings.cert = realpath(optarg, NULL);
-                if (! settings.cert) {
-                    usage("No cert file at %s\n", optarg);
-                }
-                break;
-            case 'k':
-                settings.key = realpath(optarg, NULL);
-                if (! settings.key) {
-                    usage("No key file at %s\n", optarg);
-                }
-                break;
-            default:
-                usage("\n");
-        }
-    }
-    settings.verbose      = verbose;
-    settings.ssl_only     = ssl_only;
-    settings.daemon       = daemon;
-    settings.run_once     = run_once;
-
-    if ((argc-optind) != 2) {
-        usage("Invalid number of arguments\n");
-    }
-
-    found = strstr(argv[optind], ":");
-    if (found) {
-        memcpy(settings.listen_host, argv[optind], found-argv[optind]);
-        settings.listen_port = strtol(found+1, NULL, 10);
-    } else {
-        settings.listen_host[0] = '\0';
-        settings.listen_port = strtol(argv[optind], NULL, 10);
-    }
-    optind++;
-    if (settings.listen_port == 0) {
-        usage("Could not parse listen_port\n");
-    }
-
-    found = strstr(argv[optind], ":");
-    if (found) {
-        memcpy(target_host, argv[optind], found-argv[optind]);
-        target_port = strtol(found+1, NULL, 10);
-    } else {
-        usage("Target argument must be host:port\n");
-    }
-    if (target_port == 0) {
-        usage("Could not parse target port\n");
-    }
-
-    if (ssl_only) {
-        if (access(settings.cert, R_OK) != 0) {
-            usage("SSL only and cert file '%s' not found\n", settings.cert);
-        }
-    } else if (access(settings.cert, R_OK) != 0) {
-        fprintf(stderr, "Warning: '%s' not found\n", settings.cert);
-    }
-
-    //printf("  verbose: %d\n",   settings.verbose);
-    //printf("  ssl_only: %d\n",  settings.ssl_only);
-    //printf("  daemon: %d\n",    settings.daemon);
-    //printf("  run_once: %d\n",  settings.run_once);
-    //printf("  cert: %s\n",      settings.cert);
-    //printf("  key: %s\n",       settings.key);
-
-    settings.handler = proxy_handler; 
-    start_server();
-
-}