1*15bf65a9Sbluhm# $OpenBSD: Server.pm,v 1.9 2016/09/21 12:01:17 bluhm Exp $ 21f53c19fSbluhm 36d1e9c8eSbluhm# Copyright (c) 2010-2015 Alexander Bluhm <bluhm@openbsd.org> 41f53c19fSbluhm# 51f53c19fSbluhm# Permission to use, copy, modify, and distribute this software for any 61f53c19fSbluhm# purpose with or without fee is hereby granted, provided that the above 71f53c19fSbluhm# copyright notice and this permission notice appear in all copies. 81f53c19fSbluhm# 91f53c19fSbluhm# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 101f53c19fSbluhm# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 111f53c19fSbluhm# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 121f53c19fSbluhm# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 131f53c19fSbluhm# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 141f53c19fSbluhm# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 151f53c19fSbluhm# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 161f53c19fSbluhm 171f53c19fSbluhmuse strict; 181f53c19fSbluhmuse warnings; 191f53c19fSbluhm 201f53c19fSbluhmpackage Server; 211f53c19fSbluhmuse parent 'Proc'; 221f53c19fSbluhmuse Carp; 231f53c19fSbluhmuse Socket; 241f53c19fSbluhmuse Socket6; 251f53c19fSbluhmuse IO::Socket; 261f53c19fSbluhmuse IO::Socket::INET6; 271f53c19fSbluhmuse IO::Socket::SSL; 281f53c19fSbluhm 291f53c19fSbluhmsub new { 301f53c19fSbluhm my $class = shift; 311f53c19fSbluhm my %args = @_; 321f53c19fSbluhm $args{ktracefile} ||= "server.ktrace"; 331f53c19fSbluhm $args{logfile} ||= "server.log"; 341f53c19fSbluhm $args{up} ||= "Accepted"; 351f53c19fSbluhm my $self = Proc::new($class, %args); 36a0156d40Sbluhm $self->{listenproto} ||= "udp"; 3773e391cdSbluhm defined($self->{listendomain}) 381f53c19fSbluhm or croak "$class listen domain not given"; 396d1e9c8eSbluhm return $self->listen(); 406d1e9c8eSbluhm} 416d1e9c8eSbluhm 426d1e9c8eSbluhmsub listen { 436d1e9c8eSbluhm my $self = shift; 441f53c19fSbluhm $SSL_ERROR = ""; 45a0156d40Sbluhm my $iosocket = $self->{listenproto} eq "tls" ? 461f53c19fSbluhm "IO::Socket::SSL" : "IO::Socket::INET6"; 47a0156d40Sbluhm my $proto = $self->{listenproto}; 481f53c19fSbluhm $proto = "tcp" if $proto eq "tls"; 491f53c19fSbluhm my $ls = $iosocket->new( 501f53c19fSbluhm Proto => $proto, 511f53c19fSbluhm ReuseAddr => 1, 521f53c19fSbluhm Domain => $self->{listendomain}, 531f53c19fSbluhm $self->{listenaddr} ? (LocalAddr => $self->{listenaddr}) : (), 541f53c19fSbluhm $self->{listenport} ? (LocalPort => $self->{listenport}) : (), 552bccb94aSbluhm SSL_key_file => "server.key", 562bccb94aSbluhm SSL_cert_file => "server.crt", 57*15bf65a9Sbluhm SSL_ca_file => ($self->{sslca} || "ca.crt"), 58*15bf65a9Sbluhm SSL_verify_mode => ($self->{sslca} ? 59*15bf65a9Sbluhm SSL_VERIFY_PEER : SSL_VERIFY_NONE), 60*15bf65a9Sbluhm $self->{sslca} ? (SSL_verifycn_scheme => "none") : (), 61dbe795f4Sbluhm $self->{sslversion} ? (SSL_version => $self->{sslversion}) : (), 62dbe795f4Sbluhm $self->{sslciphers} ? (SSL_cipher_list => $self->{sslciphers}) : (), 63ef01d180Sbluhm ) or die ref($self), " $iosocket socket failed: $!,$SSL_ERROR"; 642bccb94aSbluhm if ($self->{listenproto} ne "udp") { 651f53c19fSbluhm listen($ls, 1) 66ef01d180Sbluhm or die ref($self), " socket listen failed: $!"; 671f53c19fSbluhm } 681f53c19fSbluhm my $log = $self->{log}; 691f53c19fSbluhm print $log "listen sock: ",$ls->sockhost()," ",$ls->sockport(),"\n"; 701f53c19fSbluhm $self->{listenaddr} = $ls->sockhost() unless $self->{listenaddr}; 711f53c19fSbluhm $self->{listenport} = $ls->sockport() unless $self->{listenport}; 721f53c19fSbluhm $self->{ls} = $ls; 731f53c19fSbluhm return $self; 741f53c19fSbluhm} 751f53c19fSbluhm 766d1e9c8eSbluhmsub close { 776d1e9c8eSbluhm my $self = shift; 786d1e9c8eSbluhm $self->{ls}->close() 796d1e9c8eSbluhm or die ref($self)," ",ref($self->{ls}), 806d1e9c8eSbluhm " socket close failed: $!,$SSL_ERROR"; 816d1e9c8eSbluhm delete $self->{ls}; 826d1e9c8eSbluhm return $self; 836d1e9c8eSbluhm} 846d1e9c8eSbluhm 856d1e9c8eSbluhmsub run { 866d1e9c8eSbluhm my $self = shift; 876d1e9c8eSbluhm Proc::run($self, @_); 886d1e9c8eSbluhm return $self->close(); 896d1e9c8eSbluhm} 906d1e9c8eSbluhm 911f53c19fSbluhmsub child { 921f53c19fSbluhm my $self = shift; 931f53c19fSbluhm 941f53c19fSbluhm my $as = $self->{ls}; 95a0156d40Sbluhm if ($self->{listenproto} ne "udp") { 961f53c19fSbluhm $as = $self->{ls}->accept() 972bccb94aSbluhm or die ref($self)," ",ref($self->{ls}), 982bccb94aSbluhm " socket accept failed: $!,$SSL_ERROR"; 991f53c19fSbluhm print STDERR "accept sock: ",$as->sockhost()," ", 1001f53c19fSbluhm $as->sockport(),"\n"; 1011f53c19fSbluhm print STDERR "accept peer: ",$as->peerhost()," ", 1021f53c19fSbluhm $as->peerport(),"\n"; 1031f53c19fSbluhm } 104dbe795f4Sbluhm if ($self->{listenproto} eq "tls") { 105dbe795f4Sbluhm print STDERR "ssl version: ",$as->get_sslversion(),"\n"; 106dbe795f4Sbluhm print STDERR "ssl cipher: ",$as->get_cipher(),"\n"; 107476918efSbluhm print STDERR "ssl subject: ", $as->peer_certificate("subject") 108*15bf65a9Sbluhm ,"\n" if $self->{sslca}; 109dbe795f4Sbluhm } 1101f53c19fSbluhm 1111f53c19fSbluhm *STDIN = *STDOUT = $self->{as} = $as; 1121f53c19fSbluhm} 1131f53c19fSbluhm 1141f53c19fSbluhm1; 115