Skip to content
  1. Sep 23, 2015
    • Matt Caswell's avatar
      Clarify DTLSv1_listen documentation · 468f043e
      Matt Caswell authored
      
      
      Clarify that user code is required to allocate sufficient space for the
      addressing scheme in use in the call to DTLSv1_listen.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      468f043e
    • Matt Caswell's avatar
      Fix s_server DTLSv1_listen issues · d8249e99
      Matt Caswell authored
      
      
      Use sockaddr_storage not sockaddr for the client IP address to allow for
      IPv6.
      Also fixed a section of code which was conditional on OPENSSL_NO_DTLS1
      which should not have been.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      d8249e99
    • Matt Caswell's avatar
      Add DTLSv1_listen documentation · ca7256fb
      Matt Caswell authored
      
      
      Adds a new man page to cover the DTLSv1_listen() function.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      ca7256fb
    • Matt Caswell's avatar
      Add -listen documentation · 35d15a39
      Matt Caswell authored
      
      
      This commit adds documentation for the new -listen option to s_server. Along
      the way it also adds documentation for -dtls, -dtls1 and -dtls1_2 which was
      missing.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      35d15a39
    • Matt Caswell's avatar
      Add support for DTLSv1_listen in s_server · fd4e98ec
      Matt Caswell authored
      
      
      DTLSv1_listen is a commonly used function within DTLS solutions for
      listening for new incoming connections. This commit adds support to s_server
      for using it.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      fd4e98ec
    • Matt Caswell's avatar
      Remove remaining old listen code · 912c89c5
      Matt Caswell authored
      
      
      The old implementation of DTLSv1_listen which has now been replaced still
      had a few vestiges scattered throughout the code. This commit removes them.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      912c89c5
    • Matt Caswell's avatar
      DTLSv1_listen rewrite · e3d0dae7
      Matt Caswell authored
      
      
      The existing implementation of DTLSv1_listen() is fundamentally flawed. This
      function is used in DTLS solutions to listen for new incoming connections
      from DTLS clients. A client will send an initial ClientHello. The server
      will respond with a HelloVerifyRequest containing a unique cookie. The
      client the responds with a second ClientHello - which this time contains the
      cookie.
      
      Once the cookie has been verified then DTLSv1_listen() returns to user code,
      which is typically expected to continue the handshake with a call to (for
      example) SSL_accept().
      
      Whilst listening for incoming ClientHellos, the underlying BIO is usually in
      an unconnected state. Therefore ClientHellos can come in from *any* peer.
      The arrival of the first ClientHello without the cookie, and the second one
      with it, could be interspersed with other intervening messages from
      different clients.
      
      The whole purpose of this mechanism is as a defence against DoS attacks. The
      idea is to avoid allocating state on the server until the client has
      verified that it is capable of receiving messages at the address it claims
      to come from. However the existing DTLSv1_listen() implementation completely
      fails to do this. It attempts to super-impose itself on the standard state
      machine and reuses all of this code. However the standard state machine
      expects to operate in a stateful manner with a single client, and this can
      cause various problems.
      
      A second more minor issue is that the return codes from this function are
      quite confused, with no distinction made between fatal and non-fatal errors.
      Most user code treats all errors as non-fatal, and simply retries the call
      to DTLSv1_listen().
      
      This commit completely rewrites the implementation of DTLSv1_listen() and
      provides a stand alone implementation that does not rely on the existing
      state machine. It also provides more consistent return codes.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      e3d0dae7
    • Matt Caswell's avatar
      Add BIO_CTRL_DGRAM_SET_PEEK_MODE · 01b7851a
      Matt Caswell authored
      
      
      Add the ability to peek at a message from the DTLS read BIO. This is needed
      for the DTLSv1_listen rewrite.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      01b7851a
  2. Sep 22, 2015