1*476918efSbluhm# $OpenBSD: Server.pm,v 1.8 2016/07/12 09:57:20 bluhm Exp $ 21f53c19fSbluhm 36d1e9c8eSbluhm# Copyright (c) 2010-2015 Alexander Bluhm <bluhm@openbsd.org> 41f53c19fSbluhm# 51f53c19fSbluhm# Permission to use, copy, modify, and distribute this software for any 61f53c19fSbluhm# purpose with or without fee is hereby granted, provided that the above 71f53c19fSbluhm# copyright notice and this permission notice appear in all copies. 81f53c19fSbluhm# 91f53c19fSbluhm# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 101f53c19fSbluhm# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 111f53c19fSbluhm# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 121f53c19fSbluhm# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 131f53c19fSbluhm# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 141f53c19fSbluhm# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 151f53c19fSbluhm# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 161f53c19fSbluhm 171f53c19fSbluhmuse strict; 181f53c19fSbluhmuse warnings; 191f53c19fSbluhm 201f53c19fSbluhmpackage Server; 211f53c19fSbluhmuse parent 'Proc'; 221f53c19fSbluhmuse Carp; 231f53c19fSbluhmuse Socket; 241f53c19fSbluhmuse Socket6; 251f53c19fSbluhmuse IO::Socket; 261f53c19fSbluhmuse IO::Socket::INET6; 271f53c19fSbluhmuse IO::Socket::SSL; 281f53c19fSbluhm 291f53c19fSbluhmsub new { 301f53c19fSbluhm my $class = shift; 311f53c19fSbluhm my %args = @_; 321f53c19fSbluhm $args{ktracefile} ||= "server.ktrace"; 331f53c19fSbluhm $args{logfile} ||= "server.log"; 341f53c19fSbluhm $args{up} ||= "Accepted"; 351f53c19fSbluhm my $self = Proc::new($class, %args); 36a0156d40Sbluhm $self->{listenproto} ||= "udp"; 3773e391cdSbluhm defined($self->{listendomain}) 381f53c19fSbluhm or croak "$class listen domain not given"; 396d1e9c8eSbluhm return $self->listen(); 406d1e9c8eSbluhm} 416d1e9c8eSbluhm 426d1e9c8eSbluhmsub listen { 436d1e9c8eSbluhm my $self = shift; 441f53c19fSbluhm $SSL_ERROR = ""; 45a0156d40Sbluhm my $iosocket = $self->{listenproto} eq "tls" ? 461f53c19fSbluhm "IO::Socket::SSL" : "IO::Socket::INET6"; 47a0156d40Sbluhm my $proto = $self->{listenproto}; 481f53c19fSbluhm $proto = "tcp" if $proto eq "tls"; 491f53c19fSbluhm my $ls = $iosocket->new( 501f53c19fSbluhm Proto => $proto, 511f53c19fSbluhm ReuseAddr => 1, 521f53c19fSbluhm Domain => $self->{listendomain}, 531f53c19fSbluhm $self->{listenaddr} ? (LocalAddr => $self->{listenaddr}) : (), 541f53c19fSbluhm $self->{listenport} ? (LocalPort => $self->{listenport}) : (), 552bccb94aSbluhm SSL_key_file => "server.key", 562bccb94aSbluhm SSL_cert_file => "server.crt", 57*476918efSbluhm SSL_ca_file => ($self->{cacrt} || "ca.crt"), 58*476918efSbluhm $self->{sslverify} ? (SSL_verify_mode => SSL_VERIFY_PEER) : (), 59*476918efSbluhm $self->{sslverify} ? (SSL_verifycn_scheme => "none") : (), 60dbe795f4Sbluhm $self->{sslversion} ? (SSL_version => $self->{sslversion}) : (), 61dbe795f4Sbluhm $self->{sslciphers} ? (SSL_cipher_list => $self->{sslciphers}) : (), 62ef01d180Sbluhm ) or die ref($self), " $iosocket socket failed: $!,$SSL_ERROR"; 632bccb94aSbluhm if ($self->{listenproto} ne "udp") { 641f53c19fSbluhm listen($ls, 1) 65ef01d180Sbluhm or die ref($self), " socket listen failed: $!"; 661f53c19fSbluhm } 671f53c19fSbluhm my $log = $self->{log}; 681f53c19fSbluhm print $log "listen sock: ",$ls->sockhost()," ",$ls->sockport(),"\n"; 691f53c19fSbluhm $self->{listenaddr} = $ls->sockhost() unless $self->{listenaddr}; 701f53c19fSbluhm $self->{listenport} = $ls->sockport() unless $self->{listenport}; 711f53c19fSbluhm $self->{ls} = $ls; 721f53c19fSbluhm return $self; 731f53c19fSbluhm} 741f53c19fSbluhm 756d1e9c8eSbluhmsub close { 766d1e9c8eSbluhm my $self = shift; 776d1e9c8eSbluhm $self->{ls}->close() 786d1e9c8eSbluhm or die ref($self)," ",ref($self->{ls}), 796d1e9c8eSbluhm " socket close failed: $!,$SSL_ERROR"; 806d1e9c8eSbluhm delete $self->{ls}; 816d1e9c8eSbluhm return $self; 826d1e9c8eSbluhm} 836d1e9c8eSbluhm 846d1e9c8eSbluhmsub run { 856d1e9c8eSbluhm my $self = shift; 866d1e9c8eSbluhm Proc::run($self, @_); 876d1e9c8eSbluhm return $self->close(); 886d1e9c8eSbluhm} 896d1e9c8eSbluhm 901f53c19fSbluhmsub child { 911f53c19fSbluhm my $self = shift; 921f53c19fSbluhm 931f53c19fSbluhm my $as = $self->{ls}; 94a0156d40Sbluhm if ($self->{listenproto} ne "udp") { 951f53c19fSbluhm $as = $self->{ls}->accept() 962bccb94aSbluhm or die ref($self)," ",ref($self->{ls}), 972bccb94aSbluhm " socket accept failed: $!,$SSL_ERROR"; 981f53c19fSbluhm print STDERR "accept sock: ",$as->sockhost()," ", 991f53c19fSbluhm $as->sockport(),"\n"; 1001f53c19fSbluhm print STDERR "accept peer: ",$as->peerhost()," ", 1011f53c19fSbluhm $as->peerport(),"\n"; 1021f53c19fSbluhm } 103dbe795f4Sbluhm if ($self->{listenproto} eq "tls") { 104dbe795f4Sbluhm print STDERR "ssl version: ",$as->get_sslversion(),"\n"; 105dbe795f4Sbluhm print STDERR "ssl cipher: ",$as->get_cipher(),"\n"; 106*476918efSbluhm print STDERR "ssl subject: ", $as->peer_certificate("subject") 107*476918efSbluhm ,"\n" if $self->{sslverify}; 108dbe795f4Sbluhm } 1091f53c19fSbluhm 1101f53c19fSbluhm *STDIN = *STDOUT = $self->{as} = $as; 1111f53c19fSbluhm} 1121f53c19fSbluhm 1131f53c19fSbluhm1; 114