]> git.ipfire.org Git - people/arne_f/ipfire-3.x.git/blob - openssl/patches/openssl-1.0.1-beta2-ipv6-apps.patch
projects / people / arne_f / ipfire-3.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'arne_f/autoconf'
[people/arne_f/ipfire-3.x.git] / openssl / patches / openssl-1.0.1-beta2-ipv6-apps.patch
1 diff -up openssl-1.0.1-beta2/apps/s_apps.h.ipv6-apps openssl-1.0.1-beta2/apps/s_apps.h
2 --- openssl-1.0.1-beta2/apps/s_apps.h.ipv6-apps 2012-02-02 12:56:27.216889198 +0100
3 +++ openssl-1.0.1-beta2/apps/s_apps.h 2012-02-02 12:56:27.257889552 +0100
4 @@ -148,7 +148,7 @@ typedef fd_mask fd_set;
5 #define PORT_STR "4433"
6 #define PROTOCOL "tcp"
7
8 -int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
9 +int do_server(char *port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
10 #ifdef HEADER_X509_H
11 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
12 #endif
13 @@ -156,10 +156,9 @@ int MS_CALLBACK verify_callback(int ok,
14 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
15 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
16 #endif
17 -int init_client(int *sock, char *server, int port, int type);
18 +int init_client(int *sock, char *server, char *port, int type);
19 int should_retry(int i);
20 -int extract_port(char *str, short *port_ptr);
21 -int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
22 +int extract_host_port(char *str,char **host_ptr,char **port_ptr);
23
24 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
25 int argi, long argl, long ret);
26 diff -up openssl-1.0.1-beta2/apps/s_client.c.ipv6-apps openssl-1.0.1-beta2/apps/s_client.c
27 --- openssl-1.0.1-beta2/apps/s_client.c.ipv6-apps 2012-02-02 12:56:27.238889388 +0100
28 +++ openssl-1.0.1-beta2/apps/s_client.c 2012-02-02 12:56:27.258889561 +0100
29 @@ -563,7 +563,7 @@ int MAIN(int argc, char **argv)
30 int cbuf_len,cbuf_off;
31 int sbuf_len,sbuf_off;
32 fd_set readfds,writefds;
33 - short port=PORT;
34 + char *port_str = PORT_STR;
35 int full_log=1;
36 char *host=SSL_HOST_NAME;
37 char *cert_file=NULL,*key_file=NULL;
38 @@ -670,13 +670,12 @@ int MAIN(int argc, char **argv)
39 else if (strcmp(*argv,"-port") == 0)
40 {
41 if (--argc < 1) goto bad;
42 - port=atoi(*(++argv));
43 - if (port == 0) goto bad;
44 + port_str= *(++argv);
45 }
46 else if (strcmp(*argv,"-connect") == 0)
47 {
48 if (--argc < 1) goto bad;
49 - if (!extract_host_port(*(++argv),&host,NULL,&port))
50 + if (!extract_host_port(*(++argv),&host,&port_str))
51 goto bad;
52 }
53 else if (strcmp(*argv,"-verify") == 0)
54 @@ -1260,7 +1259,7 @@ bad:
55
56 re_start:
57
58 - if (init_client(&s,host,port,socket_type) == 0)
59 + if (init_client(&s,host,port_str,socket_type) == 0)
60 {
61 BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
62 SHUTDOWN(s);
63 diff -up openssl-1.0.1-beta2/apps/s_server.c.ipv6-apps openssl-1.0.1-beta2/apps/s_server.c
64 --- openssl-1.0.1-beta2/apps/s_server.c.ipv6-apps 2012-02-02 12:56:27.239889397 +0100
65 +++ openssl-1.0.1-beta2/apps/s_server.c 2012-02-02 12:56:27.259889570 +0100
66 @@ -929,7 +929,7 @@ int MAIN(int argc, char *argv[])
67 {
68 X509_VERIFY_PARAM *vpm = NULL;
69 int badarg = 0;
70 - short port=PORT;
71 + char *port_str = PORT_STR;
72 char *CApath=NULL,*CAfile=NULL;
73 unsigned char *context = NULL;
74 char *dhfile = NULL;
75 @@ -1010,8 +1010,7 @@ int MAIN(int argc, char *argv[])
76 (strcmp(*argv,"-accept") == 0))
77 {
78 if (--argc < 1) goto bad;
79 - if (!extract_port(*(++argv),&port))
80 - goto bad;
81 + port_str= *(++argv);
82 }
83 else if (strcmp(*argv,"-verify") == 0)
84 {
85 @@ -1888,9 +1887,9 @@ bad:
86 BIO_printf(bio_s_out,"ACCEPT\n");
87 (void)BIO_flush(bio_s_out);
88 if (www)
89 - do_server(port,socket_type,&accept_socket,www_body, context);
90 + do_server(port_str,socket_type,&accept_socket,www_body, context);
91 else
92 - do_server(port,socket_type,&accept_socket,sv_body, context);
93 + do_server(port_str,socket_type,&accept_socket,sv_body, context);
94 print_stats(bio_s_out,ctx);
95 ret=0;
96 end:
97 diff -up openssl-1.0.1-beta2/apps/s_socket.c.ipv6-apps openssl-1.0.1-beta2/apps/s_socket.c
98 --- openssl-1.0.1-beta2/apps/s_socket.c.ipv6-apps 2011-12-02 15:39:40.000000000 +0100
99 +++ openssl-1.0.1-beta2/apps/s_socket.c 2012-01-19 14:53:30.000000000 +0100
100 @@ -102,9 +102,7 @@ static struct hostent *GetHostByName(cha
101 static void ssl_sock_cleanup(void);
102 #endif
103 static int ssl_sock_init(void);
104 -static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
105 -static int init_server(int *sock, int port, int type);
106 -static int init_server_long(int *sock, int port,char *ip, int type);
107 +static int init_server(int *sock, char *port, int type);
108 static int do_accept(int acc_sock, int *sock, char **host);
109 static int host_ip(char *str, unsigned char ip[4]);
110
111 @@ -234,57 +232,70 @@ static int ssl_sock_init(void)
112 return(1);
113 }
114
115 -int init_client(int *sock, char *host, int port, int type)
116 +int init_client(int *sock, char *host, char *port, int type)
117 {
118 - unsigned char ip[4];
119 -
120 - memset(ip, '\0', sizeof ip);
121 - if (!host_ip(host,&(ip[0])))
122 - return 0;
123 - return init_client_ip(sock,ip,port,type);
124 - }
125 -
126 -static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
127 - {
128 - unsigned long addr;
129 - struct sockaddr_in them;
130 - int s,i;
131 + struct addrinfo *res, *res0, hints;
132 + char * failed_call = NULL;
133 + int s;
134 + int e;
135
136 if (!ssl_sock_init()) return(0);
137
138 - memset((char *)&them,0,sizeof(them));
139 - them.sin_family=AF_INET;
140 - them.sin_port=htons((unsigned short)port);
141 - addr=(unsigned long)
142 - ((unsigned long)ip[0]<<24L)|
143 - ((unsigned long)ip[1]<<16L)|
144 - ((unsigned long)ip[2]<< 8L)|
145 - ((unsigned long)ip[3]);
146 - them.sin_addr.s_addr=htonl(addr);
147 -
148 - if (type == SOCK_STREAM)
149 - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
150 - else /* ( type == SOCK_DGRAM) */
151 - s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
152 -
153 - if (s == INVALID_SOCKET) { perror("socket"); return(0); }
154 + memset(&hints, '\0', sizeof(hints));
155 + hints.ai_socktype = type;
156 + hints.ai_flags = AI_ADDRCONFIG;
157 +
158 + e = getaddrinfo(host, port, &hints, &res);
159 + if (e)
160 + {
161 + fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
162 + if (e == EAI_SYSTEM)
163 + perror("getaddrinfo");
164 + return (0);
165 + }
166
167 + res0 = res;
168 + while (res)
169 + {
170 + s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
171 + if (s == INVALID_SOCKET)
172 + {
173 + failed_call = "socket";
174 + goto nextres;
175 + }
176 #if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
177 if (type == SOCK_STREAM)
178 {
179 - i=0;
180 - i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
181 - if (i < 0) { perror("keepalive"); return(0); }
182 + int i=0;
183 + i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
184 + (char *)&i,sizeof(i));
185 + if (i < 0) {
186 + failed_call = "keepalive";
187 + goto nextres;
188 + }
189 }
190 #endif
191 -
192 - if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
193 - { closesocket(s); perror("connect"); return(0); }
194 + if (connect(s,(struct sockaddr *)res->ai_addr,
195 + res->ai_addrlen) == 0)
196 + {
197 + freeaddrinfo(res0);
198 *sock=s;
199 return(1);
200 }
201
202 -int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
203 + failed_call = "socket";
204 +nextres:
205 + if (s != INVALID_SOCKET)
206 + close(s);
207 + res = res->ai_next;
208 + }
209 + freeaddrinfo(res0);
210 +
211 + perror(failed_call);
212 + return(0);
213 + }
214 +
215 +int do_server(char *port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
216 {
217 int sock;
218 char *name = NULL;
219 @@ -322,33 +333,45 @@ int do_server(int port, int type, int *r
220 }
221 }
222
223 -static int init_server_long(int *sock, int port, char *ip, int type)
224 +static int init_server(int *sock, char *port, int type)
225 {
226 - int ret=0;
227 - struct sockaddr_in server;
228 - int s= -1;
229 + struct addrinfo *res, *res0 = NULL, hints;
230 + char * failed_call = NULL;
231 + int s;
232 + int e;
233
234 if (!ssl_sock_init()) return(0);
235
236 - memset((char *)&server,0,sizeof(server));
237 - server.sin_family=AF_INET;
238 - server.sin_port=htons((unsigned short)port);
239 - if (ip == NULL)
240 - server.sin_addr.s_addr=INADDR_ANY;
241 - else
242 -/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
243 -#ifndef BIT_FIELD_LIMITS
244 - memcpy(&server.sin_addr.s_addr,ip,4);
245 -#else
246 - memcpy(&server.sin_addr,ip,4);
247 -#endif
248 + memset(&hints, '\0', sizeof(hints));
249 + hints.ai_family = AF_INET6;
250 +tryipv4:
251 + hints.ai_socktype = type;
252 + hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
253
254 - if (type == SOCK_STREAM)
255 - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
256 - else /* type == SOCK_DGRAM */
257 - s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
258 + e = getaddrinfo(NULL, port, &hints, &res);
259 + if (e)
260 + {
261 + fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
262 + if (e == EAI_SYSTEM)
263 + perror("getaddrinfo");
264 + return (0);
265 + }
266
267 - if (s == INVALID_SOCKET) goto err;
268 + res0 = res;
269 + while (res)
270 + {
271 + s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
272 + if (s == INVALID_SOCKET)
273 + {
274 + failed_call = "socket";
275 + goto nextres;
276 + }
277 + if (hints.ai_family == AF_INET6)
278 + {
279 + int j = 0;
280 + setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
281 + (void *) &j, sizeof j);
282 + }
283 #if defined SOL_SOCKET && defined SO_REUSEADDR
284 {
285 int j = 1;
286 @@ -356,35 +379,49 @@ static int init_server_long(int *sock, i
287 (void *) &j, sizeof j);
288 }
289 #endif
290 - if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
291 +
292 + if (bind(s,(struct sockaddr *)res->ai_addr, res->ai_addrlen) == -1)
293 {
294 -#ifndef OPENSSL_SYS_WINDOWS
295 - perror("bind");
296 -#endif
297 - goto err;
298 + failed_call = "bind";
299 + goto nextres;
300 }
301 - /* Make it 128 for linux */
302 - if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
303 - *sock=s;
304 - ret=1;
305 -err:
306 - if ((ret == 0) && (s != -1))
307 + if (type==SOCK_STREAM && listen(s,128) == -1)
308 {
309 - SHUTDOWN(s);
310 + failed_call = "listen";
311 + goto nextres;
312 }
313 - return(ret);
314 +
315 + *sock=s;
316 + return(1);
317 +
318 +nextres:
319 + if (s != INVALID_SOCKET)
320 + close(s);
321 + res = res->ai_next;
322 }
323 + if (res0)
324 + freeaddrinfo(res0);
325
326 -static int init_server(int *sock, int port, int type)
327 + if (s == INVALID_SOCKET)
328 {
329 - return(init_server_long(sock, port, NULL, type));
330 + if (hints.ai_family == AF_INET6)
331 + {
332 + hints.ai_family = AF_INET;
333 + goto tryipv4;
334 + }
335 + perror("socket");
336 + return(0);
337 + }
338 +
339 + perror(failed_call);
340 + return(0);
341 }
342
343 static int do_accept(int acc_sock, int *sock, char **host)
344 {
345 + static struct sockaddr_storage from;
346 + char buffer[NI_MAXHOST];
347 int ret;
348 - struct hostent *h1,*h2;
349 - static struct sockaddr_in from;
350 int len;
351 /* struct linger ling; */
352
353 @@ -431,135 +468,58 @@ redoit:
354 */
355
356 if (host == NULL) goto end;
357 -#ifndef BIT_FIELD_LIMITS
358 - /* I should use WSAAsyncGetHostByName() under windows */
359 - h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
360 - sizeof(from.sin_addr.s_addr),AF_INET);
361 -#else
362 - h1=gethostbyaddr((char *)&from.sin_addr,
363 - sizeof(struct in_addr),AF_INET);
364 -#endif
365 - if (h1 == NULL)
366 +
367 + if (getnameinfo((struct sockaddr *)&from, sizeof(from),
368 + buffer, sizeof(buffer),
369 + NULL, 0, 0))
370 {
371 - BIO_printf(bio_err,"bad gethostbyaddr\n");
372 + BIO_printf(bio_err,"getnameinfo failed\n");
373 *host=NULL;
374 /* return(0); */
375 }
376 else
377 {
378 - if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
379 + if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
380 {
381 perror("OPENSSL_malloc");
382 return(0);
383 }
384 - BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
385 -
386 - h2=GetHostByName(*host);
387 - if (h2 == NULL)
388 - {
389 - BIO_printf(bio_err,"gethostbyname failure\n");
390 - return(0);
391 - }
392 - if (h2->h_addrtype != AF_INET)
393 - {
394 - BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
395 - return(0);
396 - }
397 + strcpy(*host, buffer);
398 }
399 end:
400 *sock=ret;
401 return(1);
402 }
403
404 -int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
405 - short *port_ptr)
406 +int extract_host_port(char *str, char **host_ptr,
407 + char **port_ptr)
408 {
409 - char *h,*p;
410 + char *h,*p,*x;
411
412 - h=str;
413 - p=strchr(str,':');
414 + x=h=str;
415 + if (*h == '[')
416 + {
417 + h++;
418 + p=strchr(h,']');
419 if (p == NULL)
420 {
421 - BIO_printf(bio_err,"no port defined\n");
422 + BIO_printf(bio_err,"no ending bracket for IPv6 address\n");
423 return(0);
424 }
425 *(p++)='\0';
426 -
427 - if ((ip != NULL) && !host_ip(str,ip))
428 - goto err;
429 - if (host_ptr != NULL) *host_ptr=h;
430 -
431 - if (!extract_port(p,port_ptr))
432 - goto err;
433 - return(1);
434 -err:
435 - return(0);
436 + x = p;
437 }
438 -
439 -static int host_ip(char *str, unsigned char ip[4])
440 - {
441 - unsigned int in[4];
442 - int i;
443 -
444 - if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
445 - {
446 - for (i=0; i<4; i++)
447 - if (in[i] > 255)
448 - {
449 - BIO_printf(bio_err,"invalid IP address\n");
450 - goto err;
451 - }
452 - ip[0]=in[0];
453 - ip[1]=in[1];
454 - ip[2]=in[2];
455 - ip[3]=in[3];
456 - }
457 - else
458 - { /* do a gethostbyname */
459 - struct hostent *he;
460 -
461 - if (!ssl_sock_init()) return(0);
462 -
463 - he=GetHostByName(str);
464 - if (he == NULL)
465 - {
466 - BIO_printf(bio_err,"gethostbyname failure\n");
467 - goto err;
468 - }
469 - /* cast to short because of win16 winsock definition */
470 - if ((short)he->h_addrtype != AF_INET)
471 + p=strchr(x,':');
472 + if (p == NULL)
473 {
474 - BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
475 - return(0);
476 - }
477 - ip[0]=he->h_addr_list[0][0];
478 - ip[1]=he->h_addr_list[0][1];
479 - ip[2]=he->h_addr_list[0][2];
480 - ip[3]=he->h_addr_list[0][3];
481 - }
482 - return(1);
483 -err:
484 + BIO_printf(bio_err,"no port defined\n");
485 return(0);
486 }
487 + *(p++)='\0';
488
489 -int extract_port(char *str, short *port_ptr)
490 - {
491 - int i;
492 - struct servent *s;
493 + if (host_ptr != NULL) *host_ptr=h;
494 + if (port_ptr != NULL) *port_ptr=p;
495
496 - i=atoi(str);
497 - if (i != 0)
498 - *port_ptr=(unsigned short)i;
499 - else
500 - {
501 - s=getservbyname(str,"tcp");
502 - if (s == NULL)
503 - {
504 - BIO_printf(bio_err,"getservbyname failure for %s\n",str);
505 - return(0);
506 - }
507 - *port_ptr=ntohs((unsigned short)s->s_port);
508 - }
509 return(1);
510 }
511
Arne's tree of IPFire 3.x.