[openssl-dev] [openssl/openssl] Dtls listen refactor (#5024)
Matt Caswell
matt at openssl.org
Fri Jan 19 11:20:40 UTC 2018
On 17/01/18 16:34, Michael Richardson wrote:
>
> > It seems like a fairly simple solution could solve this. Currently we
> > have BIO_dgram_get_peer() which returns the peer's address for the last
> > message read from a BIO. You could imagine a new call being introduced
> > to get our own address. You could then call that immediately after a
> > successful DTLSv1_listen() call. Obviously we'd have to change the
> > dgram BIO to use recvmsg for this to work.
>
> That's here:
> https://github.com/mcr/openssl/commit/f764151782b4b32a752b4016336c0ceafa98ed5c
> https://github.com/mcr/openssl/commit/50692219afe92762e85338b8d947e7ac732d2cde
> and: https://github.com/mcr/openssl/commit/bb6f6b2cc860f25eb2b08aa109d1c7dc9ea94323
Please raise a separate PR for this work. It *must* be portable though
and work across all our platforms (e.g. including VisualC etc). My
suggestion is that your BIO_CTRL_DGRAM_GET_ADDR/BIO_CTRL_DGRAM_SET_ADDR
ctrls should return an error on platforms that we don't know we can
support, i.e. attempt to detect (at compile time) whether we are on a
platform that we know has the required system calls - if we are then use
them, otherwise we do things the old way.
Note that stuff like this is problematic:
char __attribute__((aligned(8))) chdr[CMSG_SPACE(sizeof(struct
in_pktinfo))];
The "attribute" is compiler specific and not something we can rely on to
be available. Additionally "CMSG_SPACE" is probably not portable, and in
any case may not evaluate to a compile time constant (according to the
man page), so this is not C90 (which is a requirement for OpenSSL
submissions).
I suggest you Configure with the "--strict-warnings" option which will
probably complain about some of this stuff.
Please also make sure we have suitable documentation and ideally tests too.
Once this PR is in (assuming it gets accepted), then you can look at
what remains of your original PR and see if it makes sense to raise new
PRs to bring the rest of it in.
Matt
More information about the openssl-dev
mailing list