From 3f207a2e704083d7d71aca66d110fcce0bb67e8e Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Fri, 21 Mar 2014 13:24:26 +0100 Subject: [PATCH] OPENSSL-CONNECT with bind option failed on some systems with Invalid argument --- CHANGES | 4 ++++ test.sh | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ xio-openssl.c | 2 +- 3 files changed, 56 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 8538cc6..9a75def 100644 --- a/CHANGES +++ b/CHANGES @@ -15,6 +15,10 @@ corrections: procan could not cleanly format ulimit values longer than 16 decimal digits. Thanks to Frank Dana for providing a patch that increases field width to 24 digits. + + OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with + "Invalid argument" + Thanks to Emile den Tex for reporting this bug. fixed bug in xio-openssl.c that prevented error handling of bad number of arguments, thanks to Paulik Tamas for reporting diff --git a/test.sh b/test.sh index 91db0c0..fc0db38 100755 --- a/test.sh +++ b/test.sh @@ -11622,6 +11622,57 @@ PORT=$((PORT+1)) N=$((N+1)) +# OPENSSL-CONNECT with bind option failed on some systems (eg.FreeBSD, but not +# Linux) with "Invalid argument". +NAME=OPENSSL_CONNECT_BIND +case "$TESTS" in +*%functions%*|*%bugs%*|*%socket%*|*%ssl%*|*%$NAME%*) +TEST="$NAME: test OPENSSL-CONNECT with bind option" +# have a simple SSL server that just echoes data. +# connect with socat using OPENSSL-CONNECT with bind, send data and check if the +# reply is identical. +if ! eval $NUMCOND; then :; else +tf0="$td/test$N.0.stdout" +te0="$td/test$N.0.stderr" +tf1="$td/test$N.1.stdout" +te1="$td/test$N.1.stderr" +tdiff="$td/test$N.diff" +da="test$N $(date) $RANDOM" +CMD0="$SOCAT $opts OPENSSL-LISTEN:$PORT,reuseaddr,ciphers=aNULL,verify=0, PIPE" +CMD1="$SOCAT $opts - OPENSSL-CONNECT:$LOCALHOST:$PORT,bind=$LOCALHOST,ciphers=aNULL,verify=0" +printf "test $F_n $TEST... " $N +$CMD0 >/dev/null 2>"$te0" & +pid0=$! +waittcp4port $PORT 1 +echo "$da" |$CMD1 >"$tf1" 2>"$te1" +rc1=$? +kill $pid0 2>/dev/null; wait +if [ "$rc1" -ne 0 ]; then + $PRINTF "$FAILED\n" + echo "$CMD0 &" + echo "$CMD1" + cat "$te0" + cat "$te1" + numFAIL=$((numFAIL+1)) +elif ! echo "$da" |diff - $tf1 >"$tdiff"; then + $PRINTF "$FAILED\n" + echo "$CMD0 &" + echo "$CMD1" + cat "${te}0" + cat "${te}1" + cat "$tdiff" + numFAIL=$((numFAIL+1)) +else + $PRINTF "$OK\n" + numOK=$((numOK+1)) +fi +fi # NUMCOND + ;; +esac +PORT=$((PORT+1)) +N=$((N+1)) + + ############################################################################### # here come tests that might affect your systems integrity. Put normal tests # before this paragraph. diff --git a/xio-openssl.c b/xio-openssl.c index 6b3fd1a..eb8049c 100644 --- a/xio-openssl.c +++ b/xio-openssl.c @@ -348,7 +348,7 @@ static int /* this cannot fork because we retrieved fork option above */ result = _xioopen_connect(xfd, - needbind?(struct sockaddr *)us:NULL, sizeof(*us), + needbind?(struct sockaddr *)us:NULL, uslen, (struct sockaddr *)them, themlen, opts, pf, socktype, ipproto, lowport, level); switch (result) {