Terminate the s_server after n clients connected to it. This is
occasionally useful, matches OpenSSL's behavior and should help
simplifying regress/usr.bin/openssl/x509.
Index: openssl.1
===================================================================
RCS file: /cvs/src/usr.bin/openssl/openssl.1,v
retrieving revision 1.129
diff -u -p -r1.129 openssl.1
--- openssl.1 17 Mar 2021 18:08:32 -0000 1.129
+++ openssl.1 28 Aug 2021 17:12:59 -0000
@@ -4607,6 +4607,7 @@ will be used.
.Op Fl keymatexportlen Ar len
.Op Fl msg
.Op Fl mtu Ar mtu
+.Op Fl naccept Ar arg
.Op Fl named_curve Ar arg
.Op Fl nbio
.Op Fl nbio_test
@@ -4807,6 +4808,10 @@ Export len bytes of keying material (def
Show all protocol messages with hex dump.
.It Fl mtu Ar mtu
Set the link layer MTU.
+.It Fl naccept Ar num
+Terminate server after
+.Ar num
+connections.
.It Fl named_curve Ar arg
Specify the elliptic curve name to use for ephemeral ECDH keys.
This option is deprecated; use
Index: s_apps.h
===================================================================
RCS file: /cvs/src/usr.bin/openssl/s_apps.h,v
retrieving revision 1.5
diff -u -p -r1.5 s_apps.h
--- s_apps.h 25 Apr 2018 07:12:33 -0000 1.5
+++ s_apps.h 28 Aug 2021 17:12:59 -0000
@@ -120,7 +120,7 @@ extern int verify_return_error;
int do_server(int port, int type, int *ret,
int (*cb)(char *hostname, int s, unsigned char *context),
- unsigned char *context);
+ unsigned char *context, int naccept);
#ifdef HEADER_X509_H
int verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
Index: s_server.c
===================================================================
RCS file: /cvs/src/usr.bin/openssl/s_server.c,v
retrieving revision 1.47
diff -u -p -r1.47 s_server.c
--- s_server.c 17 Mar 2021 18:11:01 -0000 1.47
+++ s_server.c 28 Aug 2021 17:17:38 -0000
@@ -267,6 +267,7 @@ static struct {
uint16_t min_version;
const SSL_METHOD *meth;
int msg;
+ int naccept;
char *named_curve;
int nbio;
int nbio_test;
@@ -741,6 +742,13 @@ static const struct option s_server_opti
},
#endif
{
+ .name = "naccept",
+ .argname = "num",
+ .desc = "terminate after num connections",
+ .type = OPTION_ARG_INT,
+ .opt.value = &s_server_config.naccept
+ },
+ {
.name = "named_curve",
.argname = "arg",
.type = OPTION_ARG,
@@ -1084,6 +1092,7 @@ s_server_main(int argc, char *argv[])
memset(&s_server_config, 0, sizeof(s_server_config));
s_server_config.keymatexportlen = 20;
s_server_config.meth = TLS_server_method();
+ s_server_config.naccept = -1;
s_server_config.port = PORT;
s_server_config.cert_file = TEST_CERT;
s_server_config.cert_file2 = TEST_CERT2;
@@ -1465,10 +1474,12 @@ s_server_main(int argc, char *argv[])
(void) BIO_flush(bio_s_out);
if (s_server_config.www)
do_server(s_server_config.port, s_server_config.socket_type,
- &accept_socket, www_body, s_server_config.context);
+ &accept_socket, www_body, s_server_config.context,
+ s_server_config.naccept);
else
do_server(s_server_config.port, s_server_config.socket_type,
- &accept_socket, sv_body, s_server_config.context);
+ &accept_socket, sv_body, s_server_config.context,
+ s_server_config.naccept);
print_stats(bio_s_out, ctx);
ret = 0;
end:
Index: s_socket.c
===================================================================
RCS file: /cvs/src/usr.bin/openssl/s_socket.c,v
retrieving revision 1.11
diff -u -p -r1.11 s_socket.c
--- s_socket.c 28 Jun 2019 13:35:02 -0000 1.11
+++ s_socket.c 28 Aug 2021 17:12:59 -0000
@@ -132,7 +132,7 @@ init_client(int *sock, char *host, char
int
do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, unsigned char *context),
- unsigned char *context)
+ unsigned char *context, int naccept)
{
int sock;
char *name = NULL;
@@ -161,7 +161,9 @@ do_server(int port, int type, int *ret,
shutdown(sock, SHUT_RDWR);
close(sock);
}
- if (i < 0) {
+ if (naccept != -1)
+ naccept--;
+ if (i < 0 || naccept == 0) {
shutdown(accept_socket, SHUT_RDWR);
close(accept_socket);
return (i);
