]> git.ipfire.org Git - thirdparty/openssl.git/blob - apps/s_socket.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix security hole.
[thirdparty/openssl.git] / apps / s_socket.c
1 /* apps/s_socket.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include <string.h>
62 #include <errno.h>
63 #include <signal.h>
64 #define USE_SOCKETS
65 #define NON_MAIN
66 #include "apps.h"
67 #undef USE_SOCKETS
68 #undef NON_MAIN
69 #include "s_apps.h"
70 #include "ssl.h"
71
72 #ifndef NOPROTO
73 static struct hostent *GetHostByName(char *name);
74 int sock_init(void );
75 #else
76 static struct hostent *GetHostByName();
77 int sock_init();
78 #endif
79
80 #ifdef WIN16
81 #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
82 #else
83 #define SOCKET_PROTOCOL IPPROTO_TCP
84 #endif
85
86 #ifdef WINDOWS
87 static struct WSAData wsa_state;
88 static int wsa_init_done=0;
89
90 #ifdef WIN16
91 static HWND topWnd=0;
92 static FARPROC lpTopWndProc=NULL;
93 static FARPROC lpTopHookProc=NULL;
94 extern HINSTANCE _hInstance; /* nice global CRT provides */
95
96 static LONG FAR PASCAL topHookProc(hwnd,message,wParam,lParam)
97 HWND hwnd;
98 UINT message;
99 WPARAM wParam;
100 LPARAM lParam;
101 {
102 if (hwnd == topWnd)
103 {
104 switch(message)
105 {
106 case WM_DESTROY:
107 case WM_CLOSE:
108 SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
109 sock_cleanup();
110 break;
111 }
112 }
113 return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
114 }
115
116 static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
117 {
118 topWnd=hwnd;
119 return(FALSE);
120 }
121
122 #endif /* WIN32 */
123 #endif /* WINDOWS */
124
125 void sock_cleanup()
126 {
127 #ifdef WINDOWS
128 if (wsa_init_done)
129 {
130 wsa_init_done=0;
131 WSACancelBlockingCall();
132 WSACleanup();
133 }
134 #endif
135 }
136
137 int sock_init()
138 {
139 #ifdef WINDOWS
140 if (!wsa_init_done)
141 {
142 int err;
143
144 #ifdef SIGINT
145 signal(SIGINT,(void (*)(int))sock_cleanup);
146 #endif
147 wsa_init_done=1;
148 memset(&wsa_state,0,sizeof(wsa_state));
149 if (WSAStartup(0x0101,&wsa_state)!=0)
150 {
151 err=WSAGetLastError();
152 BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
153 return(0);
154 }
155
156 #ifdef WIN16
157 EnumTaskWindows(GetCurrentTask(),enumproc,0L);
158 lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
159 lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
160
161 SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
162 #endif /* WIN16 */
163 }
164 #endif /* WINDOWS */
165 return(1);
166 }
167
168 int init_client(sock, host, port)
169 int *sock;
170 char *host;
171 int port;
172 {
173 unsigned char ip[4];
174 short p=0;
175
176 if (!host_ip(host,&(ip[0])))
177 {
178 return(0);
179 }
180 if (p != 0) port=p;
181 return(init_client_ip(sock,ip,port));
182 }
183
184 int init_client_ip(sock, ip, port)
185 int *sock;
186 unsigned char ip[4];
187 int port;
188 {
189 unsigned long addr;
190 struct sockaddr_in them;
191 int s,i;
192
193 if (!sock_init()) return(0);
194
195 memset((char *)&them,0,sizeof(them));
196 them.sin_family=AF_INET;
197 them.sin_port=htons((unsigned short)port);
198 addr=(unsigned long)
199 ((unsigned long)ip[0]<<24L)|
200 ((unsigned long)ip[1]<<16L)|
201 ((unsigned long)ip[2]<< 8L)|
202 ((unsigned long)ip[3]);
203 them.sin_addr.s_addr=htonl(addr);
204
205 s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
206 if (s == INVALID_SOCKET) { perror("socket"); return(0); }
207
208 i=0;
209 i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
210 if (i < 0) { perror("keepalive"); return(0); }
211
212 if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
213 { close(s); perror("connect"); return(0); }
214 *sock=s;
215 return(1);
216 }
217
218 int nbio_sock_error(sock)
219 int sock;
220 {
221 int j,i,size;
222
223 size=sizeof(int);
224 i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
225 if (i < 0)
226 return(1);
227 else
228 return(j);
229 }
230
231 int nbio_init_client_ip(sock, ip, port)
232 int *sock;
233 unsigned char ip[4];
234 int port;
235 {
236 unsigned long addr;
237 struct sockaddr_in them;
238 int s,i;
239
240 if (!sock_init()) return(0);
241
242 memset((char *)&them,0,sizeof(them));
243 them.sin_family=AF_INET;
244 them.sin_port=htons((unsigned short)port);
245 addr= (unsigned long)
246 ((unsigned long)ip[0]<<24L)|
247 ((unsigned long)ip[1]<<16L)|
248 ((unsigned long)ip[2]<< 8L)|
249 ((unsigned long)ip[3]);
250 them.sin_addr.s_addr=htonl(addr);
251
252 if (*sock <= 0)
253 {
254 unsigned long l=1;
255
256 s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
257 if (s == INVALID_SOCKET) { perror("socket"); return(0); }
258
259 i=0;
260 i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
261 if (i < 0) { perror("keepalive"); return(0); }
262 *sock=s;
263
264 #ifdef FIONBIO
265 BIO_socket_ioctl(s,FIONBIO,&l);
266 #endif
267 }
268 else
269 s= *sock;
270
271 i=connect(s,(struct sockaddr *)&them,sizeof(them));
272 if (i == INVALID_SOCKET)
273 {
274 if (BIO_sock_should_retry(i))
275 return(-1);
276 else
277 return(0);
278 }
279 else
280 return(1);
281 }
282
283 int do_server(port, ret, cb, context)
284 int port;
285 int *ret;
286 int (*cb)();
287 char *context;
288 {
289 int sock;
290 char *name;
291 int accept_socket;
292 int i;
293
294 if (!init_server(&accept_socket,port)) return(0);
295
296 if (ret != NULL)
297 {
298 *ret=accept_socket;
299 /* return(1);*/
300 }
301 for (;;)
302 {
303 if (do_accept(accept_socket,&sock,&name) == 0)
304 {
305 SHUTDOWN(accept_socket);
306 return(0);
307 }
308 i=(*cb)(name,sock, context);
309 if (name != NULL) Free(name);
310 SHUTDOWN2(sock);
311 if (i < 0)
312 {
313 SHUTDOWN2(accept_socket);
314 return(i);
315 }
316 }
317 }
318
319 int init_server_long(sock, port, ip)
320 int *sock;
321 int port;
322 char *ip;
323 {
324 int ret=0;
325 struct sockaddr_in server;
326 int s= -1,i;
327
328 if (!sock_init()) return(0);
329
330 memset((char *)&server,0,sizeof(server));
331 server.sin_family=AF_INET;
332 server.sin_port=htons((unsigned short)port);
333 if (ip == NULL)
334 server.sin_addr.s_addr=INADDR_ANY;
335 else
336 /* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
337 #ifndef BIT_FIELD_LIMITS
338 memcpy(&server.sin_addr.s_addr,ip,4);
339 #else
340 memcpy(&server.sin_addr,ip,4);
341 #endif
342 s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
343
344 if (s == INVALID_SOCKET) goto err;
345 if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
346 {
347 #ifndef WINDOWS
348 perror("bind");
349 #endif
350 goto err;
351 }
352 /* Make it 128 for linux */
353 if (listen(s,128) == -1) goto err;
354 i=0;
355 *sock=s;
356 ret=1;
357 err:
358 if ((ret == 0) && (s != -1))
359 {
360 SHUTDOWN(s);
361 }
362 return(ret);
363 }
364
365 int init_server(sock,port)
366 int *sock;
367 int port;
368 {
369 return(init_server_long(sock, port, NULL));
370 }
371
372 int do_accept(acc_sock, sock, host)
373 int acc_sock;
374 int *sock;
375 char **host;
376 {
377 int ret,i;
378 struct hostent *h1,*h2;
379 static struct sockaddr_in from;
380 int len;
381 /* struct linger ling; */
382
383 if (!sock_init()) return(0);
384
385 #ifndef WINDOWS
386 redoit:
387 #endif
388
389 memset((char *)&from,0,sizeof(from));
390 len=sizeof(from);
391 ret=accept(acc_sock,(struct sockaddr *)&from,&len);
392 if (ret == INVALID_SOCKET)
393 {
394 #ifdef WINDOWS
395 i=WSAGetLastError();
396 BIO_printf(bio_err,"accept error %d\n",i);
397 #else
398 if (errno == EINTR)
399 {
400 /*check_timeout(); */
401 goto redoit;
402 }
403 fprintf(stderr,"errno=%d ",errno);
404 perror("accept");
405 #endif
406 return(0);
407 }
408
409 /*
410 ling.l_onoff=1;
411 ling.l_linger=0;
412 i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
413 if (i < 0) { perror("linger"); return(0); }
414 i=0;
415 i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
416 if (i < 0) { perror("keepalive"); return(0); }
417 */
418
419 if (host == NULL) goto end;
420 #ifndef BIT_FIELD_LIMITS
421 /* I should use WSAAsyncGetHostByName() under windows */
422 h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
423 sizeof(from.sin_addr.s_addr),AF_INET);
424 #else
425 h1=gethostbyaddr((char *)&from.sin_addr,
426 sizeof(struct in_addr),AF_INET);
427 #endif
428 if (h1 == NULL)
429 {
430 BIO_printf(bio_err,"bad gethostbyaddr\n");
431 *host=NULL;
432 /* return(0); */
433 }
434 else
435 {
436 if ((*host=(char *)Malloc(strlen(h1->h_name)+1)) == NULL)
437 {
438 perror("Malloc");
439 return(0);
440 }
441 strcpy(*host,h1->h_name);
442
443 h2=GetHostByName(*host);
444 if (h2 == NULL)
445 {
446 BIO_printf(bio_err,"gethostbyname failure\n");
447 return(0);
448 }
449 i=0;
450 if (h2->h_addrtype != AF_INET)
451 {
452 BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
453 return(0);
454 }
455 }
456 end:
457 *sock=ret;
458 return(1);
459 }
460
461 int extract_host_port(str,host_ptr,ip,port_ptr)
462 char *str;
463 char **host_ptr;
464 unsigned char *ip;
465 short *port_ptr;
466 {
467 char *h,*p;
468
469 h=str;
470 p=strchr(str,':');
471 if (p == NULL)
472 {
473 BIO_printf(bio_err,"no port defined\n");
474 return(0);
475 }
476 *(p++)='\0';
477
478 if ((ip != NULL) && !host_ip(str,ip))
479 goto err;
480 if (host_ptr != NULL) *host_ptr=h;
481
482 if (!extract_port(p,port_ptr))
483 goto err;
484 return(1);
485 err:
486 return(0);
487 }
488
489 int host_ip(str,ip)
490 char *str;
491 unsigned char ip[4];
492 {
493 unsigned int in[4];
494 int i;
495
496 if (sscanf(str,"%d.%d.%d.%d",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
497 {
498 for (i=0; i<4; i++)
499 if (in[i] > 255)
500 {
501 BIO_printf(bio_err,"invalid IP address\n");
502 goto err;
503 }
504 ip[0]=in[0];
505 ip[1]=in[1];
506 ip[2]=in[2];
507 ip[3]=in[3];
508 }
509 else
510 { /* do a gethostbyname */
511 struct hostent *he;
512
513 if (!sock_init()) return(0);
514
515 he=GetHostByName(str);
516 if (he == NULL)
517 {
518 BIO_printf(bio_err,"gethostbyname failure\n");
519 goto err;
520 }
521 /* cast to short because of win16 winsock definition */
522 if ((short)he->h_addrtype != AF_INET)
523 {
524 BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
525 return(0);
526 }
527 ip[0]=he->h_addr_list[0][0];
528 ip[1]=he->h_addr_list[0][1];
529 ip[2]=he->h_addr_list[0][2];
530 ip[3]=he->h_addr_list[0][3];
531 }
532 return(1);
533 err:
534 return(0);
535 }
536
537 int extract_port(str,port_ptr)
538 char *str;
539 short *port_ptr;
540 {
541 int i;
542 struct servent *s;
543
544 i=atoi(str);
545 if (i != 0)
546 *port_ptr=(unsigned short)i;
547 else
548 {
549 s=getservbyname(str,"tcp");
550 if (s == NULL)
551 {
552 BIO_printf(bio_err,"getservbyname failure for %s\n",str);
553 return(0);
554 }
555 *port_ptr=ntohs((unsigned short)s->s_port);
556 }
557 return(1);
558 }
559
560 #define GHBN_NUM 4
561 static struct ghbn_cache_st
562 {
563 char name[128];
564 struct hostent ent;
565 unsigned long order;
566 } ghbn_cache[GHBN_NUM];
567
568 static unsigned long ghbn_hits=0L;
569 static unsigned long ghbn_miss=0L;
570
571 static struct hostent *GetHostByName(name)
572 char *name;
573 {
574 struct hostent *ret;
575 int i,lowi=0;
576 unsigned long low= (unsigned long)-1;
577
578 for (i=0; i<GHBN_NUM; i++)
579 {
580 if (low > ghbn_cache[i].order)
581 {
582 low=ghbn_cache[i].order;
583 lowi=i;
584 }
585 if (ghbn_cache[i].order > 0)
586 {
587 if (strncmp(name,ghbn_cache[i].name,128) == 0)
588 break;
589 }
590 }
591 if (i == GHBN_NUM) /* no hit*/
592 {
593 ghbn_miss++;
594 ret=gethostbyname(name);
595 if (ret == NULL) return(NULL);
596 /* else add to cache */
597 strncpy(ghbn_cache[lowi].name,name,128);
598 memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
599 ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
600 return(ret);
601 }
602 else
603 {
604 ghbn_hits++;
605 ret= &(ghbn_cache[i].ent);
606 ghbn_cache[i].order=ghbn_miss+ghbn_hits;
607 return(ret);
608 }
609 }
610
611 #ifndef MSDOS
612 int spawn(argc, argv, in, out)
613 int argc;
614 char **argv;
615 int *in;
616 int *out;
617 {
618 int pid;
619 #define CHILD_READ p1[0]
620 #define CHILD_WRITE p2[1]
621 #define PARENT_READ p2[0]
622 #define PARENT_WRITE p1[1]
623 int p1[2],p2[2];
624
625 if ((pipe(p1) < 0) || (pipe(p2) < 0)) return(-1);
626
627 if ((pid=fork()) == 0)
628 { /* child */
629 if (dup2(CHILD_WRITE,fileno(stdout)) < 0)
630 perror("dup2");
631 if (dup2(CHILD_WRITE,fileno(stderr)) < 0)
632 perror("dup2");
633 if (dup2(CHILD_READ,fileno(stdin)) < 0)
634 perror("dup2");
635 close(CHILD_READ);
636 close(CHILD_WRITE);
637
638 close(PARENT_READ);
639 close(PARENT_WRITE);
640 execvp(argv[0],argv);
641 perror("child");
642 exit(1);
643 }
644
645 /* parent */
646 *in= PARENT_READ;
647 *out=PARENT_WRITE;
648 close(CHILD_READ);
649 close(CHILD_WRITE);
650 return(pid);
651 }
652 #endif /* MSDOS */
653
654
655 #ifdef undef
656 /* Turn on synchronous sockets so that we can do a WaitForMultipleObjects
657 * on sockets */
658 {
659 SOCKET s;
660 int optionValue = SO_SYNCHRONOUS_NONALERT;
661 int err;
662
663 err = setsockopt(
664 INVALID_SOCKET,
665 SOL_SOCKET,
666 SO_OPENTYPE,
667 (char *)&optionValue,
668 sizeof(optionValue));
669 if (err != NO_ERROR) {
670 /* failed for some reason... */
671 BIO_printf(bio_err, "failed to setsockopt(SO_OPENTYPE, SO_SYNCHRONOUS_ALERT) - %d\n",
672 WSAGetLastError());
673 }
674 }
675 #endif
A mirror of the official openssl repository