version 1.44, 2020/10/02 15:43:48 |
version 1.45, 2021/03/17 18:08:32 |
|
|
int bugs; |
int bugs; |
char *CAfile; |
char *CAfile; |
char *CApath; |
char *CApath; |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS |
int cert_chain; |
int cert_chain; |
#endif |
#endif |
char *cert_file; |
char *cert_file; |
|
|
return (0); |
return (0); |
} |
} |
|
|
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS |
static int |
static int |
s_server_opt_mtu(char *arg) |
s_server_opt_mtu(char *arg) |
{ |
{ |
|
|
} |
} |
return (0); |
return (0); |
} |
} |
|
#endif |
|
|
|
#ifndef OPENSSL_NO_DTLS |
static int |
static int |
s_server_protocol_version_dtls1(void) |
s_server_opt_protocol_version_dtls(void) |
{ |
{ |
s_server_config.meth = DTLS_server_method(); |
s_server_config.meth = DTLS_server_method(); |
s_server_config.socket_type = SOCK_DGRAM; |
s_server_config.socket_type = SOCK_DGRAM; |
|
|
} |
} |
#endif |
#endif |
|
|
|
#ifndef OPENSSL_NO_DTLS1 |
static int |
static int |
|
s_server_opt_protocol_version_dtls1(void) |
|
{ |
|
s_server_config.meth = DTLS_server_method(); |
|
s_server_config.min_version = DTLS1_VERSION; |
|
s_server_config.max_version = DTLS1_VERSION; |
|
s_server_config.socket_type = SOCK_DGRAM; |
|
return (0); |
|
} |
|
#endif |
|
|
|
#ifndef OPENSSL_NO_DTLS1_2 |
|
static int |
|
s_server_opt_protocol_version_dtls1_2(void) |
|
{ |
|
s_server_config.meth = DTLS_server_method(); |
|
s_server_config.min_version = DTLS1_2_VERSION; |
|
s_server_config.max_version = DTLS1_2_VERSION; |
|
s_server_config.socket_type = SOCK_DGRAM; |
|
return (0); |
|
} |
|
#endif |
|
|
|
static int |
s_server_protocol_version_tls1(void) |
s_server_protocol_version_tls1(void) |
{ |
{ |
s_server_config.min_version = TLS1_VERSION; |
s_server_config.min_version = TLS1_VERSION; |
|
|
.type = OPTION_ARG_FORMAT, |
.type = OPTION_ARG_FORMAT, |
.opt.value = &s_server_config.cert_format, |
.opt.value = &s_server_config.cert_format, |
}, |
}, |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS |
{ |
{ |
.name = "chain", |
.name = "chain", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
|
|
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &s_server_config.dpassarg, |
.opt.arg = &s_server_config.dpassarg, |
}, |
}, |
|
#ifndef OPENSSL_NO_DTLS |
|
{ |
|
.name = "dtls", |
|
.desc = "Use any version of DTLS", |
|
.type = OPTION_FUNC, |
|
.opt.func = s_server_opt_protocol_version_dtls, |
|
}, |
|
#endif |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS1 |
{ |
{ |
.name = "dtls1", |
.name = "dtls1", |
.desc = "Just talk DTLSv1", |
.desc = "Just use DTLSv1", |
.type = OPTION_FUNC, |
.type = OPTION_FUNC, |
.opt.func = s_server_protocol_version_dtls1, |
.opt.func = s_server_opt_protocol_version_dtls1, |
}, |
}, |
#endif |
#endif |
|
#ifndef OPENSSL_NO_DTLS1_2 |
{ |
{ |
|
.name = "dtls1_2", |
|
.desc = "Just use DTLSv1.2", |
|
.type = OPTION_FUNC, |
|
.opt.func = s_server_opt_protocol_version_dtls1_2, |
|
}, |
|
#endif |
|
{ |
.name = "groups", |
.name = "groups", |
.argname = "list", |
.argname = "list", |
.desc = "Specify EC groups (colon-separated list)", |
.desc = "Specify EC groups (colon-separated list)", |
|
|
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_server_config.msg, |
.opt.flag = &s_server_config.msg, |
}, |
}, |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS |
{ |
{ |
.name = "mtu", |
.name = "mtu", |
.argname = "mtu", |
.argname = "mtu", |
|
|
.type = OPTION_FUNC, |
.type = OPTION_FUNC, |
.opt.func = s_server_opt_status_verbose, |
.opt.func = s_server_opt_status_verbose, |
}, |
}, |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS |
{ |
{ |
.name = "timeout", |
.name = "timeout", |
.desc = "Enable timeouts", |
.desc = "Enable timeouts", |
|
|
" [-context id] [-crl_check] [-crl_check_all] [-crlf]\n" |
" [-context id] [-crl_check] [-crl_check_all] [-crlf]\n" |
" [-dcert file] [-dcertform der | pem] [-debug]\n" |
" [-dcert file] [-dcertform der | pem] [-debug]\n" |
" [-dhparam file] [-dkey file] [-dkeyform der | pem]\n" |
" [-dhparam file] [-dkey file] [-dkeyform der | pem]\n" |
" [-dpass arg] [-dtls1] [-groups list] [-HTTP]\n" |
" [-dpass arg] [-dtls] [-dtls1] [-dtls1_2] [-groups list] [-HTTP]\n" |
" [-id_prefix arg] [-key keyfile] [-key2 keyfile]\n" |
" [-id_prefix arg] [-key keyfile] [-key2 keyfile]\n" |
" [-keyform der | pem] [-keymatexport label]\n" |
" [-keyform der | pem] [-keymatexport label]\n" |
" [-keymatexportlen len] [-msg] [-mtu mtu]\n" |
" [-keymatexportlen len] [-msg] [-mtu mtu]\n" |
|
|
} |
} |
SSL_clear(con); |
SSL_clear(con); |
|
|
if (SSL_version(con) == DTLS1_VERSION) { |
if (SSL_is_dtls(con)) { |
|
|
sbio = BIO_new_dgram(s, BIO_NOCLOSE); |
sbio = BIO_new_dgram(s, BIO_NOCLOSE); |
|
|
if (s_server_config.enable_timeouts) { |
if (s_server_config.enable_timeouts) { |
|
|
pfd[1].fd = s; |
pfd[1].fd = s; |
pfd[1].events = POLLIN; |
pfd[1].events = POLLIN; |
|
|
if ((SSL_version(con) == DTLS1_VERSION) && |
if (SSL_is_dtls(con) && |
DTLSv1_get_timeout(con, &timeout)) |
DTLSv1_get_timeout(con, &timeout)) |
ptimeout = timeout.tv_sec * 1000 + |
ptimeout = timeout.tv_sec * 1000 + |
timeout.tv_usec / 1000; |
timeout.tv_usec / 1000; |
|
|
|
|
i = poll(pfd, 2, ptimeout); |
i = poll(pfd, 2, ptimeout); |
|
|
if ((SSL_version(con) == DTLS1_VERSION) && |
if (SSL_is_dtls(con) && |
DTLSv1_handle_timeout(con) > 0) { |
DTLSv1_handle_timeout(con) > 0) |
BIO_printf(bio_err, "TIMEOUT occured\n"); |
BIO_printf(bio_err, "TIMEOUT occured\n"); |
} |
|
if (i <= 0) |
if (i <= 0) |
continue; |
continue; |
if (pfd[0].revents) { |
if (pfd[0].revents) { |
|
|
} |
} |
if ((i <= 0) || (buf[0] == 'q')) { |
if ((i <= 0) || (buf[0] == 'q')) { |
BIO_printf(bio_s_out, "DONE\n"); |
BIO_printf(bio_s_out, "DONE\n"); |
if (SSL_version(con) != DTLS1_VERSION) { |
if (!SSL_is_dtls(con)) { |
shutdown(s, SHUT_RD); |
shutdown(s, SHUT_RD); |
close(s); |
close(s); |
} |
} |