static int wtpman_establish_dtls(void *arg) { struct wtpman *wtpman = (struct wtpman *) arg; /* setup cipher */ wtpman->conn->dtls_cipher = conf_sslcipher; /* setup DTSL certificates */ int dtls_ok = 0; if (conf_sslkeyfilename && conf_sslcertfilename) { wtpman->conn->dtls_key_file = conf_sslkeyfilename; wtpman->conn->dtls_cert_file = conf_sslcertfilename; wtpman->conn->dtls_key_pass = conf_sslkeypass; wtpman->conn->dtls_verify_peer = conf_dtls_verify_peer; cw_dbg(DBG_DTLS, "Using key file %s", wtpman->conn->dtls_key_file); cw_dbg(DBG_DTLS, "Using cert file %s", wtpman->conn->dtls_cert_file); dtls_ok = 1; } /* setup DTLS psk */ if (conf_dtls_psk) { wtpman->conn->dtls_psk = conf_dtls_psk; wtpman->conn->dtls_psk_len = strlen(conf_dtls_psk); dtls_ok = 1; } if (!dtls_ok) { cw_log(LOG_ERR, "Can't establish DTLS session, neither psk nor certs set in config file."); return 0; } /* try to accept the connection */ if (!dtls_accept(wtpman->conn)) { cw_dbg(DBG_DTLS, "Error establishing DTLS session with %s", sock_addr2str_p(&wtpman->conn->addr)); return 0; } cw_dbg(DBG_DTLS, "DTLS session established with %s, cipher=%s", sock_addr2str_p(&wtpman->conn->addr), dtls_get_cipher(wtpman->conn)); return 1; }
static int wtpman_dtls_setup(void *arg) { char cipherstr[512]; char sock_buf[SOCK_ADDR_BUFSIZE]; struct wtpman *wtpman = (struct wtpman *) arg; /* try to accept the connection */ if (!dtls_accept(wtpman->conn)) { cw_dbg(DBG_DTLS, "Error establishing DTLS session with %s", sock_addr2str_p(&wtpman->conn->addr,sock_buf)); return 0; } cw_dbg(DBG_DTLS, "DTLS session established with %s, %s", sock_addr2str_p(&wtpman->conn->addr,sock_buf), dtls_get_cipher(wtpman->conn,cipherstr)); return 1; }
int join(struct sockaddr *sa) { int sockfd; int rc; sockfd = socket(AF_INET,SOCK_DGRAM,0); if (sockfd==-1){ cw_log(LOG_ERR,"Can't create socket: %s\n",strerror(errno)); return -1; } sock_set_recvtimeout(sockfd,1); rc = connect(sockfd,(struct sockaddr*)sa,sock_addrlen((struct sockaddr*)sa)); if (rc<0){ char str[100]; sock_addrtostr(sa,str,100); cw_log(LOG_ERR,"Can't connect to %s: %s\n",str,strerror(errno)); close(sockfd); return -1; } struct conn * conn = get_conn(); conn->sock=sockfd; sock_copyaddr(&conn->addr,sa); #ifdef WITH_DTLS cw_dbg (DBG_DTLS,"Establishing DTLS session with %s",sock_addr2str(sa)); /* #ifdef WITH_CW_LOG_DEBUG { char str[100]; sock_addrtostr(sa,str,100); cw_log_debug0("Establishing DTLS connection to %s",str); } #endif */ if (conf_dtls_psk){ conn->dtls_psk=conf_dtls_psk; conn->dtls_psk_len=strlen(conn->dtls_psk); conn->dtls_cipher=conf_dtls_cipher; } if (conf_sslkeyfilename && conf_sslcertfilename){ conn->dtls_key_file = conf_sslkeyfilename; conn->dtls_cert_file = conf_sslcertfilename; conn->dtls_key_pass = conf_sslkeypass; conn->dtls_cipher=conf_dtls_cipher; } rc = dtls_connect(conn); if (rc!=1){ dtls_shutdown(conn); char str[100]; sock_addrtostr(sa,str,100); cw_log(LOG_ERR,"Cant establish DTLS connection to %s",str); close(sockfd); return 0; } #endif cw_dbg (DBG_DTLS,"DTLS session established with %s, cipher=%s",sock_addr2str(sa),dtls_get_cipher(conn)); exit(0); #ifdef WITH_CW_LOG_DEBUG { char str[100]; sock_addrtostr(sa,str,100); cw_log_debug0("DTLS connection to %s established",str); } #endif join_state(conn); return 1; }