On Sep 9, 2009, at 2:23 PM, Stephen Henson via RT wrote: >> [seggelm...@fh-muenster.de - Wed Sep 09 08:49:17 2009]: >> >> >> On Sep 8, 2009, at 8:26 PM, Robin Seggelmann via RT wrote: >> >> >> Here's an updated version of the patch: >> > [snipped] > > This doesn't compile cleanly, patches should compile without any > warnings. > > In this case there are warnings about an implicit declaration of > dtls1_listen(). Just adding a prototype ssl_locl.h is not sufficient > because it needs the definition of struct sockaddr too.
Sorry, I only compiled it on Mac OS X and it works there. Compiling on
FreeBSD 8.0 helped to reproduce the warnings, so here is a new
version. Actually, dtls1_listen() doesn't need to be defined in
ssl_locl.h because it's only used inside d1_lib.c and nowhere else. It
was implicit because its declaration was after it is called in
dtls1_ctrl(), so adding a declaration at the top of the file solves
the problem and there are no warnings left. If you still get warnings
for a missing declaration of struct sockaddr, please try to add
"include <sys/socket.h>".
- Robin
--- ssl/d1_lib.c 12 Aug 2009 17:30:36 -0000 1.16
+++ ssl/d1_lib.c 3 Sep 2009 09:59:22 -0000
@@ -68,6 +68,7 @@
static void get_current_time(struct timeval *t);
const char dtls1_version_str[]="DTLSv1" OPENSSL_VERSION_PTEXT;
+int dtls1_listen(SSL *s, struct sockaddr *client);
SSL3_ENC_METHOD DTLSv1_enc_data={
dtls1_enc,
@@ -203,6 +203,9 @@
case DTLS_CTRL_HANDLE_TIMEOUT:
ret = dtls1_handle_timeout(s);
break;
+ case DTLS_CTRL_LISTEN:
+ ret = dtls1_listen(s, parg);
+ break;
default:
ret = ssl3_ctrl(s, cmd, larg, parg);
@@ -364,3 +367,17 @@
gettimeofday(t, NULL);
#endif
}
+
+int dtls1_listen(SSL *s, struct sockaddr *client)
+ {
+ int ret;
+
+ SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
+ s->d1->listen = 1;
+
+ ret = SSL_accept(s);
+ if (ret <= 0) return ret;
+
+ (void) BIO_dgram_get_peer(SSL_get_rbio(s), client);
+ return 1;
+ }
--- ssl/d1_srvr.c 5 Jun 2009 14:59:26 -0000 1.25
+++ ssl/d1_srvr.c 3 Sep 2009 09:59:22 -0000
@@ -279,6 +279,15 @@
s->state = SSL3_ST_SW_SRVR_HELLO_A;
s->init_num=0;
+
+ /* If we're just listening, stop here */
+ if (s->d1->listen && s->state ==
SSL3_ST_SW_SRVR_HELLO_A)
+ {
+ ret = 2;
+ s->d1->listen = 0;
+ goto end;
+ }
+
break;
case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
--- ssl/dtls1.h 17 Jun 2009 11:37:44 -0000 1.21
+++ ssl/dtls1.h 3 Sep 2009 09:59:22 -0000
@@ -212,6 +212,9 @@
*/
record_pqueue buffered_app_data;
+ /* Is set when listening for new connections with dtls1_listen() */
+ unsigned int listen;
+
unsigned int mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
--- ssl/ssl.h 26 Aug 2009 11:51:57 -0000 1.231
+++ ssl/ssl.h 3 Sep 2009 09:59:22 -0000
@@ -1398,11 +1398,14 @@
#define DTLS_CTRL_GET_TIMEOUT 73
#define DTLS_CTRL_HANDLE_TIMEOUT 74
+#define DTLS_CTRL_LISTEN 75
#define DTLSv1_get_timeout(ssl, arg) \
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
#define DTLSv1_handle_timeout(ssl) \
SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+#define DTLSv1_listen(ssl, peer) \
+ SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
#define SSL_session_reused(ssl) \
SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
dtls-listen.patch
Description: Binary data
