update the example server and echoserver to correctly generate the DTLS cookie

2015-09-15 17:23:52 -07:00 · 2015-09-15 17:23:52 -07:00 · 329e6a6207
parent 578ea44e1e
commit 329e6a6207
3 changed files with 38 additions and 5 deletions
--- a/examples/echoserver/echoserver.c
+++ b/examples/echoserver/echoserver.c
@ -229,20 +229,33 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
        int     clientfd;
        int     firstRead = 1;
        int     gotFirstG = 0;
-
-#ifndef CYASSL_DTLS
        SOCKADDR_IN_T client;
        socklen_t     client_len = sizeof(client);
+#ifndef CYASSL_DTLS
        clientfd = accept(sockfd, (struct sockaddr*)&client,
                         (ACCEPT_THIRD_T)&client_len);
 #else
-        clientfd = udp_read_connect(sockfd);
+        clientfd = sockfd;
+        {
+            /* For DTLS, peek at the next datagram so we can get the client's
+             * address and set it into the ssl object later to generate the
+             * cookie. */
+            int n;
+            byte b[1500];
+            n = (int)recvfrom(clientfd, (char*)b, sizeof(b), MSG_PEEK,
+                              (struct sockaddr*)&client, &client_len);
+            if (n <= 0)
+                err_sys("recvfrom failed");
+        }
 #endif
        if (clientfd == -1) err_sys("tcp accept failed");

        ssl = CyaSSL_new(ctx);
        if (ssl == NULL) err_sys("SSL_new failed");
        CyaSSL_set_fd(ssl, clientfd);
+        #ifdef CYASSL_DTLS
+            wolfSSL_dtls_set_peer(ssl, &client, client_len);
+        #endif
        #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
        #elif !defined(NO_DH)
--- a/examples/server/server.c
+++ b/examples/server/server.c
@ -578,7 +578,7 @@ while (1) {  /* allow resume option */
                             (ACCEPT_THIRD_T)&client_len);
        } else {
            tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
-            clientfd = udp_read_connect(sockfd);
+            clientfd = sockfd;
        }
        #ifdef USE_WINDOWS_API
            if (clientfd == INVALID_SOCKET) err_sys("tcp accept failed");
@ -622,6 +622,24 @@ while (1) {  /* allow resume option */
    }

    SSL_set_fd(ssl, clientfd);
+#ifdef WOLFSSL_DTLS
+    if (doDTLS) {
+        SOCKADDR_IN_T cliaddr;
+        byte          b[1500];
+        int           n;
+        socklen_t     len = sizeof(cliaddr);
+
+        /* For DTLS, peek at the next datagram so we can get the client's
+         * address and set it into the ssl object later to generate the
+         * cookie. */
+        n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
+                          (struct sockaddr*)&cliaddr, &len);
+        if (n <= 0)
+            err_sys("recvfrom failed");
+
+        wolfSSL_dtls_set_peer(ssl, &cliaddr, len);
+    }
+#endif
    if (usePsk == 0 || useAnon == 1 || cipherList != NULL || needDH == 1) {
        #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
            CyaSSL_SetTmpDH_file(ssl, ourDhParam, SSL_FILETYPE_PEM);
--- a/wolfssl/test.h
+++ b/wolfssl/test.h
@ -633,6 +633,7 @@ static INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr,
 }


+#if 0
 static INLINE int udp_read_connect(SOCKET_T sockfd)
 {
    SOCKADDR_IN_T cliaddr;
@ -652,6 +653,7 @@ static INLINE int udp_read_connect(SOCKET_T sockfd)

    return sockfd;
 }
+#endif

 static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
                              int useAnyAddr, word16 port, func_args* args)
@ -706,7 +708,7 @@ static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
    ready->port = port;
 #endif

-    *clientfd = udp_read_connect(*sockfd);
+    *clientfd = *sockfd;
 }

 static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,