X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_server.c;h=29ed59863871741b0b8e58724b650800d8c0a3bb;hb=2006dd12d693499ecbf532748ecbb819868f6951;hp=044d4c448d2c4396503e20275b8a60450b763893;hpb=af57d843124672a9053a4da60ad7f9b6d4324a5a;p=oweals%2Fopenssl.git diff --git a/apps/s_server.c b/apps/s_server.c index 044d4c448d..29ed598638 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -83,6 +83,7 @@ typedef unsigned int u_int; #include #include #include +#include #include "s_apps.h" #ifdef WINDOWS @@ -242,6 +243,7 @@ static void sv_usage(void) BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); BIO_printf(bio_err," -WWW - Respond to a 'GET / HTTP/1.0' with file ./\n"); + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); } static int local_argc=0; @@ -285,7 +287,7 @@ static int ebcdic_new(BIO *bi) { EBCDIC_OUTBUFF *wbuf; - wbuf = (EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + 1024); + wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); wbuf->alloced = 1024; wbuf->buff[0] = '\0'; @@ -299,7 +301,7 @@ static int ebcdic_free(BIO *a) { if (a == NULL) return(0); if (a->ptr != NULL) - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; @@ -336,8 +338,8 @@ static int ebcdic_write(BIO *b, char *in, int inl) num = num + num; /* double the size */ if (num < inl) num = inl; - Free(wbuf); - wbuf=(EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + num); + OPENSSL_free(wbuf); + wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); wbuf->alloced = num; wbuf->buff[0] = '\0'; @@ -397,6 +399,8 @@ static int ebcdic_puts(BIO *bp, char *str) } #endif +int MAIN(int, char **); + int MAIN(int argc, char *argv[]) { short port=PORT; @@ -409,6 +413,7 @@ int MAIN(int argc, char *argv[]) int no_tmp_rsa=0,no_dhe=0,nocert=0; int state=0; SSL_METHOD *meth=NULL; + char *inrand=NULL; #ifndef NO_DH DH *dh=NULL; #endif @@ -563,6 +568,11 @@ int MAIN(int argc, char *argv[]) else if (strcmp(*argv,"-tls1") == 0) { meth=TLSv1_server_method(); } #endif + else if (strcmp(*argv,"-rand") == 0) + { + if (--argc < 1) goto bad; + inrand= *(++argv); + } else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -579,7 +589,14 @@ bad: goto end; } - app_RAND_load_file(NULL, bio_err, 0); + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL + && !RAND_status()) + { + BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); + } + if (inrand != NULL) + BIO_printf(bio_err,"%ld semi-random bytes loaded\n", + app_RAND_load_files(inrand)); if (bio_s_out == NULL) { @@ -674,7 +691,8 @@ bad: #ifndef NO_RSA #if 1 - SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); + if (!no_tmp_rsa) + SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); #else if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) { @@ -764,7 +782,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) struct timeval tv; #endif - if ((buf=Malloc(bufsize)) == NULL) + if ((buf=OPENSSL_malloc(bufsize)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto err; @@ -811,33 +829,47 @@ static int sv_body(char *hostname, int s, unsigned char *context) width=s+1; for (;;) { - FD_ZERO(&readfds); + int read_from_terminal; + int read_from_sslcon; + + read_from_terminal = 0; + read_from_sslcon = SSL_pending(con); + + if (!read_from_sslcon) + { + FD_ZERO(&readfds); #ifndef WINDOWS - FD_SET(fileno(stdin),&readfds); + FD_SET(fileno(stdin),&readfds); #endif - FD_SET(s,&readfds); - /* Note: under VMS with SOCKETSHR the second parameter is - * currently of type (int *) whereas under other systems - * it is (void *) if you don't have a cast it will choke - * the compiler: if you do have a cast then you can either - * go for (int *) or (void *). - */ + FD_SET(s,&readfds); + /* Note: under VMS with SOCKETSHR the second parameter is + * currently of type (int *) whereas under other systems + * it is (void *) if you don't have a cast it will choke + * the compiler: if you do have a cast then you can either + * go for (int *) or (void *). + */ #ifdef WINDOWS - /* Under Windows we can't select on stdin: only - * on sockets. As a workaround we timeout the select every - * second and check for any keypress. In a proper Windows - * application we wouldn't do this because it is inefficient. - */ - tv.tv_sec = 1; - tv.tv_usec = 0; - i=select(width,(void *)&readfds,NULL,NULL,&tv); - if((i < 0) || (!i && !_kbhit() ) )continue; - if(_kbhit()) + /* Under Windows we can't select on stdin: only + * on sockets. As a workaround we timeout the select every + * second and check for any keypress. In a proper Windows + * application we wouldn't do this because it is inefficient. + */ + tv.tv_sec = 1; + tv.tv_usec = 0; + i=select(width,(void *)&readfds,NULL,NULL,&tv); + if((i < 0) || (!i && !_kbhit() ) )continue; + if(_kbhit()) + read_from_terminal = 1; #else - i=select(width,(void *)&readfds,NULL,NULL,NULL); - if (i <= 0) continue; - if (FD_ISSET(fileno(stdin),&readfds)) + i=select(width,(void *)&readfds,NULL,NULL,NULL); + if (i <= 0) continue; + if (FD_ISSET(fileno(stdin),&readfds)) + read_from_terminal = 1; #endif + if (FD_ISSET(s,&readfds)) + read_from_sslcon = 1; + } + if (read_from_terminal) { if (s_crlf) { @@ -950,7 +982,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (i <= 0) break; } } - if (FD_ISSET(s,&readfds)) + if (read_from_sslcon) { if (!SSL_is_init_finished(con)) { @@ -1012,7 +1044,7 @@ err: if (buf != NULL) { memset(buf,0,bufsize); - Free(buf); + OPENSSL_free(buf); } if (ret >= 0) BIO_printf(bio_s_out,"ACCEPT\n"); @@ -1129,7 +1161,7 @@ static int www_body(char *hostname, int s, unsigned char *context) BIO *io,*ssl_bio,*sbio; long total_bytes; - buf=Malloc(bufsize); + buf=OPENSSL_malloc(bufsize); if (buf == NULL) return(0); io=BIO_new(BIO_f_buffer()); ssl_bio=BIO_new(BIO_f_ssl()); @@ -1458,7 +1490,7 @@ err: if (ret >= 0) BIO_printf(bio_s_out,"ACCEPT\n"); - if (buf != NULL) Free(buf); + if (buf != NULL) OPENSSL_free(buf); if (io != NULL) BIO_free_all(io); /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ return(ret);