From 5091aadc223315ce115ee12f62df2af173bf5efb Mon Sep 17 00:00:00 2001 From: Neil Horman Date: Tue, 31 Oct 2023 11:54:03 -0400 Subject: [PATCH] augment quic demos to support ipv4/6 connections Because the quicserver utility supports expressly listening in ipv4/6 mode, its possible/likely that the server will listen on an ipv4 address, while the clients will connect via ipv6, leading to connection failures. Augment quic demo clients to afford them the same -6 option that the server has so that connection family can be co-ordinated Reviewed-by: Nicola Tuveri Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/22577) --- demos/guide/quic-client-block.c | 24 +++++++++++++++------- demos/guide/quic-client-non-block.c | 25 ++++++++++++++++------- demos/guide/quic-multi-stream.c | 24 +++++++++++++++------- demos/guide/tls-client-block.c | 24 +++++++++++++++------- demos/guide/tls-client-non-block.c | 25 ++++++++++++++++------- doc/man7/ossl-guide-quic-client-block.pod | 2 +- doc/man7/ossl-guide-tls-client-block.pod | 6 ++++-- 7 files changed, 92 insertions(+), 38 deletions(-) diff --git a/demos/guide/quic-client-block.c b/demos/guide/quic-client-block.c index 782f571559..baf5292c47 100644 --- a/demos/guide/quic-client-block.c +++ b/demos/guide/quic-client-block.c @@ -27,7 +27,7 @@ /* Helper function to create a BIO connected to the server */ static BIO *create_socket_bio(const char *hostname, const char *port, - BIO_ADDR **peer_addr) + int family, BIO_ADDR **peer_addr) { int sock = -1; BIO_ADDRINFO *res; @@ -37,7 +37,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port, /* * Lookup IP address info for the server. */ - if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, 0, SOCK_DGRAM, 0, + if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, family, SOCK_DGRAM, 0, &res)) return NULL; @@ -128,14 +128,24 @@ int main(int argc, char *argv[]) char buf[160]; BIO_ADDR *peer_addr = NULL; char *hostname, *port; + int argnext = 1; + int ipv6 = 0; - if (argc != 3) { - printf("Usage: quic-client-block hostname port\n"); + if (argc < 3) { + printf("Usage: quic-client-block [-6] hostname port\n"); goto end; } - hostname = argv[1]; - port = argv[2]; + if (!strcmp(argv[argnext], "-6")) { + if (argc < 4) { + printf("Usage: quic-client-block [-6] hostname port\n"); + goto end; + } + ipv6 = 1; + argnext++; + } + hostname = argv[argnext++]; + port = argv[argnext]; /* * Create an SSL_CTX which we can use to create SSL objects from. We @@ -172,7 +182,7 @@ int main(int argc, char *argv[]) * Create the underlying transport socket/BIO and associate it with the * connection. */ - bio = create_socket_bio(hostname, port, &peer_addr); + bio = create_socket_bio(hostname, port, ipv6 ? AF_INET6 : AF_INET, &peer_addr); if (bio == NULL) { printf("Failed to crete the BIO\n"); goto end; diff --git a/demos/guide/quic-client-non-block.c b/demos/guide/quic-client-non-block.c index 31596d84c5..a6c1802fcd 100644 --- a/demos/guide/quic-client-non-block.c +++ b/demos/guide/quic-client-non-block.c @@ -28,7 +28,7 @@ /* Helper function to create a BIO connected to the server */ static BIO *create_socket_bio(const char *hostname, const char *port, - BIO_ADDR **peer_addr) + int family, BIO_ADDR **peer_addr) { int sock = -1; BIO_ADDRINFO *res; @@ -38,7 +38,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port, /* * Lookup IP address info for the server. */ - if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, 0, SOCK_DGRAM, 0, + if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, family, SOCK_DGRAM, 0, &res)) return NULL; @@ -236,14 +236,24 @@ int main(int argc, char *argv[]) BIO_ADDR *peer_addr = NULL; int eof = 0; char *hostname, *port; + int ipv6 = 0; + int argnext = 1; - if (argc != 3) { - printf("Usage: quic-client-non-block hostname port\n"); + if (argc < 3) { + printf("Usage: quic-client-non-block [-6] hostname port\n"); goto end; } - hostname = argv[1]; - port = argv[2]; + if (!strcmp(argv[argnext], "-6")) { + if (argc < 4) { + printf("Usage: quic-client-non-block [-6] hostname port\n"); + goto end; + } + ipv6 = 1; + argnext++; + } + hostname = argv[argnext++]; + port = argv[argnext]; /* * Create an SSL_CTX which we can use to create SSL objects from. We @@ -280,7 +290,8 @@ int main(int argc, char *argv[]) * Create the underlying transport socket/BIO and associate it with the * connection. */ - bio = create_socket_bio(hostname, port, &peer_addr); + bio = create_socket_bio(hostname, port, ipv6 ? AF_INET6 : AF_INET, + &peer_addr); if (bio == NULL) { printf("Failed to crete the BIO\n"); goto end; diff --git a/demos/guide/quic-multi-stream.c b/demos/guide/quic-multi-stream.c index 469c5ba4b2..d31ea245c8 100644 --- a/demos/guide/quic-multi-stream.c +++ b/demos/guide/quic-multi-stream.c @@ -27,7 +27,7 @@ /* Helper function to create a BIO connected to the server */ static BIO *create_socket_bio(const char *hostname, const char *port, - BIO_ADDR **peer_addr) + int family, BIO_ADDR **peer_addr) { int sock = -1; BIO_ADDRINFO *res; @@ -37,7 +37,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port, /* * Lookup IP address info for the server. */ - if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, 0, SOCK_DGRAM, 0, + if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, family, SOCK_DGRAM, 0, &res)) return NULL; @@ -148,14 +148,24 @@ int main(int argc, char *argv[]) char buf[160]; BIO_ADDR *peer_addr = NULL; char *hostname, *port; + int argnext = 1; + int ipv6 = 0; - if (argc != 3) { - printf("Usage: quic-client-non-block hostname port\n"); + if (argc < 3) { + printf("Usage: quic-client-non-block [-6] hostname port\n"); goto end; } - hostname = argv[1]; - port = argv[2]; + if (!strcmp(argv[argnext], "-6")) { + if (argc < 4) { + printf("Usage: quic-client-non-block [-6] hostname port\n"); + goto end; + } + ipv6 = 1; + argnext++; + } + hostname = argv[argnext++]; + port = argv[argnext]; /* * Create an SSL_CTX which we can use to create SSL objects from. We @@ -201,7 +211,7 @@ int main(int argc, char *argv[]) * Create the underlying transport socket/BIO and associate it with the * connection. */ - bio = create_socket_bio(hostname, port, &peer_addr); + bio = create_socket_bio(hostname, port, ipv6 ? AF_INET6 : AF_INET, &peer_addr); if (bio == NULL) { printf("Failed to crete the BIO\n"); goto end; diff --git a/demos/guide/tls-client-block.c b/demos/guide/tls-client-block.c index ea7d68467a..c6ba5850f7 100644 --- a/demos/guide/tls-client-block.c +++ b/demos/guide/tls-client-block.c @@ -26,7 +26,7 @@ #include /* Helper function to create a BIO connected to the server */ -static BIO *create_socket_bio(const char *hostname, const char *port) +static BIO *create_socket_bio(const char *hostname, const char *port, int family) { int sock = -1; BIO_ADDRINFO *res; @@ -36,7 +36,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port) /* * Lookup IP address info for the server. */ - if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, 0, SOCK_STREAM, 0, + if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, family, SOCK_STREAM, 0, &res)) return NULL; @@ -109,14 +109,24 @@ int main(int argc, char *argv[]) size_t written, readbytes; char buf[160]; char *hostname, *port; + int argnext = 1; + int ipv6 = 0; - if (argc != 3) { - printf("Usage: tls-client-block hostname port\n"); + if (argc < 3) { + printf("Usage: tls-client-block [-6] hostname port\n"); goto end; } - hostname = argv[1]; - port = argv[2]; + if (!strcmp(argv[argnext], "-6")) { + if (argc < 4) { + printf("Usage: tls-client-block [-6] hostname port\n"); + goto end; + } + ipv6 = 1; + argnext++; + } + hostname = argv[argnext++]; + port = argv[argnext]; /* * Create an SSL_CTX which we can use to create SSL objects from. We @@ -162,7 +172,7 @@ int main(int argc, char *argv[]) * Create the underlying transport socket/BIO and associate it with the * connection. */ - bio = create_socket_bio(hostname, port); + bio = create_socket_bio(hostname, port, ipv6 ? AF_INET6 : AF_INET); if (bio == NULL) { printf("Failed to crete the BIO\n"); goto end; diff --git a/demos/guide/tls-client-non-block.c b/demos/guide/tls-client-non-block.c index 8748e4fffc..0b19d67762 100644 --- a/demos/guide/tls-client-non-block.c +++ b/demos/guide/tls-client-non-block.c @@ -27,7 +27,7 @@ #include /* Helper function to create a BIO connected to the server */ -static BIO *create_socket_bio(const char *hostname, const char *port) +static BIO *create_socket_bio(const char *hostname, const char *port, int family) { int sock = -1; BIO_ADDRINFO *res; @@ -37,7 +37,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port) /* * Lookup IP address info for the server. */ - if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, 0, SOCK_STREAM, 0, + if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, family, SOCK_STREAM, 0, &res)) return NULL; @@ -187,14 +187,25 @@ int main(int argc, char *argv[]) char buf[160]; int eof = 0; char *hostname, *port; + int argnext = 1; + int ipv6 = 0; - if (argc != 3) { - printf("Usage: tls-client-non-block hostname port\n"); + if (argc < 3) { + printf("Usage: tls-client-non-block [-6] hostname port\n"); goto end; } - hostname = argv[1]; - port = argv[2]; + if (!strcmp(argv[argnext], "-6")) { + if (argc < 4) { + printf("Usage: tls-client-non-block [-6] hostname port\n"); + goto end; + } + ipv6 = 1; + argnext++; + } + + hostname = argv[argnext++]; + port = argv[argnext]; /* * Create an SSL_CTX which we can use to create SSL objects from. We @@ -240,7 +251,7 @@ int main(int argc, char *argv[]) * Create the underlying transport socket/BIO and associate it with the * connection. */ - bio = create_socket_bio(hostname, port); + bio = create_socket_bio(hostname, port, ipv6 ? AF_INET6 : AF_INET); if (bio == NULL) { printf("Failed to crete the BIO\n"); goto end; diff --git a/doc/man7/ossl-guide-quic-client-block.pod b/doc/man7/ossl-guide-quic-client-block.pod index fc8912086d..ab018e4a22 100644 --- a/doc/man7/ossl-guide-quic-client-block.pod +++ b/doc/man7/ossl-guide-quic-client-block.pod @@ -94,7 +94,7 @@ for TCP). /* * Lookup IP address info for the server. */ - if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, 0, SOCK_DGRAM, 0, + if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, family, SOCK_DGRAM, 0, &res)) return NULL; diff --git a/doc/man7/ossl-guide-tls-client-block.pod b/doc/man7/ossl-guide-tls-client-block.pod index cb67bf8fa9..ba59bd4ab3 100644 --- a/doc/man7/ossl-guide-tls-client-block.pod +++ b/doc/man7/ossl-guide-tls-client-block.pod @@ -174,7 +174,7 @@ integrate into the OpenSSL error system to log error data, e.g. /* * Lookup IP address info for the server. */ - if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, 0, SOCK_STREAM, 0, + if (!BIO_lookup_ex(hostname, port, BIO_LOOKUP_CLIENT, family, SOCK_STREAM, 0, &res)) return NULL; @@ -212,7 +212,9 @@ See L, L, L, L, L, L and L for further information on the functions used here. In the above example code the B and B variables are strings, e.g. -"www.example.com" and "443". +"www.example.com" and "443". Note also the use of the family variable, which +can take the values of AF_INET or AF_INET6 based on the command line -6 option, +to allow specific connections to an ipv4 or ipv6 enabled host. Sockets created using the methods described above will automatically be blocking sockets - which is exactly what we want for this example. -- 2.39.2