sslserver - accept TLS IPv6/IPv4 connections and setup SSL CTX

Synopsis

sslserver [ -1346UXpPhHrRoOdDqQvIeEsSnNzZ ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -T ssltimeout ] [ -w progtimeout ] host port prog

Description

Following a series of getopt-style options, the host is a host name or IP address, port is a TCP port, and prog is one or more arguments s pecifying a program to run for each accepted connection.

sslserver listens for IPv6/IPv4 connections from TCP clients. For each connection, it runs prog, with file descriptor 0 reading from, and file descriptor 1 writing to a child process ssl. The ssl process attempts an SSL accept via the network. If it succeeds, it translates data between prog and the network, performing any necessary SSL encoding and decoding.

Before running prog, sslserver sets certain environment variables.

sslserver exits when it receives SIGTERM.

Options

General Options:

Connection options:

SSL and TLS connection options:

X509 certificate and encryption options:

Data-gathering options:

SSL environment variables read:

These variables define the run-time environment of sslserver and are used to specify X509 certificates and keyfile per connection.

SSL environment variables set:

In case sslserver is called with the option -e, the following mod_ssl environment variables are provided:

For $SSL_CLIENT_x_DN_Y and $SSL_SERVER_x_DN_Y, Y denotes a component of the DN: C, ST, L, O, OU, CN, T, I, G, S, D, UID, Email.

Other SSL environment variables set:

PROTO, SSLLOCALHOST, SSLLOCALIP, SSLLOCALPORT, SSLREMOTEHOST, SSLREMOTEINFO, SSLREMOTEIP, SSLREMOTEPORT.

TCP environment variables set:

TCPLOCALHOST, TCPLOCALIP, TCPLOCALPORT, TCPREMOTEHOST, TCPREMOTEINFO, TCPREMOTEIP, TCPREMOTEPORT.

TCP6 environment variables set:

TCP6INTERFACE, TCP6LOCALHOST, TCP6LOCALIP, TCP6LOCALPORT, TCP6REMOTEHOST, TCP6REMOTEIP, TCP6REMOTEPORT.