Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
b1277b99
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
b1277b99
编写于
19年前
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
C style fix-up
上级
ed3883d2
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
128 addition
and
101 deletion
+128
-101
CHANGES
CHANGES
+13
-0
apps/s_client.c
apps/s_client.c
+24
-19
apps/s_server.c
apps/s_server.c
+91
-82
未找到文件。
CHANGES
浏览文件 @
b1277b99
...
...
@@ -4,6 +4,19 @@
Changes between 0.9.8a and 0.9.9 [xx XXX xxxx]
*) Add support for TLS extensions, specifically for the HostName extension.
The SSL_SESSION, SSL_CTX, and SSL data structures now have new members
for HostName support.
openssl s_client has a new '-servername' option.
openssl s_server has new options '-servername', '-cert2', and '-key2';
this allows testing the HostName extension for a specific single
host name ('-cert' and '-key' remain fallbacks for handshakes without
HostName negotiation).
[Peter Sylvester]
*) Whirlpool hash implementation is added.
[Andy Polyakov]
...
...
This diff is collapsed.
Click to expand it.
apps/s_client.c
浏览文件 @
b1277b99
...
...
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-200
1
The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-200
6
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -236,7 +236,8 @@ typedef struct tlsextctx_st {
}
tlsextctx
;
static
int
MS_CALLBACK
ssl_servername_cb
(
SSL
*
s
,
int
*
ad
,
void
*
arg
)
{
static
int
MS_CALLBACK
ssl_servername_cb
(
SSL
*
s
,
int
*
ad
,
void
*
arg
)
{
tlsextctx
*
p
=
(
tlsextctx
*
)
arg
;
const
unsigned
char
*
hn
=
SSL_get_servername
(
s
,
TLSEXT_TYPE_SERVER_host
);
if
(
SSL_get_servername_type
(
s
)
!=
-
1
)
...
...
@@ -245,7 +246,7 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) {
BIO_printf
(
bio_err
,
"SSL_get_tlsext_hostname does not work
\n
"
);
return
SSL_ERROR_NONE
;
}
}
#endif
int
MAIN
(
int
,
char
**
);
...
...
@@ -277,7 +278,7 @@ int MAIN(int argc, char **argv)
int
starttls_proto
=
0
;
int
prexit
=
0
,
vflags
=
0
;
const
SSL_METHOD
*
meth
=
NULL
;
int
socket
T
ype
=
SOCK_STREAM
;
int
socket
_t
ype
=
SOCK_STREAM
;
BIO
*
sbio
;
char
*
inrand
=
NULL
;
#ifndef OPENSSL_NO_ENGINE
...
...
@@ -296,7 +297,7 @@ int MAIN(int argc, char **argv)
struct
sockaddr
peer
;
int
peerlen
=
sizeof
(
peer
);
int
enable_timeouts
=
0
;
long
mtu
=
0
;
long
socket_
mtu
=
0
;
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth
=
SSLv23_client_method
();
...
...
@@ -419,14 +420,14 @@ int MAIN(int argc, char **argv)
else
if
(
strcmp
(
*
argv
,
"-dtls1"
)
==
0
)
{
meth
=
DTLSv1_client_method
();
socket
T
ype
=
SOCK_DGRAM
;
socket
_t
ype
=
SOCK_DGRAM
;
}
else
if
(
strcmp
(
*
argv
,
"-timeout"
)
==
0
)
enable_timeouts
=
1
;
else
if
(
strcmp
(
*
argv
,
"-mtu"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
mtu
=
atol
(
*
(
++
argv
));
socket_
mtu
=
atol
(
*
(
++
argv
));
}
#endif
else
if
(
strcmp
(
*
argv
,
"-bugs"
)
==
0
)
...
...
@@ -605,7 +606,7 @@ bad:
/* DTLS: partial reads end up discarding unread UDP bytes :-(
* Setting read ahead solves this problem.
*/
if
(
socket
T
ype
==
SOCK_DGRAM
)
SSL_CTX_set_read_ahead
(
ctx
,
1
);
if
(
socket
_t
ype
==
SOCK_DGRAM
)
SSL_CTX_set_read_ahead
(
ctx
,
1
);
if
(
state
)
SSL_CTX_set_info_callback
(
ctx
,
apps_ssl_info_callback
);
if
(
cipher
!=
NULL
)
...
...
@@ -634,22 +635,25 @@ bad:
store
=
SSL_CTX_get_cert_store
(
ctx
);
X509_STORE_set_flags
(
store
,
vflags
);
#ifndef OPENSSL_NO_TLSEXT
if
(
servername
!=
NULL
)
{
if
(
servername
!=
NULL
)
{
tlsextcbp
.
biodebug
=
bio_err
;
SSL_CTX_set_tlsext_servername_callback
(
ctx
,
ssl_servername_cb
);
SSL_CTX_set_tlsext_servername_arg
(
ctx
,
&
tlsextcbp
);
}
}
#endif
con
=
SSL_new
(
ctx
);
#ifndef OPENSSL_NO_TLSEXT
if
(
servername
!=
NULL
){
if
(
!
SSL_set_tlsext_hostname
(
con
,
servername
)){
if
(
servername
!=
NULL
)
{
if
(
!
SSL_set_tlsext_hostname
(
con
,
servername
))
{
BIO_printf
(
bio_err
,
"Unable to set TLS servername extension.
\n
"
);
ERR_print_errors
(
bio_err
);
goto
end
;
}
}
}
#endif
#ifndef OPENSSL_NO_KRB5
if
(
con
&&
(
con
->
kssl_ctx
=
kssl_ctx_new
())
!=
NULL
)
...
...
@@ -661,7 +665,7 @@ bad:
re_start:
if
(
init_client
(
&
s
,
host
,
port
,
socket
T
ype
)
==
0
)
if
(
init_client
(
&
s
,
host
,
port
,
socket
_t
ype
)
==
0
)
{
BIO_printf
(
bio_err
,
"connect:errno=%d
\n
"
,
get_last_socket_error
());
SHUTDOWN
(
s
);
...
...
@@ -698,7 +702,7 @@ re_start:
BIO_ctrl_set_connected
(
sbio
,
1
,
&
peer
);
if
(
enable_timeouts
)
if
(
enable_timeouts
)
{
timeout
.
tv_sec
=
0
;
timeout
.
tv_usec
=
DGRAM_RCV_TIMEOUT
;
...
...
@@ -709,10 +713,10 @@ re_start:
BIO_ctrl
(
sbio
,
BIO_CTRL_DGRAM_SET_SEND_TIMEOUT
,
0
,
&
timeout
);
}
if
(
mtu
>
0
)
if
(
socket_
mtu
>
0
)
{
SSL_set_options
(
con
,
SSL_OP_NO_QUERY_MTU
);
SSL_set_mtu
(
con
,
mtu
);
SSL_set_mtu
(
con
,
socket_
mtu
);
}
else
/* want to do MTU discovery */
...
...
@@ -791,9 +795,10 @@ re_start:
{
in_init
=
0
;
#ifndef OPENSSL_NO_TLSEXT
if
(
servername
!=
NULL
&&
!
SSL_session_reused
(
con
))
{
if
(
servername
!=
NULL
&&
!
SSL_session_reused
(
con
))
{
BIO_printf
(
bio_c_out
,
"Server did %sacknowledge servername extension.
\n
"
,
tlsextcbp
.
ack
?
""
:
"not "
);
}
}
#endif
print_stuff
(
bio_c_out
,
con
,
full_log
);
if
(
full_log
>
0
)
full_log
--
;
...
...
This diff is collapsed.
Click to expand it.
apps/s_server.c
浏览文件 @
b1277b99
...
...
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-200
1
The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-200
6
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -260,7 +260,7 @@ static char *engine_id=NULL;
static
const
char
*
session_id_prefix
=
NULL
;
static
int
enable_timeouts
=
0
;
static
long
socket
M
tu
;
static
long
socket
_m
tu
;
static
int
cert_chain
=
0
;
...
...
@@ -366,12 +366,11 @@ static void sv_usage(void)
BIO_printf
(
bio_err
,
" -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'
\n
"
);
BIO_printf
(
bio_err
,
" -rand file%cfile%c...
\n
"
,
LIST_SEPARATOR_CHAR
,
LIST_SEPARATOR_CHAR
);
#ifndef OPENSSL_NO_TLSEXT
BIO_printf
(
bio_err
,
" -servername host -
check TLS1 servername
\n
"
);
BIO_printf
(
bio_err
,
" -servername host -
servername for HostName TLS extension
\n
"
);
BIO_printf
(
bio_err
,
" -cert2 arg - certificate file to use for servername
\n
"
);
BIO_printf
(
bio_err
,
" (default is %s)
\n
"
,
TEST_CERT2
);
BIO_printf
(
bio_err
,
" -key2 arg - Private Key file to use for servername, in cert file if
\n
"
);
BIO_printf
(
bio_err
,
" not specified (default is %s)
\n
"
,
TEST_CERT2
);
BIO_printf
(
bio_err
,
" -servername host - check TLS1 servername
\n
"
);
#endif
}
...
...
@@ -537,24 +536,27 @@ typedef struct tlsextctx_st {
}
tlsextctx
;
static
int
MS_CALLBACK
ssl_servername_cb
(
SSL
*
s
,
int
*
ad
,
void
*
arg
)
{
static
int
MS_CALLBACK
ssl_servername_cb
(
SSL
*
s
,
int
*
ad
,
void
*
arg
)
{
tlsextctx
*
p
=
(
tlsextctx
*
)
arg
;
const
char
*
servername
=
SSL_get_servername
(
s
,
TLSEXT_TYPE_SERVER_host
);
if
(
servername
)
BIO_printf
(
p
->
biodebug
,
"Hostname in TLS extension:
\"
%s
\"\n
"
,
servername
);
if
(
!
p
->
servername
)
{
if
(
!
p
->
servername
)
{
SSL_set_tlsext_servername_done
(
s
,
2
);
return
SSL_ERROR_NONE
;
}
}
if
(
servername
)
{
if
(
servername
)
{
if
(
strcmp
(
servername
,
p
->
servername
))
return
TLS1_AD_UNRECOGNIZED_NAME
;
if
(
ctx2
)
SSL_set_SSL_CTX
(
s
,
ctx2
);
SSL_set_tlsext_servername_done
(
s
,
1
);
}
}
return
SSL_ERROR_NONE
;
}
#endif
...
...
@@ -578,7 +580,7 @@ int MAIN(int argc, char *argv[])
int
no_tmp_rsa
=
0
,
no_dhe
=
0
,
no_ecdhe
=
0
,
nocert
=
0
;
int
state
=
0
;
const
SSL_METHOD
*
meth
=
NULL
;
int
socket
T
ype
=
SOCK_STREAM
;
int
socket
_t
ype
=
SOCK_STREAM
;
#ifndef OPENSSL_NO_ENGINE
ENGINE
*
e
=
NULL
;
#endif
...
...
@@ -595,9 +597,7 @@ int MAIN(int argc, char *argv[])
#endif
#ifndef OPENSSL_NO_TLSEXT
tlsextctx
tlsextcbp
=
{
NULL
,
NULL
};
tlsextctx
tlsextcbp
=
{
NULL
,
NULL
};
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth
=
SSLv23_server_method
();
...
...
@@ -811,14 +811,14 @@ int MAIN(int argc, char *argv[])
else
if
(
strcmp
(
*
argv
,
"-dtls1"
)
==
0
)
{
meth
=
DTLSv1_server_method
();
socket
T
ype
=
SOCK_DGRAM
;
socket
_t
ype
=
SOCK_DGRAM
;
}
else
if
(
strcmp
(
*
argv
,
"-timeout"
)
==
0
)
enable_timeouts
=
1
;
else
if
(
strcmp
(
*
argv
,
"-mtu"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
socket
M
tu
=
atol
(
*
(
++
argv
));
socket
_m
tu
=
atol
(
*
(
++
argv
));
}
else
if
(
strcmp
(
*
argv
,
"-chain"
)
==
0
)
cert_chain
=
1
;
...
...
@@ -915,19 +915,19 @@ bad:
}
#ifndef OPENSSL_NO_TLSEXT
if
(
tlsextcbp
.
servername
)
if
(
tlsextcbp
.
servername
)
{
s_key2
=
load_key
(
bio_err
,
s_key_file2
,
s_key_format
,
0
,
pass
,
e
,
"second server certificate private key file"
);
"second server certificate private key file"
);
if
(
!
s_key2
)
{
ERR_print_errors
(
bio_err
);
goto
end
;
}
s_cert2
=
load_cert
(
bio_err
,
s_cert_file2
,
s_cert_format
,
NULL
,
e
,
"second server certificate file"
);
if
(
!
s_cert2
)
{
ERR_print_errors
(
bio_err
);
...
...
@@ -1029,7 +1029,7 @@ bad:
/* DTLS: partial reads end up discarding unread UDP bytes :-(
* Setting read ahead solves this problem.
*/
if
(
socket
T
ype
==
SOCK_DGRAM
)
SSL_CTX_set_read_ahead
(
ctx
,
1
);
if
(
socket
_t
ype
==
SOCK_DGRAM
)
SSL_CTX_set_read_ahead
(
ctx
,
1
);
if
(
state
)
SSL_CTX_set_info_callback
(
ctx
,
apps_ssl_info_callback
);
...
...
@@ -1058,56 +1058,59 @@ bad:
X509_STORE_set_flags
(
store
,
vflags
);
#ifndef OPENSSL_NO_TLSEXT
if
(
s_cert2
)
{
ctx2
=
SSL_CTX_new
(
meth
);
if
(
ctx2
==
NULL
)
{
ERR_print_errors
(
bio_err
);
goto
end
;
}
}
if
(
ctx2
)
{
BIO_printf
(
bio_s_out
,
"Setting secondary ctx parameters
\n
"
);
if
(
session_id_prefix
)
if
(
s_cert2
)
{
if
(
strlen
(
session_id_prefix
)
>=
32
)
BIO_printf
(
bio_err
,
"warning: id_prefix is too long, only one new session will be possible
\n
"
);
else
if
(
strlen
(
session_id_prefix
)
>=
16
)
BIO_printf
(
bio_err
,
"warning: id_prefix is too long if you use SSLv2
\n
"
);
if
(
!
SSL_CTX_set_generate_session_id
(
ctx2
,
generate_session_id
))
ctx2
=
SSL_CTX_new
(
meth
);
if
(
ctx2
==
NULL
)
{
BIO_printf
(
bio_err
,
"error setting 'id_prefix'
\n
"
);
ERR_print_errors
(
bio_err
);
goto
end
;
}
BIO_printf
(
bio_err
,
"id_prefix '%s' set.
\n
"
,
session_id_prefix
);
}
SSL_CTX_set_quiet_shutdown
(
ctx2
,
1
);
if
(
bugs
)
SSL_CTX_set_options
(
ctx2
,
SSL_OP_ALL
);
if
(
hack
)
SSL_CTX_set_options
(
ctx2
,
SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
);
SSL_CTX_set_options
(
ctx2
,
off
);
/* DTLS: partial reads end up discarding unread UDP bytes :-(
* Setting read ahead solves this problem.
*/
if
(
socketType
==
SOCK_DGRAM
)
SSL_CTX_set_read_ahead
(
ctx2
,
1
);
if
(
ctx2
)
{
BIO_printf
(
bio_s_out
,
"Setting secondary ctx parameters
\n
"
);
if
(
session_id_prefix
)
{
if
(
strlen
(
session_id_prefix
)
>=
32
)
BIO_printf
(
bio_err
,
"warning: id_prefix is too long, only one new session will be possible
\n
"
);
else
if
(
strlen
(
session_id_prefix
)
>=
16
)
BIO_printf
(
bio_err
,
"warning: id_prefix is too long if you use SSLv2
\n
"
);
if
(
!
SSL_CTX_set_generate_session_id
(
ctx2
,
generate_session_id
))
{
BIO_printf
(
bio_err
,
"error setting 'id_prefix'
\n
"
);
ERR_print_errors
(
bio_err
);
goto
end
;
}
BIO_printf
(
bio_err
,
"id_prefix '%s' set.
\n
"
,
session_id_prefix
);
}
SSL_CTX_set_quiet_shutdown
(
ctx2
,
1
);
if
(
bugs
)
SSL_CTX_set_options
(
ctx2
,
SSL_OP_ALL
);
if
(
hack
)
SSL_CTX_set_options
(
ctx2
,
SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
);
SSL_CTX_set_options
(
ctx2
,
off
);
/* DTLS: partial reads end up discarding unread UDP bytes :-(
* Setting read ahead solves this problem.
*/
if
(
socket_type
==
SOCK_DGRAM
)
SSL_CTX_set_read_ahead
(
ctx2
,
1
);
if
(
state
)
SSL_CTX_set_info_callback
(
ctx2
,
apps_ssl_info_callback
);
if
(
state
)
SSL_CTX_set_info_callback
(
ctx2
,
apps_ssl_info_callback
);
SSL_CTX_sess_set_cache_size
(
ctx2
,
128
);
SSL_CTX_sess_set_cache_size
(
ctx2
,
128
);
if
((
!
SSL_CTX_load_verify_locations
(
ctx2
,
CAfile
,
CApath
))
||
(
!
SSL_CTX_set_default_verify_paths
(
ctx2
)))
{
if
((
!
SSL_CTX_load_verify_locations
(
ctx2
,
CAfile
,
CApath
))
||
(
!
SSL_CTX_set_default_verify_paths
(
ctx2
)))
{
ERR_print_errors
(
bio_err
);
}
store
=
SSL_CTX_get_cert_store
(
ctx2
);
X509_STORE_set_flags
(
store
,
vflags
);
}
store
=
SSL_CTX_get_cert_store
(
ctx2
);
X509_STORE_set_flags
(
store
,
vflags
);
}
#endif
#ifndef OPENSSL_NO_DH
if
(
!
no_dhe
)
{
...
...
@@ -1131,20 +1134,22 @@ bad:
SSL_CTX_set_tmp_dh
(
ctx
,
dh
);
#ifndef OPENSSL_NO_TLSEXT
if
(
ctx2
)
{
if
(
!
dhfile
)
{
if
(
ctx2
)
{
if
(
!
dhfile
)
{
DH
*
dh2
=
load_dh_param
(
s_cert_file2
);
if
(
dh2
!=
NULL
)
{
{
BIO_printf
(
bio_s_out
,
"Setting temp DH parameters
\n
"
);
(
void
)
BIO_flush
(
bio_s_out
);
DH_free
(
dh
);
dh
=
dh2
;
}
}
}
SSL_CTX_set_tmp_dh
(
ctx2
,
dh
);
}
}
#endif
DH_free
(
dh
);
}
...
...
@@ -1213,13 +1218,14 @@ bad:
#ifndef OPENSSL_NO_RSA
#if 1
if
(
!
no_tmp_rsa
)
{
if
(
!
no_tmp_rsa
)
{
SSL_CTX_set_tmp_rsa_callback
(
ctx
,
tmp_rsa_cb
);
#ifndef OPENSSL_NO_TLSEXT
if
(
ctx2
)
SSL_CTX_set_tmp_rsa_callback
(
ctx2
,
tmp_rsa_cb
);
#endif
}
}
#else
if
(
!
no_tmp_rsa
&&
SSL_CTX_need_tmp_RSA
(
ctx
))
{
...
...
@@ -1236,13 +1242,14 @@ bad:
goto
end
;
}
#ifndef OPENSSL_NO_TLSEXT
if
(
ctx2
)
{
if
(
!
SSL_CTX_set_tmp_rsa
(
ctx2
,
rsa
))
if
(
ctx2
)
{
if
(
!
SSL_CTX_set_tmp_rsa
(
ctx2
,
rsa
))
{
ERR_print_errors
(
bio_err
);
goto
end
;
}
}
}
#endif
RSA_free
(
rsa
);
BIO_printf
(
bio_s_out
,
"
\n
"
);
...
...
@@ -1257,11 +1264,12 @@ bad:
goto
end
;
}
#ifndef OPENSSL_NO_TLSEXT
if
(
ctx2
&&
!
SSL_CTX_set_cipher_list
(
ctx2
,
cipher
))
{
if
(
ctx2
&&
!
SSL_CTX_set_cipher_list
(
ctx2
,
cipher
))
{
BIO_printf
(
bio_err
,
"error setting cipher list
\n
"
);
ERR_print_errors
(
bio_err
);
goto
end
;
}
}
#endif
}
SSL_CTX_set_verify
(
ctx
,
s_server_verify
,
verify_callback
);
...
...
@@ -1269,31 +1277,33 @@ bad:
sizeof
s_server_session_id_context
);
#ifndef OPENSSL_NO_TLSEXT
if
(
ctx2
)
{
if
(
ctx2
)
{
SSL_CTX_set_verify
(
ctx2
,
s_server_verify
,
verify_callback
);
SSL_CTX_set_session_id_context
(
ctx2
,(
void
*
)
&
s_server_session_id_context
,
sizeof
s_server_session_id_context
);
}
}
tlsextcbp
.
biodebug
=
bio_s_out
;
SSL_CTX_set_tlsext_servername_callback
(
ctx2
,
ssl_servername_cb
);
SSL_CTX_set_tlsext_servername_arg
(
ctx2
,
&
tlsextcbp
);
SSL_CTX_set_tlsext_servername_callback
(
ctx
,
ssl_servername_cb
);
SSL_CTX_set_tlsext_servername_arg
(
ctx
,
&
tlsextcbp
);
#endif
if
(
CAfile
!=
NULL
)
{
SSL_CTX_set_client_CA_list
(
ctx
,
SSL_load_client_CA_file
(
CAfile
));
if
(
CAfile
!=
NULL
)
{
SSL_CTX_set_client_CA_list
(
ctx
,
SSL_load_client_CA_file
(
CAfile
));
#ifndef OPENSSL_NO_TLSEXT
if
(
ctx2
)
SSL_CTX_set_client_CA_list
(
ctx2
,
SSL_load_client_CA_file
(
CAfile
));
SSL_CTX_set_client_CA_list
(
ctx2
,
SSL_load_client_CA_file
(
CAfile
));
#endif
}
}
BIO_printf
(
bio_s_out
,
"ACCEPT
\n
"
);
if
(
www
)
do_server
(
port
,
socket
T
ype
,
&
accept_socket
,
www_body
,
context
);
do_server
(
port
,
socket
_t
ype
,
&
accept_socket
,
www_body
,
context
);
else
do_server
(
port
,
socket
T
ype
,
&
accept_socket
,
sv_body
,
context
);
do_server
(
port
,
socket
_t
ype
,
&
accept_socket
,
sv_body
,
context
);
print_stats
(
bio_s_out
,
ctx
);
ret
=
0
;
end:
...
...
@@ -1404,7 +1414,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
sbio
=
BIO_new_dgram
(
s
,
BIO_NOCLOSE
);
if
(
enable_timeouts
)
if
(
enable_timeouts
)
{
timeout
.
tv_sec
=
0
;
timeout
.
tv_usec
=
DGRAM_RCV_TIMEOUT
;
...
...
@@ -1415,11 +1425,10 @@ static int sv_body(char *hostname, int s, unsigned char *context)
BIO_ctrl
(
sbio
,
BIO_CTRL_DGRAM_SET_SEND_TIMEOUT
,
0
,
&
timeout
);
}
if
(
socketMtu
>
0
)
if
(
socket_mtu
>
0
)
{
SSL_set_options
(
con
,
SSL_OP_NO_QUERY_MTU
);
SSL_set_mtu
(
con
,
socket
M
tu
);
SSL_set_mtu
(
con
,
socket
_m
tu
);
}
else
/* want to do MTU discovery */
...
...
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
新手
引导
客服
返回
顶部