From: Dr. Stephen Henson <steve@openssl.org>
Date: Tue, 15 Jul 2014 11:22:49 +0000 (+0100)
Subject: Don't allow -www etc options with DTLS.
X-Git-Tag: OpenSSL_1_0_0n~25
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=ed1de3810d9bffe06fb26c93eb99cde79d4f50fe;p=oweals%2Fopenssl.git

Don't allow -www etc options with DTLS.

The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.

PR#3453
(cherry picked from commit 58a2aaeade8bdecd0f9f0df41927f7cff3012547)
---

diff --git a/apps/s_server.c b/apps/s_server.c
index ef62f017cb..f25f530d60 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1215,6 +1215,14 @@ bad:
 		sv_usage();
 		goto end;
 		}
+#ifndef OPENSSL_NO_DTLS1
+	if (www && socket_type == SOCK_DGRAM)
+		{
+		BIO_printf(bio_err,
+				"Can't use -HTTP, -www or -WWW with DTLS\n");
+		goto end;
+		}
+#endif
 
 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
 	if (jpake_secret)