static int wtpman_establish_dtls(void *arg)
{
struct wtpman *wtpman = (struct wtpman *) arg;
/* setup cipher */
wtpman->conn->dtls_cipher = conf_sslcipher;
/* setup DTSL certificates */
int dtls_ok = 0;
if (conf_sslkeyfilename && conf_sslcertfilename) {
wtpman->conn->dtls_key_file = conf_sslkeyfilename;
wtpman->conn->dtls_cert_file = conf_sslcertfilename;
wtpman->conn->dtls_key_pass = conf_sslkeypass;
wtpman->conn->dtls_verify_peer = conf_dtls_verify_peer;
cw_dbg(DBG_DTLS, "Using key file %s", wtpman->conn->dtls_key_file);
cw_dbg(DBG_DTLS, "Using cert file %s", wtpman->conn->dtls_cert_file);
dtls_ok = 1;
}
/* setup DTLS psk */
if (conf_dtls_psk) {
wtpman->conn->dtls_psk = conf_dtls_psk;
wtpman->conn->dtls_psk_len = strlen(conf_dtls_psk);
dtls_ok = 1;
}
if (!dtls_ok) {
cw_log(LOG_ERR,
"Can't establish DTLS session, neither psk nor certs set in config file.");
return 0;
}
/* try to accept the connection */
if (!dtls_accept(wtpman->conn)) {
cw_dbg(DBG_DTLS, "Error establishing DTLS session with %s",
sock_addr2str_p(&wtpman->conn->addr));
return 0;
}
cw_dbg(DBG_DTLS, "DTLS session established with %s, cipher=%s",
sock_addr2str_p(&wtpman->conn->addr), dtls_get_cipher(wtpman->conn));
return 1;
}
static int wtpman_dtls_setup(void *arg)
{
char cipherstr[512];
char sock_buf[SOCK_ADDR_BUFSIZE];
struct wtpman *wtpman = (struct wtpman *) arg;
/* try to accept the connection */
if (!dtls_accept(wtpman->conn)) {
cw_dbg(DBG_DTLS, "Error establishing DTLS session with %s",
sock_addr2str_p(&wtpman->conn->addr,sock_buf));
return 0;
}
cw_dbg(DBG_DTLS, "DTLS session established with %s, %s",
sock_addr2str_p(&wtpman->conn->addr,sock_buf), dtls_get_cipher(wtpman->conn,cipherstr));
return 1;
}
int join(struct sockaddr *sa)
{
int sockfd;
int rc;
sockfd = socket(AF_INET,SOCK_DGRAM,0);
if (sockfd==-1){
cw_log(LOG_ERR,"Can't create socket: %s\n",strerror(errno));
return -1;
}
sock_set_recvtimeout(sockfd,1);
rc = connect(sockfd,(struct sockaddr*)sa,sock_addrlen((struct sockaddr*)sa));
if (rc<0){
char str[100];
sock_addrtostr(sa,str,100);
cw_log(LOG_ERR,"Can't connect to %s: %s\n",str,strerror(errno));
close(sockfd);
return -1;
}
struct conn * conn = get_conn();
conn->sock=sockfd;
sock_copyaddr(&conn->addr,sa);
#ifdef WITH_DTLS
cw_dbg (DBG_DTLS,"Establishing DTLS session with %s",sock_addr2str(sa));
/*
#ifdef WITH_CW_LOG_DEBUG
{
char str[100];
sock_addrtostr(sa,str,100);
cw_log_debug0("Establishing DTLS connection to %s",str);
}
#endif
*/
if (conf_dtls_psk){
conn->dtls_psk=conf_dtls_psk;
conn->dtls_psk_len=strlen(conn->dtls_psk);
conn->dtls_cipher=conf_dtls_cipher;
}
if (conf_sslkeyfilename && conf_sslcertfilename){
conn->dtls_key_file = conf_sslkeyfilename;
conn->dtls_cert_file = conf_sslcertfilename;
conn->dtls_key_pass = conf_sslkeypass;
conn->dtls_cipher=conf_dtls_cipher;
}
rc = dtls_connect(conn);
if (rc!=1){
dtls_shutdown(conn);
char str[100];
sock_addrtostr(sa,str,100);
cw_log(LOG_ERR,"Cant establish DTLS connection to %s",str);
close(sockfd);
return 0;
}
#endif
cw_dbg (DBG_DTLS,"DTLS session established with %s, cipher=%s",sock_addr2str(sa),dtls_get_cipher(conn));
exit(0);
#ifdef WITH_CW_LOG_DEBUG
{
char str[100];
sock_addrtostr(sa,str,100);
cw_log_debug0("DTLS connection to %s established",str);
}
#endif
join_state(conn);
return 1;
}
