minor corrections to docu and test.sh

This commit is contained in:
Gerhard Rieger 2015-01-18 17:44:12 +01:00
parent f0abfc19fd
commit 3f63c9889f
4 changed files with 26 additions and 6 deletions

12
CHANGES
View file

@ -119,6 +119,12 @@ porting:
including <linux/errqueue.h> and a weakness in the conditional code. including <linux/errqueue.h> and a weakness in the conditional code.
Thanks to Michel Normand for reporting this issue. Thanks to Michel Normand for reporting this issue.
doc:
In the man page the PTY example was badly formatted. Thanks to
J.F.Sebastian for sending a patch.
Added missing CVE ids to security issues in CHANGES
testing: testing:
Do not distribute testcert.conf with socat source but generate it Do not distribute testcert.conf with socat source but generate it
(and new testcert6.conf) during test.sh run. (and new testcert6.conf) during test.sh run.
@ -228,6 +234,7 @@ security:
####################### V 1.7.2.2: ####################### V 1.7.2.2:
security: security:
CVE-2013-3571:
after refusing a client connection due to bad source address or source after refusing a client connection due to bad source address or source
port socat shutdown() the socket but did not close() it, resulting in port socat shutdown() the socket but did not close() it, resulting in
a file descriptor leak in the listening process, visible with lsof and a file descriptor leak in the listening process, visible with lsof and
@ -238,6 +245,7 @@ security:
####################### V 1.7.2.1: ####################### V 1.7.2.1:
security: security:
CVE-2012-0219:
fixed a possible heap buffer overflow in the readline address. This bug fixed a possible heap buffer overflow in the readline address. This bug
could be exploited when all of the following conditions were met: could be exploited when all of the following conditions were met:
1) one of the addresses is READLINE without the noprompt and without the 1) one of the addresses is READLINE without the noprompt and without the
@ -370,6 +378,7 @@ docu:
####################### V 1.7.1.3: ####################### V 1.7.1.3:
security: security:
CVE-2010-2799:
fixed a stack overflow vulnerability that occurred when command fixed a stack overflow vulnerability that occurred when command
line arguments (whole addresses, host names, file names) were longer line arguments (whole addresses, host names, file names) were longer
than 512 bytes. than 512 bytes.
@ -869,7 +878,8 @@ further corrections:
####################### V 1.4.0.3: ####################### V 1.4.0.3:
corrections: security:
CVE-2004-1484:
fix to a syslog() based format string vulnerability that can lead to fix to a syslog() based format string vulnerability that can lead to
remote code execution. See advisory socat-adv-1.txt remote code execution. See advisory socat-adv-1.txt

2
README
View file

@ -257,7 +257,7 @@ correction must be performed in /usr/share/yodl/shared.yo in two places:
license license
------- -------
socat is distributed under the terms of the GNU GPL; socat is distributed under the terms of the GNU GPLv2;
except for install-sh, which is copyright MIT, with its own license; except for install-sh, which is copyright MIT, with its own license;
In addition, as a special exception, the copyright holder In addition, as a special exception, the copyright holder

View file

@ -3148,7 +3148,14 @@ label(EXAMPLE_ADDRESS_PTY)
label(EXAMPLE_OPTION_SYMBOLIC_LINK) label(EXAMPLE_OPTION_SYMBOLIC_LINK)
label(EXAMPLE_OPTION_WAIT_SLAVE) label(EXAMPLE_OPTION_WAIT_SLAVE)
label(EXAMPLE_OPTION_NONBLOCK) label(EXAMPLE_OPTION_NONBLOCK)
(bf(tt(socat PTY,link=$HOME/dev/vmodem0,raw,echo=0,wait-slave EXEC:'"ssh modemserver.us.org socat - /dev/ttyS0,nonblock,raw,echo=0"'))) mancommand(\.LP)
mancommand(\.nf)
mancommand(\fBsocat PTY,link=$HOME/dev/vmodem0,raw,echo=0,wait-slave \\\bf)
mancommand(\fBEXEC:"ssh modemserver.us.org socat - /dev/ttyS0,nonblock,raw,echo=0"\fP)
mancommand(\.fi)
htmlcommand(<dt><code><strong>socat PTY,link=$HOME/dev/vmodem0,raw,echo=0,wait-slave \</strong><br>
<strong>EXEC:'"ssh modemserver.us.org socat - /dev/ttyS0,nonblock,raw,echo=0"'</strong></code><dd>)
generates a pseudo terminal generates a pseudo terminal
device (link(PTY)(ADDRESS_PTY)) on the client that can be reached under the device (link(PTY)(ADDRESS_PTY)) on the client that can be reached under the
@ -3463,7 +3470,7 @@ socat sets this variable to the transfer class of the received packet.
dit(bf(SOCAT_OPENSSL_X509_ISSUER) (output)) Issuer field from peer certificate dit(bf(SOCAT_OPENSSL_X509_ISSUER) (output)) Issuer field from peer certificate
dit(bf(SOCAT_OPENSSL_X509_SUBJECT (output))) Subject field from peer certificate dit(bf(SOCAT_OPENSSL_X509_SUBJECT) (output)) Subject field from peer certificate
dit(bf(SOCAT_OPENSSL_X509_COMMONNAME) (output)) commonName entries from peer certificates subject. Multiple values are separated by " // ". dit(bf(SOCAT_OPENSSL_X509_COMMONNAME) (output)) commonName entries from peer certificates subject. Multiple values are separated by " // ".

View file

@ -10826,6 +10826,7 @@ elif ! testaddrs tcp ip4 >/dev/null || ! runsip4 >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}TCP/IPv4 not available${NORMAL}\n" $N $PRINTF "test $F_n $TEST... ${YELLOW}TCP/IPv4 not available${NORMAL}\n" $N
numCANT=$((numCANT+1)) numCANT=$((numCANT+1))
else else
gentestcert testsrv
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
te="$td/test$N.stderr" te="$td/test$N.stderr"
tdiff="$td/test$N.diff" tdiff="$td/test$N.diff"
@ -10880,6 +10881,7 @@ elif ! testaddrs tcp ip4 >/dev/null || ! runsip4 >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}TCP/IPv4 not available${NORMAL}\n" $N $PRINTF "test $F_n $TEST... ${YELLOW}TCP/IPv4 not available${NORMAL}\n" $N
numCANT=$((numCANT+1)) numCANT=$((numCANT+1))
else else
gentestcert testsrv
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
te="$td/test$N.stderr" te="$td/test$N.stderr"
tdiff="$td/test$N.diff" tdiff="$td/test$N.diff"
@ -11519,11 +11521,12 @@ elif [ -z "$SECONDADDR" ]; then
numCANT=$((numCANT+1)) numCANT=$((numCANT+1))
else else
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
te="$td/test$N.stderr"
tdiff="$td/test$N.diff" tdiff="$td/test$N.diff"
da="test$N $(date) $RANDOM" da="test$N $(date) $RANDOM"
#testserversec "$N" "$TEST" "$opts -s" "tcp4-l:$PORT,reuseaddr,fork,retry=1" "" "range=$SECONDADDR/32" "tcp4:127.0.0.1:$PORT" 4 tcp $PORT 0 #testserversec "$N" "$TEST" "$opts -s" "tcp4-l:$PORT,reuseaddr,fork,retry=1" "" "range=$SECONDADDR/32" "tcp4:127.0.0.1:$PORT" 4 tcp $PORT 0
CMD0="$TRACE $SOCAT $opts TCP4-LISTEN:$PORT,reuseaddr,range=127.0.0.1/0 CREATE:$tf" CMD0="$TRACE $SOCAT $opts -u TCP4-LISTEN:$PORT,reuseaddr,range=127.0.0.1/0 CREATE:$tf"
CMD1="$TRACE $SOCAT $opts - TCP4-CONNECT:$SECONDADDR:$PORT,bind=$SECONDADDR" CMD1="$TRACE $SOCAT $opts -u - TCP4-CONNECT:$SECONDADDR:$PORT,bind=$SECONDADDR"
printf "test $F_n $TEST... " $N printf "test $F_n $TEST... " $N
$CMD0 2>"${te}0" & $CMD0 2>"${te}0" &
pid0=$! pid0=$!