xref: /openbsd/regress/usr.sbin/syslogd/Server.pm (revision 15bf65a9) 
1*15bf65a9Sbluhm#	$OpenBSD: Server.pm,v 1.9 2016/09/21 12:01:17 bluhm Exp $
21f53c19fSbluhm
36d1e9c8eSbluhm# Copyright (c) 2010-2015 Alexander Bluhm <bluhm@openbsd.org>
41f53c19fSbluhm#
51f53c19fSbluhm# Permission to use, copy, modify, and distribute this software for any
61f53c19fSbluhm# purpose with or without fee is hereby granted, provided that the above
71f53c19fSbluhm# copyright notice and this permission notice appear in all copies.
81f53c19fSbluhm#
91f53c19fSbluhm# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
101f53c19fSbluhm# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
111f53c19fSbluhm# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
121f53c19fSbluhm# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
131f53c19fSbluhm# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
141f53c19fSbluhm# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
151f53c19fSbluhm# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
161f53c19fSbluhm
171f53c19fSbluhmuse strict;
181f53c19fSbluhmuse warnings;
191f53c19fSbluhm
201f53c19fSbluhmpackage Server;
211f53c19fSbluhmuse parent 'Proc';
221f53c19fSbluhmuse Carp;
231f53c19fSbluhmuse Socket;
241f53c19fSbluhmuse Socket6;
251f53c19fSbluhmuse IO::Socket;
261f53c19fSbluhmuse IO::Socket::INET6;
271f53c19fSbluhmuse IO::Socket::SSL;
281f53c19fSbluhm
291f53c19fSbluhmsub new {
301f53c19fSbluhm	my $class = shift;
311f53c19fSbluhm	my %args = @_;
321f53c19fSbluhm	$args{ktracefile} ||= "server.ktrace";
331f53c19fSbluhm	$args{logfile} ||= "server.log";
341f53c19fSbluhm	$args{up} ||= "Accepted";
351f53c19fSbluhm	my $self = Proc::new($class, %args);
36a0156d40Sbluhm	$self->{listenproto} ||= "udp";
3773e391cdSbluhm	defined($self->{listendomain})
381f53c19fSbluhm	    or croak "$class listen domain not given";
396d1e9c8eSbluhm	return $self->listen();
406d1e9c8eSbluhm}
416d1e9c8eSbluhm
426d1e9c8eSbluhmsub listen {
436d1e9c8eSbluhm	my $self = shift;
441f53c19fSbluhm	$SSL_ERROR = "";
45a0156d40Sbluhm	my $iosocket = $self->{listenproto} eq "tls" ?
461f53c19fSbluhm	    "IO::Socket::SSL" : "IO::Socket::INET6";
47a0156d40Sbluhm	my $proto = $self->{listenproto};
481f53c19fSbluhm	$proto = "tcp" if $proto eq "tls";
491f53c19fSbluhm	my $ls = $iosocket->new(
501f53c19fSbluhm	    Proto		=> $proto,
511f53c19fSbluhm	    ReuseAddr		=> 1,
521f53c19fSbluhm	    Domain		=> $self->{listendomain},
531f53c19fSbluhm	    $self->{listenaddr}	? (LocalAddr => $self->{listenaddr}) : (),
541f53c19fSbluhm	    $self->{listenport}	? (LocalPort => $self->{listenport}) : (),
552bccb94aSbluhm	    SSL_key_file	=> "server.key",
562bccb94aSbluhm	    SSL_cert_file	=> "server.crt",
57*15bf65a9Sbluhm	    SSL_ca_file		=> ($self->{sslca} || "ca.crt"),
58*15bf65a9Sbluhm	    SSL_verify_mode     => ($self->{sslca} ?
59*15bf65a9Sbluhm		SSL_VERIFY_PEER : SSL_VERIFY_NONE),
60*15bf65a9Sbluhm	    $self->{sslca}	? (SSL_verifycn_scheme => "none") : (),
61dbe795f4Sbluhm	    $self->{sslversion}	? (SSL_version => $self->{sslversion}) : (),
62dbe795f4Sbluhm	    $self->{sslciphers}	? (SSL_cipher_list => $self->{sslciphers}) : (),
63ef01d180Sbluhm	) or die ref($self), " $iosocket socket failed: $!,$SSL_ERROR";
642bccb94aSbluhm	if ($self->{listenproto} ne "udp") {
651f53c19fSbluhm		listen($ls, 1)
66ef01d180Sbluhm		    or die ref($self), " socket listen failed: $!";
671f53c19fSbluhm	}
681f53c19fSbluhm	my $log = $self->{log};
691f53c19fSbluhm	print $log "listen sock: ",$ls->sockhost()," ",$ls->sockport(),"\n";
701f53c19fSbluhm	$self->{listenaddr} = $ls->sockhost() unless $self->{listenaddr};
711f53c19fSbluhm	$self->{listenport} = $ls->sockport() unless $self->{listenport};
721f53c19fSbluhm	$self->{ls} = $ls;
731f53c19fSbluhm	return $self;
741f53c19fSbluhm}
751f53c19fSbluhm
766d1e9c8eSbluhmsub close {
776d1e9c8eSbluhm	my $self = shift;
786d1e9c8eSbluhm	$self->{ls}->close()
796d1e9c8eSbluhm	    or die ref($self)," ",ref($self->{ls}),
806d1e9c8eSbluhm	    " socket close failed: $!,$SSL_ERROR";
816d1e9c8eSbluhm	delete $self->{ls};
826d1e9c8eSbluhm	return $self;
836d1e9c8eSbluhm}
846d1e9c8eSbluhm
856d1e9c8eSbluhmsub run {
866d1e9c8eSbluhm	my $self = shift;
876d1e9c8eSbluhm	Proc::run($self, @_);
886d1e9c8eSbluhm	return $self->close();
896d1e9c8eSbluhm}
906d1e9c8eSbluhm
911f53c19fSbluhmsub child {
921f53c19fSbluhm	my $self = shift;
931f53c19fSbluhm
941f53c19fSbluhm	my $as = $self->{ls};
95a0156d40Sbluhm	if ($self->{listenproto} ne "udp") {
961f53c19fSbluhm		$as = $self->{ls}->accept()
972bccb94aSbluhm		    or die ref($self)," ",ref($self->{ls}),
982bccb94aSbluhm		    " socket accept failed: $!,$SSL_ERROR";
991f53c19fSbluhm		print STDERR "accept sock: ",$as->sockhost()," ",
1001f53c19fSbluhm		    $as->sockport(),"\n";
1011f53c19fSbluhm		print STDERR "accept peer: ",$as->peerhost()," ",
1021f53c19fSbluhm		    $as->peerport(),"\n";
1031f53c19fSbluhm	}
104dbe795f4Sbluhm	if ($self->{listenproto} eq "tls") {
105dbe795f4Sbluhm		print STDERR "ssl version: ",$as->get_sslversion(),"\n";
106dbe795f4Sbluhm		print STDERR "ssl cipher: ",$as->get_cipher(),"\n";
107476918efSbluhm		print STDERR "ssl subject: ", $as->peer_certificate("subject")
108*15bf65a9Sbluhm		    ,"\n" if $self->{sslca};
109dbe795f4Sbluhm	}
1101f53c19fSbluhm
1111f53c19fSbluhm	*STDIN = *STDOUT = $self->{as} = $as;
1121f53c19fSbluhm}
1131f53c19fSbluhm
1141f53c19fSbluhm1;
115