#include <string.h>
#include <stdint.h>
#include <errno.h>
+#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
*
* The macros below define which chain is selected. This impacts the list
* of supported cipher suites.
+ *
+ * Other macros, which can be defined (with a non-zero value):
+ *
+ * SERVER_PROFILE_MIN_FS
+ * Select a "minimal" profile with forward security (ECDHE cipher
+ * suite).
+ *
+ * SERVER_PROFILE_MIN_NOFS
+ * Select a "minimal" profile without forward security (RSA or ECDH
+ * cipher suite, but not ECDHE).
+ *
+ * SERVER_CHACHA20
+ * If SERVER_PROFILE_MIN_FS is selected, then this macro selects
+ * a cipher suite with ChaCha20+Poly1305; otherwise, AES/GCM is
+ * used. This macro has no effect otherwise, since there is no
+ * non-forward secure cipher suite that uses ChaCha20+Poly1305.
*/
#if !(SERVER_RSA || SERVER_EC || SERVER_MIXED)
tmp, sizeof tmp);
break;
case AF_INET6:
- name = inet_ntop(AF_INET,
- &((struct sockaddr_in *)&sa)->sin_addr,
+ name = inet_ntop(AF_INET6,
+ &((struct sockaddr_in6 *)&sa)->sin6_addr,
tmp, sizeof tmp);
break;
}
}
port = argv[1];
+ /*
+ * Ignore SIGPIPE to avoid crashing in case of abrupt socket close.
+ */
+ signal(SIGPIPE, SIG_IGN);
+
/*
* Open the server socket.
*/
*/
#if SERVER_RSA
#if SERVER_PROFILE_MIN_FS
+#if SERVER_CHACHA20
+ br_ssl_server_init_mine2c(&sc, CHAIN, CHAIN_LEN, &SKEY);
+#else
br_ssl_server_init_mine2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
+#endif
#elif SERVER_PROFILE_MIN_NOFS
br_ssl_server_init_minr2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
#else
#endif
#elif SERVER_EC
#if SERVER_PROFILE_MIN_FS
+#if SERVER_CHACHA20
+ br_ssl_server_init_minf2c(&sc, CHAIN, CHAIN_LEN, &SKEY);
+#else
br_ssl_server_init_minf2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
+#endif
#elif SERVER_PROFILE_MIN_NOFS
br_ssl_server_init_minv2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
#else
#endif
#else /* SERVER_MIXED */
#if SERVER_PROFILE_MIN_FS
+#if SERVER_CHACHA20
+ br_ssl_server_init_minf2c(&sc, CHAIN, CHAIN_LEN, &SKEY);
+#else
br_ssl_server_init_minf2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
+#endif
#elif SERVER_PROFILE_MIN_NOFS
br_ssl_server_init_minu2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
#else