Inicio Explorar Ayuda
Iniciar sesión
OWEALs
/
openssl
espejo de git://git.openssl.org/openssl.git
2
0
Fork 0
Archivos Incidencias 1 Wiki
Árbol: 4cde7585ce
Ramas Etiquetas
openssl
/
crypto
/
bio
/
bio_sock2.c

bio_sock2.c 15 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453 
  1. /*
    2. 

  2.  * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #include <stdio.h>
    11. 

  11. #include <stdlib.h>
    12. 

  12. #include <errno.h>
    13. 

  13. 

  14. #include "bio_local.h"
    15. 

  15. #include "internal/ktls.h"
    16. 

  16. #include "internal/bio_tfo.h"
    17. 

  17. 

  18. #include <openssl/err.h>
    19. 

  19. 

  20. #ifndef OPENSSL_NO_SOCK
    21. 

  21. # ifdef SO_MAXCONN
    22. 

  22. #  define MAX_LISTEN  SO_MAXCONN
    23. 

  23. # elif defined(SOMAXCONN)
    24. 

  24. #  define MAX_LISTEN  SOMAXCONN
    25. 

  25. # else
    26. 

  26. #  define MAX_LISTEN  32
    27. 

  27. # endif
    28. 

  28. 

  29. /*-
    30. 

  30.  * BIO_socket - create a socket
    31. 

  31.  * @domain: the socket domain (AF_INET, AF_INET6, AF_UNIX, ...)
    32. 

  32.  * @socktype: the socket type (SOCK_STEAM, SOCK_DGRAM)
    33. 

  33.  * @protocol: the protocol to use (IPPROTO_TCP, IPPROTO_UDP)
    34. 

  34.  * @options: BIO socket options (currently unused)
    35. 

  35.  *
    36. 

  36.  * Creates a socket.  This should be called before calling any
    37. 

  37.  * of BIO_connect and BIO_listen.
    38. 

  38.  *
    39. 

  39.  * Returns the file descriptor on success or INVALID_SOCKET on failure.  On
    40. 

  40.  * failure errno is set, and a status is added to the OpenSSL error stack.
    41. 

  41.  */
    42. 

  42. int BIO_socket(int domain, int socktype, int protocol, int options)
    43. 

  43. {
    44. 

  44.     int sock = -1;
    45. 

  45. 

  46.     if (BIO_sock_init() != 1)
    47. 

  47.         return INVALID_SOCKET;
    48. 

  48. 

  49.     sock = socket(domain, socktype, protocol);
    50. 

  50.     if (sock == -1) {
    51. 

  51.         ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    52. 

  52.                        "calling socket()");
    53. 

  53.         ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_CREATE_SOCKET);
    54. 

  54.         return INVALID_SOCKET;
    55. 

  55.     }
    56. 

  56. 

  57.     return sock;
    58. 

  58. }
    59. 

  59. 

  60. /*-
    61. 

  61.  * BIO_connect - connect to an address
    62. 

  62.  * @sock: the socket to connect with
    63. 

  63.  * @addr: the address to connect to
    64. 

  64.  * @options: BIO socket options
    65. 

  65.  *
    66. 

  66.  * Connects to the address using the given socket and options.
    67. 

  67.  *
    68. 

  68.  * Options can be a combination of the following:
    69. 

  69.  * - BIO_SOCK_KEEPALIVE: enable regularly sending keep-alive messages.
    70. 

  70.  * - BIO_SOCK_NONBLOCK: Make the socket non-blocking.
    71. 

  71.  * - BIO_SOCK_NODELAY: don't delay small messages.
    72. 

  72.  * - BIO_SOCK_TFO: use TCP Fast Open
    73. 

  73.  *
    74. 

  74.  * options holds BIO socket options that can be used
    75. 

  75.  * You should call this for every address returned by BIO_lookup
    76. 

  76.  * until the connection is successful.
    77. 

  77.  *
    78. 

  78.  * Returns 1 on success or 0 on failure.  On failure errno is set
    79. 

  79.  * and an error status is added to the OpenSSL error stack.
    80. 

  80.  */
    81. 

  81. int BIO_connect(int sock, const BIO_ADDR *addr, int options)
    82. 

  82. {
    83. 

  83.     const int on = 1;
    84. 

  84. 

  85.     if (sock == -1) {
    86. 

  86.         ERR_raise(ERR_LIB_BIO, BIO_R_INVALID_SOCKET);
    87. 

  87.         return 0;
    88. 

  88.     }
    89. 

  89. 

  90.     if (!BIO_socket_nbio(sock, (options & BIO_SOCK_NONBLOCK) != 0))
    91. 

  91.         return 0;
    92. 

  92. 

  93.     if (options & BIO_SOCK_KEEPALIVE) {
    94. 

  94.         if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE,
    95. 

  95.                        (const void *)&on, sizeof(on)) != 0) {
    96. 

  96.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    97. 

  97.                            "calling setsockopt()");
    98. 

  98.             ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_KEEPALIVE);
    99. 

  99.             return 0;
    100. 

  100.         }
    101. 

  101.     }
    102. 

  102. 

  103.     if (options & BIO_SOCK_NODELAY) {
    104. 

  104.         if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
    105. 

  105.                        (const void *)&on, sizeof(on)) != 0) {
    106. 

  106.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    107. 

  107.                            "calling setsockopt()");
    108. 

  108.             ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_NODELAY);
    109. 

  109.             return 0;
    110. 

  110.         }
    111. 

  111.     }
    112. 

  112.     if (options & BIO_SOCK_TFO) {
    113. 

  113. # if defined(OSSL_TFO_CLIENT_FLAG)
    114. 

  114. #  if defined(OSSL_TFO_SYSCTL_CLIENT)
    115. 

  115.         int enabled = 0;
    116. 

  116.         size_t enabledlen = sizeof(enabled);
    117. 

  117. 

  118.         /* Later FreeBSD */
    119. 

  119.         if (sysctlbyname(OSSL_TFO_SYSCTL_CLIENT, &enabled, &enabledlen, NULL, 0) < 0) {
    120. 

  120.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_NO_KERNEL_SUPPORT);
    121. 

  121.             return 0;
    122. 

  122.         }
    123. 

  123.         /* Need to check for client flag */
    124. 

  124.         if (!(enabled & OSSL_TFO_CLIENT_FLAG)) {
    125. 

  125.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_DISABLED);
    126. 

  126.             return 0;
    127. 

  127.         }
    128. 

  128. #  elif defined(OSSL_TFO_SYSCTL)
    129. 

  129.         int enabled = 0;
    130. 

  130.         size_t enabledlen = sizeof(enabled);
    131. 

  131. 

  132.         /* macOS */
    133. 

  133.         if (sysctlbyname(OSSL_TFO_SYSCTL, &enabled, &enabledlen, NULL, 0) < 0) {
    134. 

  134.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_NO_KERNEL_SUPPORT);
    135. 

  135.             return 0;
    136. 

  136.         }
    137. 

  137.         /* Need to check for client flag */
    138. 

  138.         if (!(enabled & OSSL_TFO_CLIENT_FLAG)) {
    139. 

  139.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_DISABLED);
    140. 

  140.             return 0;
    141. 

  141.         }
    142. 

  142. #  endif
    143. 

  143. # endif
    144. 

  144. # if defined(OSSL_TFO_CONNECTX)
    145. 

  145.         sa_endpoints_t sae;
    146. 

  146. 

  147.         memset(&sae, 0, sizeof(sae));
    148. 

  148.         sae.sae_dstaddr = BIO_ADDR_sockaddr(addr);
    149. 

  149.         sae.sae_dstaddrlen = BIO_ADDR_sockaddr_size(addr);
    150. 

  150.         if (connectx(sock, &sae, SAE_ASSOCID_ANY,
    151. 

  151.                      CONNECT_DATA_IDEMPOTENT | CONNECT_RESUME_ON_READ_WRITE,
    152. 

  152.                      NULL, 0, NULL, NULL) == -1) {
    153. 

  153.             if (!BIO_sock_should_retry(-1)) {
    154. 

  154.                 ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    155. 

  155.                                "calling connectx()");
    156. 

  156.                 ERR_raise(ERR_LIB_BIO, BIO_R_CONNECT_ERROR);
    157. 

  157.             }
    158. 

  158.             return 0;
    159. 

  159.         }
    160. 

  160. # endif
    161. 

  161. # if defined(OSSL_TFO_CLIENT_SOCKOPT)
    162. 

  162.         if (setsockopt(sock, IPPROTO_TCP, OSSL_TFO_CLIENT_SOCKOPT,
    163. 

  163.                        (const void *)&on, sizeof(on)) != 0) {
    164. 

  164.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    165. 

  165.                            "calling setsockopt()");
    166. 

  166.             ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_TFO);
    167. 

  167.             return 0;
    168. 

  168.         }
    169. 

  169. # endif
    170. 

  170. # if defined(OSSL_TFO_DO_NOT_CONNECT)
    171. 

  171.         return 1;
    172. 

  172. # endif
    173. 

  173.     }
    174. 

  174. 

  175.     if (connect(sock, BIO_ADDR_sockaddr(addr),
    176. 

  176.                 BIO_ADDR_sockaddr_size(addr)) == -1) {
    177. 

  177.         if (!BIO_sock_should_retry(-1)) {
    178. 

  178.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    179. 

  179.                            "calling connect()");
    180. 

  180.             ERR_raise(ERR_LIB_BIO, BIO_R_CONNECT_ERROR);
    181. 

  181.         }
    182. 

  182.         return 0;
    183. 

  183.     }
    184. 

  184. # ifndef OPENSSL_NO_KTLS
    185. 

  185.     /*
    186. 

  186.      * The new socket is created successfully regardless of ktls_enable.
    187. 

  187.      * ktls_enable doesn't change any functionality of the socket, except
    188. 

  188.      * changing the setsockopt to enable the processing of ktls_start.
    189. 

  189.      * Thus, it is not a problem to call it for non-TLS sockets.
    190. 

  190.      */
    191. 

  191.     ktls_enable(sock);
    192. 

  192. # endif
    193. 

  193.     return 1;
    194. 

  194. }
    195. 

  195. 

  196. /*-
    197. 

  197.  * BIO_bind - bind socket to address
    198. 

  198.  * @sock: the socket to set
    199. 

  199.  * @addr: local address to bind to
    200. 

  200.  * @options: BIO socket options
    201. 

  201.  *
    202. 

  202.  * Binds to the address using the given socket and options.
    203. 

  203.  *
    204. 

  204.  * Options can be a combination of the following:
    205. 

  205.  * - BIO_SOCK_REUSEADDR: Try to reuse the address and port combination
    206. 

  206.  *   for a recently closed port.
    207. 

  207.  *
    208. 

  208.  * When restarting the program it could be that the port is still in use.  If
    209. 

  209.  * you set to BIO_SOCK_REUSEADDR option it will try to reuse the port anyway.
    210. 

  210.  * It's recommended that you use this.
    211. 

  211.  */
    212. 

  212. int BIO_bind(int sock, const BIO_ADDR *addr, int options)
    213. 

  213. {
    214. 

  214. # ifndef OPENSSL_SYS_WINDOWS
    215. 

  215.     int on = 1;
    216. 

  216. # endif
    217. 

  217. 

  218.     if (sock == -1) {
    219. 

  219.         ERR_raise(ERR_LIB_BIO, BIO_R_INVALID_SOCKET);
    220. 

  220.         return 0;
    221. 

  221.     }
    222. 

  222. 

  223. # ifndef OPENSSL_SYS_WINDOWS
    224. 

  224.     /*
    225. 

  225.      * SO_REUSEADDR has different behavior on Windows than on
    226. 

  226.      * other operating systems, don't set it there.
    227. 

  227.      */
    228. 

  228.     if (options & BIO_SOCK_REUSEADDR) {
    229. 

  229.         if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
    230. 

  230.                        (const void *)&on, sizeof(on)) != 0) {
    231. 

  231.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    232. 

  232.                            "calling setsockopt()");
    233. 

  233.             ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_REUSEADDR);
    234. 

  234.             return 0;
    235. 

  235.         }
    236. 

  236.     }
    237. 

  237. # endif
    238. 

  238. 

  239.     if (bind(sock, BIO_ADDR_sockaddr(addr), BIO_ADDR_sockaddr_size(addr)) != 0) {
    240. 

  240.         ERR_raise_data(ERR_LIB_SYS, get_last_socket_error() /* may be 0 */,
    241. 

  241.                        "calling bind()");
    242. 

  242.         ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_BIND_SOCKET);
    243. 

  243.         return 0;
    244. 

  244.     }
    245. 

  245. 

  246.     return 1;
    247. 

  247. }
    248. 

  248. 

  249. /*-
    250. 

  250.  * BIO_listen - Creates a listen socket
    251. 

  251.  * @sock: the socket to listen with
    252. 

  252.  * @addr: local address to bind to
    253. 

  253.  * @options: BIO socket options
    254. 

  254.  *
    255. 

  255.  * Binds to the address using the given socket and options, then
    256. 

  256.  * starts listening for incoming connections.
    257. 

  257.  *
    258. 

  258.  * Options can be a combination of the following:
    259. 

  259.  * - BIO_SOCK_KEEPALIVE: enable regularly sending keep-alive messages.
    260. 

  260.  * - BIO_SOCK_NONBLOCK: Make the socket non-blocking.
    261. 

  261.  * - BIO_SOCK_NODELAY: don't delay small messages.
    262. 

  262.  * - BIO_SOCK_REUSEADDR: Try to reuse the address and port combination
    263. 

  263.  *   for a recently closed port.
    264. 

  264.  * - BIO_SOCK_V6_ONLY: When creating an IPv6 socket, make it listen only
    265. 

  265.  *   for IPv6 addresses and not IPv4 addresses mapped to IPv6.
    266. 

  266.  * - BIO_SOCK_TFO: accept TCP fast open (set TCP_FASTOPEN)
    267. 

  267.  *
    268. 

  268.  * It's recommended that you set up both an IPv6 and IPv4 listen socket, and
    269. 

  269.  * then check both for new clients that connect to it.  You want to set up
    270. 

  270.  * the socket as non-blocking in that case since else it could hang.
    271. 

  271.  *
    272. 

  272.  * Not all operating systems support IPv4 addresses on an IPv6 socket, and for
    273. 

  273.  * others it's an option.  If you pass the BIO_LISTEN_V6_ONLY it will try to
    274. 

  274.  * create the IPv6 sockets to only listen for IPv6 connection.
    275. 

  275.  *
    276. 

  276.  * It could be that the first BIO_listen() call will listen to all the IPv6
    277. 

  277.  * and IPv4 addresses and that then trying to bind to the IPv4 address will
    278. 

  278.  * fail.  We can't tell the difference between already listening ourself to
    279. 

  279.  * it and someone else listening to it when failing and errno is EADDRINUSE, so
    280. 

  280.  * it's recommended to not give an error in that case if the first call was
    281. 

  281.  * successful.
    282. 

  282.  *
    283. 

  283.  * When restarting the program it could be that the port is still in use.  If
    284. 

  284.  * you set to BIO_SOCK_REUSEADDR option it will try to reuse the port anyway.
    285. 

  285.  * It's recommended that you use this.
    286. 

  286.  */
    287. 

  287. int BIO_listen(int sock, const BIO_ADDR *addr, int options)
    288. 

  288. {
    289. 

  289.     int on = 1;
    290. 

  290.     int socktype;
    291. 

  291.     socklen_t socktype_len = sizeof(socktype);
    292. 

  292. 

  293.     if (sock == -1) {
    294. 

  294.         ERR_raise(ERR_LIB_BIO, BIO_R_INVALID_SOCKET);
    295. 

  295.         return 0;
    296. 

  296.     }
    297. 

  297. 

  298.     if (getsockopt(sock, SOL_SOCKET, SO_TYPE,
    299. 

  299.                    (void *)&socktype, &socktype_len) != 0
    300. 

  300.         || socktype_len != sizeof(socktype)) {
    301. 

  301.         ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    302. 

  302.                        "calling getsockopt()");
    303. 

  303.         ERR_raise(ERR_LIB_BIO, BIO_R_GETTING_SOCKTYPE);
    304. 

  304.         return 0;
    305. 

  305.     }
    306. 

  306. 

  307.     if (!BIO_socket_nbio(sock, (options & BIO_SOCK_NONBLOCK) != 0))
    308. 

  308.         return 0;
    309. 

  309. 

  310.     if (options & BIO_SOCK_KEEPALIVE) {
    311. 

  311.         if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE,
    312. 

  312.                        (const void *)&on, sizeof(on)) != 0) {
    313. 

  313.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    314. 

  314.                            "calling setsockopt()");
    315. 

  315.             ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_KEEPALIVE);
    316. 

  316.             return 0;
    317. 

  317.         }
    318. 

  318.     }
    319. 

  319. 

  320.     if (options & BIO_SOCK_NODELAY) {
    321. 

  321.         if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
    322. 

  322.                        (const void *)&on, sizeof(on)) != 0) {
    323. 

  323.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    324. 

  324.                            "calling setsockopt()");
    325. 

  325.             ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_NODELAY);
    326. 

  326.             return 0;
    327. 

  327.         }
    328. 

  328.     }
    329. 

  329. 

  330.   /* On OpenBSD it is always IPv6 only with IPv6 sockets thus read-only */
    331. 

  331. # if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
    332. 

  332.     if (BIO_ADDR_family(addr) == AF_INET6) {
    333. 

  333.         /*
    334. 

  334.          * Note: Windows default of IPV6_V6ONLY is ON, and Linux is OFF.
    335. 

  335.          * Therefore we always have to use setsockopt here.
    336. 

  336.          */
    337. 

  337.         on = options & BIO_SOCK_V6_ONLY ? 1 : 0;
    338. 

  338.         if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
    339. 

  339.                        (const void *)&on, sizeof(on)) != 0) {
    340. 

  340.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    341. 

  341.                            "calling setsockopt()");
    342. 

  342.             ERR_raise(ERR_LIB_BIO, BIO_R_LISTEN_V6_ONLY);
    343. 

  343.             return 0;
    344. 

  344.         }
    345. 

  345.     }
    346. 

  346. # endif
    347. 

  347. 

  348.     if (!BIO_bind(sock, addr, options))
    349. 

  349.         return 0;
    350. 

  350. 

  351.     if (socktype != SOCK_DGRAM && listen(sock, MAX_LISTEN) == -1) {
    352. 

  352.         ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    353. 

  353.                        "calling listen()");
    354. 

  354.         ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_LISTEN_SOCKET);
    355. 

  355.         return 0;
    356. 

  356.     }
    357. 

  357. 

  358. # if defined(OSSL_TFO_SERVER_SOCKOPT)
    359. 

  359.     /*
    360. 

  360.      * Must do it explicitly after listen() for macOS, still
    361. 

  361.      * works fine on other OS's
    362. 

  362.      */
    363. 

  363.     if ((options & BIO_SOCK_TFO) && socktype != SOCK_DGRAM) {
    364. 

  364.         int q = OSSL_TFO_SERVER_SOCKOPT_VALUE;
    365. 

  365. #  if defined(OSSL_TFO_CLIENT_FLAG)
    366. 

  366. #   if defined(OSSL_TFO_SYSCTL_SERVER)
    367. 

  367.         int enabled = 0;
    368. 

  368.         size_t enabledlen = sizeof(enabled);
    369. 

  369. 

  370.         /* Later FreeBSD */
    371. 

  371.         if (sysctlbyname(OSSL_TFO_SYSCTL_SERVER, &enabled, &enabledlen, NULL, 0) < 0) {
    372. 

  372.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_NO_KERNEL_SUPPORT);
    373. 

  373.             return 0;
    374. 

  374.         }
    375. 

  375.         /* Need to check for server flag */
    376. 

  376.         if (!(enabled & OSSL_TFO_SERVER_FLAG)) {
    377. 

  377.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_DISABLED);
    378. 

  378.             return 0;
    379. 

  379.         }
    380. 

  380. #   elif defined(OSSL_TFO_SYSCTL)
    381. 

  381.         int enabled = 0;
    382. 

  382.         size_t enabledlen = sizeof(enabled);
    383. 

  383. 

  384.         /* Early FreeBSD, macOS */
    385. 

  385.         if (sysctlbyname(OSSL_TFO_SYSCTL, &enabled, &enabledlen, NULL, 0) < 0) {
    386. 

  386.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_NO_KERNEL_SUPPORT);
    387. 

  387.             return 0;
    388. 

  388.         }
    389. 

  389.         /* Need to check for server flag */
    390. 

  390.         if (!(enabled & OSSL_TFO_SERVER_FLAG)) {
    391. 

  391.             ERR_raise(ERR_LIB_BIO, BIO_R_TFO_DISABLED);
    392. 

  392.             return 0;
    393. 

  393.         }
    394. 

  394. #   endif
    395. 

  395. #  endif
    396. 

  396.         if (setsockopt(sock, IPPROTO_TCP, OSSL_TFO_SERVER_SOCKOPT,
    397. 

  397.                        (void *)&q, sizeof(q)) < 0) {
    398. 

  398.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    399. 

  399.                            "calling setsockopt()");
    400. 

  400.             ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_TFO);
    401. 

  401.             return 0;
    402. 

  402.         }
    403. 

  403.     }
    404. 

  404. # endif
    405. 

  405. 

  406.     return 1;
    407. 

  407. }
    408. 

  408. 

  409. /*-
    410. 

  410.  * BIO_accept_ex - Accept new incoming connections
    411. 

  411.  * @sock: the listening socket
    412. 

  412.  * @addr: the BIO_ADDR to store the peer address in
    413. 

  413.  * @options: BIO socket options, applied on the accepted socket.
    414. 

  414.  *
    415. 

  415.  */
    416. 

  416. int BIO_accept_ex(int accept_sock, BIO_ADDR *addr_, int options)
    417. 

  417. {
    418. 

  418.     socklen_t len;
    419. 

  419.     int accepted_sock;
    420. 

  420.     BIO_ADDR locaddr;
    421. 

  421.     BIO_ADDR *addr = addr_ == NULL ? &locaddr : addr_;
    422. 

  422. 

  423.     len = sizeof(*addr);
    424. 

  424.     accepted_sock = accept(accept_sock,
    425. 

  425.                            BIO_ADDR_sockaddr_noconst(addr), &len);
    426. 

  426.     if (accepted_sock == -1) {
    427. 

  427.         if (!BIO_sock_should_retry(accepted_sock)) {
    428. 

  428.             ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
    429. 

  429.                            "calling accept()");
    430. 

  430.             ERR_raise(ERR_LIB_BIO, BIO_R_ACCEPT_ERROR);
    431. 

  431.         }
    432. 

  432.         return INVALID_SOCKET;
    433. 

  433.     }
    434. 

  434. 

  435.     if (!BIO_socket_nbio(accepted_sock, (options & BIO_SOCK_NONBLOCK) != 0)) {
    436. 

  436.         closesocket(accepted_sock);
    437. 

  437.         return INVALID_SOCKET;
    438. 

  438.     }
    439. 

  439. 

  440.     return accepted_sock;
    441. 

  441. }
    442. 

  442. 

  443. /*-
    444. 

  444.  * BIO_closesocket - Close a socket
    445. 

  445.  * @sock: the socket to close
    446. 

  446.  */
    447. 

  447. int BIO_closesocket(int sock)
    448. 

  448. {
    449. 

  449.     if (sock < 0 || closesocket(sock) < 0)
    450. 

  450.         return 0;
    451. 

  451.     return 1;
    452. 

  452. }
    453. 

  453. #endif
    454.