X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Fserver.c;h=a97de35dee8ed57bfbed019772a59fdb001f9973;hp=363028f0c0ae7f76b926b328c288513e7fb10c35;hb=dda1f8a0c46e15b4a235163470ff700b2f13dcc5;hpb=5f045c759957fdff8c85716e6af99e10901fdac0

diff --git a/tools/server.c b/tools/server.c
index 363028f..a97de35 100644
--- a/tools/server.c
+++ b/tools/server.c
@@ -75,7 +75,7 @@ host_bind(const char *host, const char *port, int verbose)
 
 		sa = (struct sockaddr *)p->ai_addr;
 		if (sa->sa_family == AF_INET) {
-			sa4 = *(struct sockaddr_in *)sa;
+			memcpy(&sa4, sa, sizeof sa4);
 			sa = (struct sockaddr *)&sa4;
 			sa_len = sizeof sa4;
 			addr = &sa4.sin_addr;
@@ -83,7 +83,7 @@ host_bind(const char *host, const char *port, int verbose)
 				sa4.sin_addr.s_addr = INADDR_ANY;
 			}
 		} else if (sa->sa_family == AF_INET6) {
-			sa6 = *(struct sockaddr_in6 *)sa;
+			memcpy(&sa6, sa, sizeof sa6);
 			sa = (struct sockaddr *)&sa6;
 			sa_len = sizeof sa6;
 			addr = &sa6.sin6_addr;
@@ -119,9 +119,16 @@ host_bind(const char *host, const char *port, int verbose)
 		opt = 1;
 		setsockopt(fd, SOL_SOCKET, SO_REUSEADDR,
 			(void *)&opt, sizeof opt);
+#ifdef IPV6_V6ONLY
+		/*
+		 * We want to make sure that the server socket works for
+		 * both IPv4 and IPv6. But IPV6_V6ONLY is not defined on
+		 * some very old systems.
+		 */
 		opt = 0;
 		setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY,
 			(void *)&opt, sizeof opt);
+#endif
 		if (bind(fd, sa, sa_len) < 0) {
 			if (verbose) {
 				perror("bind()");
@@ -159,7 +166,7 @@ host_bind(const char *host, const char *port, int verbose)
 }
 
 static SOCKET
-accept_client(SOCKET server_fd, int verbose)
+accept_client(SOCKET server_fd, int verbose, int nonblock)
 {
 	int fd;
 	SOCKADDR_STORAGE sa;
@@ -202,16 +209,16 @@ accept_client(SOCKET server_fd, int verbose)
 	 * We make the socket non-blocking, since we are going to use
 	 * poll() or select() to organise I/O.
 	 */
+	if (nonblock) {
 #ifdef _WIN32
-	{
 		u_long arg;
 
 		arg = 1;
 		ioctlsocket(fd, FIONBIO, &arg);
-	}
 #else
-	fcntl(fd, F_SETFL, O_NONBLOCK);
+		fcntl(fd, F_SETFL, O_NONBLOCK);
 #endif
+	}
 	return fd;
 }
 
@@ -1051,6 +1058,9 @@ do_server(int argc, char *argv[])
 		if ((req & REQ_AESCBC) != 0) {
 			br_ssl_engine_set_default_aes_cbc(&cc.eng);
 		}
+		if ((req & REQ_AESCCM) != 0) {
+			br_ssl_engine_set_default_aes_ccm(&cc.eng);
+		}
 		if ((req & REQ_AESGCM) != 0) {
 			br_ssl_engine_set_default_aes_gcm(&cc.eng);
 		}
@@ -1170,15 +1180,16 @@ do_server(int argc, char *argv[])
 	 */
 	for (;;) {
 		int x;
+		unsigned run_flags;
 
-		fd = accept_client(server_fd, verbose);
+		fd = accept_client(server_fd, verbose, 1);
 		if (fd == INVALID_SOCKET) {
 			goto server_exit_error;
 		}
 		br_ssl_server_reset(&cc);
-		x = run_ssl_engine(&cc.eng, fd,
-			(verbose ? RUN_ENGINE_VERBOSE : 0)
-			| (trace ? RUN_ENGINE_TRACE : 0));
+		run_flags = (verbose ? RUN_ENGINE_VERBOSE : 0)
+			| (trace ? RUN_ENGINE_TRACE : 0);
+		x = run_ssl_engine(&cc.eng, fd, run_flags);
 #ifdef _WIN32
 		closesocket(fd);
 #else
@@ -1207,6 +1218,13 @@ server_exit:
 		closesocket(fd);
 #else
 		close(fd);
+#endif
+	}
+	if (server_fd != INVALID_SOCKET) {
+#ifdef _WIN32
+		closesocket(server_fd);
+#else
+		close(server_fd);
 #endif
 	}
 	return retcode;