X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Fserver.c;h=c6978cf86fe960b825a3c3bc9cf634c196aaac5c;hp=05729281596ef6c0cba8d99959538b59a793227c;hb=3b044d4296b1dffa5586658e152e1c7bd8144410;hpb=bab0f8639cb1e97c584e7751fd7d017e0e24da63 diff --git a/tools/server.c b/tools/server.c index 0572928..c6978cf 100644 --- a/tools/server.c +++ b/tools/server.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include @@ -62,7 +63,6 @@ host_bind(const char *host, const char *port, int verbose) struct sockaddr_in6 sa6; size_t sa_len; void *addr; - char tmp[INET6_ADDRSTRLEN + 50]; int opt; sa = (struct sockaddr *)p->ai_addr; @@ -86,13 +86,19 @@ host_bind(const char *host, const char *port, int verbose) addr = NULL; sa_len = p->ai_addrlen; } - if (addr != NULL) { - inet_ntop(p->ai_family, addr, tmp, sizeof tmp); - } else { - sprintf(tmp, "", - (int)sa->sa_family); - } if (verbose) { + char tmp[INET6_ADDRSTRLEN + 50]; + + if (addr != NULL) { + if (!inet_ntop(p->ai_family, addr, + tmp, sizeof tmp)) + { + strcpy(tmp, ""); + } + } else { + sprintf(tmp, "", + (int)sa->sa_family); + } fprintf(stderr, "binding to: %s\n", tmp); } fd = socket(p->ai_family, p->ai_socktype, p->ai_protocol); @@ -161,8 +167,8 @@ accept_client(int server_fd, int verbose) tmp, sizeof tmp); break; case AF_INET6: - name = inet_ntop(AF_INET, - &((struct sockaddr_in *)&sa)->sin_addr, + name = inet_ntop(AF_INET6, + &((struct sockaddr_in6 *)&sa)->sin6_addr, tmp, sizeof tmp); break; } @@ -328,6 +334,9 @@ sp_choose(const br_ssl_server_policy_class **pctx, case BR_SSLKEYX_ECDHE_RSA: if (pc->sk->key_type == BR_KEYTYPE_RSA) { choices->cipher_suite = st[u][0]; + if (cc->eng.session.version < BR_TLS12) { + hash_id = 0; + } choices->hash_id = hash_id; goto choose_ok; } @@ -335,6 +344,9 @@ sp_choose(const br_ssl_server_policy_class **pctx, case BR_SSLKEYX_ECDHE_ECDSA: if (pc->sk->key_type == BR_KEYTYPE_EC) { choices->cipher_suite = st[u][0]; + if (cc->eng.session.version < BR_TLS12) { + hash_id = br_sha1_ID; + } choices->hash_id = hash_id; goto choose_ok; } @@ -637,7 +649,11 @@ do_server(int argc, char *argv[]) usage_server(); goto server_exit_error; } - iobuf_len = strtoul(arg, 0, 10); + iobuf_len = parse_size(arg); + if (iobuf_len == (size_t)-1) { + usage_server(); + goto server_exit_error; + } } else if (eqstr(arg, "-cache")) { if (++ i >= argc) { fprintf(stderr, @@ -652,7 +668,11 @@ do_server(int argc, char *argv[]) usage_server(); goto server_exit_error; } - cache_len = strtoul(arg, 0, 10); + cache_len = parse_size(arg); + if (cache_len == (size_t)-1) { + usage_server(); + goto server_exit_error; + } } else if (eqstr(arg, "-cert")) { if (++ i >= argc) { fprintf(stderr, @@ -991,6 +1011,11 @@ do_server(int argc, char *argv[]) br_ssl_engine_set_buffer(&cc.eng, iobuf, iobuf_len, bidi); + /* + * We need to ignore SIGPIPE. + */ + signal(SIGPIPE, SIG_IGN); + /* * Open the server socket. */ @@ -1036,9 +1061,7 @@ server_exit: } xfree(chain); } - if (sk != NULL) { - free_private_key(sk); - } + free_private_key(sk); xfree(iobuf); xfree(cache); if (fd >= 0) {