s_client/s_server: support unix domain sockets

The "-unix <path>" argument allows s_server and s_client to use a unix domain socket in the filesystem instead of IPv4 ("-connect", "-port", "-accept", etc). If s_server exits gracefully, such as when "-naccept" is used and the requested number of SSL/TLS connections have occurred, then the domain socket file is removed. On ctrl-C, it is likely that the stale socket file will be left over, such that s_server would normally fail to restart with the same arguments. For this reason, s_server also supports an "-unlink" option, which will clean up any stale socket file before starting. If you have any reason to want encrypted IPC within an O/S instance, this concept might come in handy. Otherwise it just demonstrates that there is nothing about SSL/TLS that limits it to TCP/IP in any way. (There might also be benchmarking and profiling use in this path, as unix domain sockets are much lower overhead than connecting over local IP addresses). Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-04-26 01:22:54 -04:00
parent b6e69d284b
commit a935132099
5 changed files with 214 additions and 8 deletions
--- a/e_os.h
+++ b/e_os.h
@@ -579,6 +579,16 @@ static unsigned int _strlen31(const char *str)
 #      include <inet.h>
 #    else
 #      include <sys/socket.h>
+#      ifndef NO_SYS_UN_H
+#        ifdef OPENSSL_SYS_VXWORKS
+#          include <streams/un.h>
+#        else
+#          include <sys/un.h>
+#        endif
+#        ifndef UNIX_PATH_MAX
+#          define UNIX_PATH_MAX sizeof(((struct sockaddr_un *)NULL)->sun_path)
+#        endif
+#      endif
 #      ifdef FILIO_H
 #        include <sys/filio.h> /* Added for FIONBIO under unixware */
 #      endif