Squashed commit of the following:

Add new option '-http_server_binmode' which allows the server to open and send binary files as well as text. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8811)
2025-01-24 13:55:42 +08:00 · 2019-05-09 09:16:19 +10:00 · 2019-05-09 09:16:19 +10:00 · c3be39f2e4
commit c3be39f2e4
parent 5c3f1e34b5
2 changed files with 17 additions and 2 deletions
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -123,6 +123,8 @@ static SSL_SESSION *psksess = NULL;
 static char *psk_identity = "Client_identity";
 char *psk_key = NULL;           /* by default PSK is not used */

+static char http_server_binmode = 0; /* for now: 0/1 = default/binary */
+
 #ifndef OPENSSL_NO_PSK
 static unsigned int psk_server_cb(SSL *ssl, const char *identity,
                                  unsigned char *psk,
@ -752,6 +754,7 @@ typedef enum OPTION_choice {
    OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,
    OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_RECV_MAX_EARLY, OPT_EARLY_DATA,
    OPT_S_NUM_TICKETS, OPT_ANTI_REPLAY, OPT_NO_ANTI_REPLAY, OPT_SCTP_LABEL_BUG,
+    OPT_HTTP_SERVER_BINMODE,
    OPT_R_ENUM,
    OPT_S_ENUM,
    OPT_V_ENUM,
@ -966,6 +969,7 @@ const OPTIONS s_server_options[] = {
     "The number of TLSv1.3 session tickets that a server will automatically  issue" },
    {"anti_replay", OPT_ANTI_REPLAY, '-', "Switch on anti-replay protection (default)"},
    {"no_anti_replay", OPT_NO_ANTI_REPLAY, '-', "Switch off anti-replay protection"},
+    {"http_server_binmode", OPT_HTTP_SERVER_BINMODE, '-', "opening files in binary mode when acting as http server (-WWW and -HTTP)"},
    {NULL, OPT_EOF, 0, NULL}
 };

@ -1595,6 +1599,9 @@ int s_server_main(int argc, char *argv[])
            if (max_early_data == -1)
                max_early_data = SSL3_RT_MAX_PLAIN_LENGTH;
            break;
+        case OPT_HTTP_SERVER_BINMODE:
+            http_server_binmode = 1;
+            break;
        }
    }
    argc = opt_num_rest();
@ -2956,6 +2963,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
 #endif
    int width;
    fd_set readfds;
+    const char *opmode;

    /* Set width for a select call if needed */
    width = s + 1;
@ -3249,9 +3257,10 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
                break;
            }

-            if ((file = BIO_new_file(p, "r")) == NULL) {
+            opmode = (http_server_binmode == 1) ? "rb" : "r";
+            if ((file = BIO_new_file(p, opmode)) == NULL) {
                BIO_puts(io, text);
-                BIO_printf(io, "Error opening '%s'\r\n", p);
+                BIO_printf(io, "Error opening '%s' mode='%s'\r\n", p, opmode);
                ERR_print_errors(io);
                break;
            }
--- a/doc/man1/s_server.pod
+++ b/doc/man1/s_server.pod
@ -184,6 +184,7 @@ B<openssl> B<s_server>
 [B<-early_data>]
 [B<-anti_replay>]
 [B<-no_anti_replay>]
+[B<-http_server_binmode>]

 =head1 DESCRIPTION

@ -743,6 +744,11 @@ has been negotiated, and early data is enabled on the server. A full handshake
 is forced if a session ticket is used a second or subsequent time. Any early
 data that was sent will be rejected.

+=item B<-http_server_binmode>
+
+When acting as web-server (using option B<-WWW> or B<-HTTP>) open files requested
+by the client in binary mode.
+
 =back

 =head1 CONNECTED COMMANDS