X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fs_server.c;h=f890aac5b593f361af2071486acbfc083291a667;hp=10bfdd6b911e0a6ee669fe942de65edd8e6e80b1;hb=6d3d5793673b225b2347ef45b74d0d9994f3132c;hpb=e03c5b59f04684c55a173d1a8ac38df7e4b21c48 diff --git a/apps/s_server.c b/apps/s_server.c index 10bfdd6b91..f890aac5b5 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -479,12 +479,15 @@ static void sv_usage(void) { BIO_printf(bio_err,"usage: s_server [args ...]\n"); BIO_printf(bio_err,"\n"); - BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT); + BIO_printf(bio_err," -accept port - TCP/IP port to accept on (default is %d)\n",PORT); + BIO_printf(bio_err," -unix path - unix domain socket to accept on\n"); + BIO_printf(bio_err," -unlink - for -unix, unlink existing socket first\n"); BIO_printf(bio_err," -context arg - set session ID context\n"); BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); BIO_printf(bio_err," -cert arg - certificate file to use\n"); BIO_printf(bio_err," (default is %s)\n",TEST_CERT); + BIO_printf(bio_err," -naccept arg - terminate after 'arg' connections\n"); #ifndef OPENSSL_NO_TLSEXT BIO_printf(bio_err," -serverinfo arg - PEM serverinfo file for certificate\n"); BIO_printf(bio_err," -auth - send and receive RFC 5878 TLS auth extensions and supplemental data\n"); @@ -523,6 +526,7 @@ static void sv_usage(void) BIO_printf(bio_err," -state - Print the SSL states\n"); BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); + BIO_printf(bio_err," -trusted_first - Use locally trusted CA's first when building trust chain\n"); BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); @@ -1007,6 +1011,9 @@ int MAIN(int argc, char *argv[]) X509_VERIFY_PARAM *vpm = NULL; int badarg = 0; short port=PORT; + const char *unix_path=NULL; + int unlink_unix_path=0; + int (*server_cb)(char *hostname, int s, int stype, unsigned char *context); char *CApath=NULL,*CAfile=NULL; char *chCApath=NULL,*chCAfile=NULL; char *vfyCApath=NULL,*vfyCAfile=NULL; @@ -1099,6 +1106,25 @@ int MAIN(int argc, char *argv[]) if (!extract_port(*(++argv),&port)) goto bad; } + else if (strcmp(*argv,"-unix") == 0) + { +#ifdef NO_SYS_UN_H + BIO_printf(bio_err, "unix domain sockets unsupported\n"); + goto bad; +#else + if (--argc < 1) goto bad; + unix_path = *(++argv); +#endif + } + else if (strcmp(*argv,"-unlink") == 0) + { +#ifdef NO_SYS_UN_H + BIO_printf(bio_err, "unix domain sockets unsupported\n"); + goto bad; +#else + unlink_unix_path = 1; +#endif + } else if (strcmp(*argv,"-naccept") == 0) { if (--argc < 1) goto bad; @@ -1543,6 +1569,11 @@ bad: goto end; } + if (unix_path && (socket_type != SOCK_STREAM)) + { + BIO_printf(bio_err, "Can't use unix sockets and datagrams together\n"); + goto end; + } #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) { @@ -2105,11 +2136,19 @@ bad: BIO_printf(bio_s_out,"ACCEPT\n"); (void)BIO_flush(bio_s_out); if (rev) - do_server(port,socket_type,&accept_socket,rev_body, context, naccept); + server_cb = rev_body; else if (www) - do_server(port,socket_type,&accept_socket,www_body, context, naccept); + server_cb = www_body; + else + server_cb = sv_body; + if (unix_path) + { + if (unlink_unix_path) + unlink(unix_path); + do_server_unix(unix_path,&accept_socket,server_cb, context, naccept); + } else - do_server(port,socket_type,&accept_socket,sv_body, context, naccept); + do_server(port,socket_type,&accept_socket,server_cb, context, naccept); print_stats(bio_s_out,ctx); ret=0; end: