git.ipfire.org Git - thirdparty/openssl.git/commit

author	Geoff Thorpe <geoff@openssl.org>
	Sat, 26 Apr 2014 05:22:54 +0000 (01:22 -0400)
committer	Geoff Thorpe <geoff@openssl.org>
	Fri, 9 May 2014 02:07:09 +0000 (22:07 -0400)
commit	a935132099af20a8a742d30f8edcb613e73a368d
tree	9be58c34b66173e2e69a4c00d03fbda8d6dfb809	tree \| snapshot
parent	b6e69d284b79097d0d9e39996cbe59eae6bb36e2	commit \| diff

s_client/s_server: support unix domain sockets

The "-unix <path>" argument allows s_server and s_client to use a unix
domain socket in the filesystem instead of IPv4 ("-connect", "-port",
"-accept", etc). If s_server exits gracefully, such as when "-naccept"
is used and the requested number of SSL/TLS connections have occurred,
then the domain socket file is removed. On ctrl-C, it is likely that
the stale socket file will be left over, such that s_server would
normally fail to restart with the same arguments. For this reason,
s_server also supports an "-unlink" option, which will clean up any
stale socket file before starting.

If you have any reason to want encrypted IPC within an O/S instance,
this concept might come in handy. Otherwise it just demonstrates that
there is nothing about SSL/TLS that limits it to TCP/IP in any way.

(There might also be benchmarking and profiling use in this path, as
unix domain sockets are much lower overhead than connecting over local
IP addresses).

Signed-off-by: Geoff Thorpe <geoff@openssl.org>

apps/s_apps.h		diff \| blob \| blame \| history
apps/s_client.c		diff \| blob \| blame \| history
apps/s_server.c		diff \| blob \| blame \| history
apps/s_socket.c		diff \| blob \| blame \| history
e_os.h		diff \| blob \| blame \| history