From 3edeb622ba9b01f8d4ac7b1a08ac0f0fa8a27c67 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 5 Feb 2016 10:59:42 +0000 Subject: Make DTLSv1_listen a first class function and change its type The DTLSv1_listen function exposed details of the underlying BIO abstraction and did not properly allow for IPv6. This commit changes the "peer" argument to be a BIO_ADDR and makes it a first class function (rather than a ctrl) to ensure proper type checking. Reviewed-by: Richard Levitte --- doc/ssl/DTLSv1_listen.pod | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'doc/ssl/DTLSv1_listen.pod') diff --git a/doc/ssl/DTLSv1_listen.pod b/doc/ssl/DTLSv1_listen.pod index b3dd1ae..62913de 100644 --- a/doc/ssl/DTLSv1_listen.pod +++ b/doc/ssl/DTLSv1_listen.pod @@ -8,7 +8,7 @@ DTLSv1_listen - listen for incoming DTLS connections. #include - int DTLSv1_listen(SSL *ssl, struct sockaddr *peer); + int DTLSv1_listen(SSL *ssl, BIO_ADDR *peer); =head1 DESCRIPTION @@ -43,14 +43,10 @@ messages from any peer. When a ClientHello is received that contains a cookie that has been verified, then DTLSv1_listen() will return with the B parameter updated into a state where the handshake can be continued by a call to (for example) SSL_accept(). -Additionally the B location pointed to by B will be -filled in with details of the peer that sent the ClientHello. It is the calling -code's responsibility to ensure that the B location is sufficiently large -to accommodate the addressing scheme in use. For example this might be done by -allocating space for a struct sockaddr_storage and casting the pointer to it to -a struct sockaddr * for the call to DTLSv1_listen(). Typically user code is -expected to "connect" the underlying socket to the peer and continue the -handshake in a connected state. +Additionally the B pointed to by B will be filled in with +details of the peer that sent the ClientHello. Typically user code is expected +to "connect" the underlying socket to the peer and continue the handshake in a +connected state. Prior to calling DTLSv1_listen() user code must ensure that cookie generation and verification callbacks have been set up using @@ -89,6 +85,7 @@ L, L =head1 HISTORY -DTLSv1_listen() return codes were clarified in OpenSSL 1.1.0. +DTLSv1_listen() return codes were clarified in OpenSSL 1.1.0. The type of "peer" +also changed in OpenSSL 1.1.0. =cut -- cgit v1.1