X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=dtls.c;h=2586b8f92b02f7ad5fa04cdcc5c61c7d84cc9f23;hb=refs%2Fheads%2Fproxy-state;hp=19386c40ec2e1ebd5bdfda676823daabffcc3caa;hpb=45cb83f89c693815421792b99d7c2329ad3bb322;p=radsecproxy.git diff --git a/dtls.c b/dtls.c index 19386c4..2586b8f 100644 --- a/dtls.c +++ b/dtls.c @@ -1,10 +1,6 @@ -/* - * Copyright (C) 2008-2009 Stig Venaas - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - */ +/* Copyright (c) 2007-2009, UNINETT AS + * Copyright (c) 2012, NORDUnet A/S */ +/* See LICENSE for licensing information. */ #include #include @@ -99,7 +95,9 @@ struct dtlsservernewparams { void dtlssetsrcres() { if (!srcres) - srcres = resolvepassiveaddrinfo(protoopts ? protoopts->sourcearg : NULL, NULL, protodefs.socktype); + srcres = + resolvepassiveaddrinfo(protoopts ? protoopts->sourcearg : NULL, + AF_UNSPEC, NULL, protodefs.socktype); } int udp2bio(int s, struct gqueue *q, int cnt) { @@ -307,7 +305,7 @@ void dtlsserverrd(struct client *client) { debug(DBG_DBG, "dtlsserverrd: starting for %s", addr2string(client->addr)); - if (pthread_create(&dtlsserverwrth, NULL, dtlsserverwr, (void *)client)) { + if (pthread_create(&dtlsserverwrth, &pthread_attr, dtlsserverwr, (void *)client)) { debug(DBG_ERR, "dtlsserverrd: pthread_create failed"); return; } @@ -352,6 +350,7 @@ void *dtlsservernew(void *arg) { X509 *cert = NULL; SSL_CTX *ctx = NULL; uint8_t delay = 60; + struct tls *accepted_tls = NULL; debug(DBG_DBG, "dtlsservernew: starting"); conf = find_clconf(handle, (struct sockaddr *)¶ms->addr, NULL); @@ -365,10 +364,11 @@ void *dtlsservernew(void *arg) { cert = verifytlscert(ssl); if (!cert) goto exit; + accepted_tls = conf->tlsconf; } while (conf) { - if (verifyconfcert(cert, conf)) { + if (accepted_tls == conf->tlsconf && verifyconfcert(cert, conf)) { X509_free(cert); client = addclient(conf, 1); if (client) { @@ -508,7 +508,7 @@ void *udpdtlsserverrd(void *arg) { if (udp2bio(s, params->sesscache->rbios, cnt)) { debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from)); - if (!pthread_create(&dtlsserverth, NULL, dtlsservernew, (void *)params)) { + if (!pthread_create(&dtlsserverth, &pthread_attr, dtlsservernew, (void *)params)) { pthread_detach(dtlsserverth); cacheexpire(sessioncache, &lastexpiry); continue; @@ -697,10 +697,10 @@ void initextradtls() { } if (client4_sock >= 0) - if (pthread_create(&cl4th, NULL, udpdtlsclientrd, (void *)&client4_sock)) + if (pthread_create(&cl4th, &pthread_attr, udpdtlsclientrd, (void *)&client4_sock)) debugx(1, DBG_ERR, "pthread_create failed"); if (client6_sock >= 0) - if (pthread_create(&cl6th, NULL, udpdtlsclientrd, (void *)&client6_sock)) + if (pthread_create(&cl6th, &pthread_attr, udpdtlsclientrd, (void *)&client6_sock)) debugx(1, DBG_ERR, "pthread_create failed"); } #else