Ubuntu Oneiric: OpenSSL w/o SSLv2, bsd/libutil.h, unused vars

This commit is contained in:
Gerhard Rieger 2011-12-04 15:14:34 +01:00
parent 76291f6a67
commit 4c9898446d
16 changed files with 98 additions and 74 deletions

View file

@ -98,6 +98,9 @@ porting:
fixed sa_family_t compile error on DragonFly. Thanks to Tony Young for fixed sa_family_t compile error on DragonFly. Thanks to Tony Young for
reporting this issue and sending a patch. reporting this issue and sending a patch.
Ubuntu Oneiric: OpenSSL no longer provides SSLv2 functions; libutil.sh
is now bsd/libutil.h; compiler warns on vars that is only written to
new features: new features:
added option max-children that limits the number of concurrent child added option max-children that limits the number of concurrent child
processes. Thanks to Sam Liddicott for providing the patch. processes. Thanks to Sam Liddicott for providing the patch.

View file

@ -263,6 +263,9 @@
/* Define if you have the <util.h> header file. (NetBSD, OpenBSD: openpty()) */ /* Define if you have the <util.h> header file. (NetBSD, OpenBSD: openpty()) */
#undef HAVE_UTIL_H #undef HAVE_UTIL_H
/* Define if you have the <bsd/libutil.h> header file. */
#undef HAVE_BSD_LIBUTIL_H
/* Define if you have the <libutil.h> header file. (FreeBSD: openpty()) */ /* Define if you have the <libutil.h> header file. (FreeBSD: openpty()) */
#undef HAVE_LIBUTIL_H #undef HAVE_LIBUTIL_H
@ -382,6 +385,12 @@
/* Define if you have the unsetenv function. not on HP-UX */ /* Define if you have the unsetenv function. not on HP-UX */
#undef HAVE_UNSETENV #undef HAVE_UNSETENV
/* Define if you have the SSLv2_client_method function. not in new openssl */
#undef HAVE_SSLv2_client_method
/* Define if you have the SSLv2_server_method function. not in new openssl */
#undef HAVE_SSLv2_server_method
/* Define if you have the flock function */ /* Define if you have the flock function */
#undef HAVE_FLOCK #undef HAVE_FLOCK

View file

@ -77,7 +77,7 @@ AC_CHECK_HEADERS(termios.h linux/if_tun.h)
AC_CHECK_HEADERS(net/if_dl.h) AC_CHECK_HEADERS(net/if_dl.h)
AC_CHECK_HEADERS(linux/types.h linux/errqueue.h) AC_CHECK_HEADERS(linux/types.h linux/errqueue.h)
AC_CHECK_HEADERS(sys/utsname.h sys/select.h sys/file.h) AC_CHECK_HEADERS(sys/utsname.h sys/select.h sys/file.h)
AC_CHECK_HEADERS(util.h libutil.h sys/stropts.h regex.h) AC_CHECK_HEADERS(util.h bsd/libutil.h libutil.h sys/stropts.h regex.h)
AC_CHECK_HEADERS(linux/fs.h linux/ext2_fs.h) AC_CHECK_HEADERS(linux/fs.h linux/ext2_fs.h)
dnl Checks for setgrent, getgrent and endgrent. dnl Checks for setgrent, getgrent and endgrent.
@ -537,12 +537,12 @@ fi
# check for fips support # check for fips support
AC_MSG_CHECKING(whether to include openssl fips support) AC_MSG_CHECKING(whether to include openssl fips support)
AC_ARG_ENABLE(fips, [ --disable-fips disable OpenSSL FIPS support], AC_ARG_ENABLE(fips, [ --enable-fips enable OpenSSL FIPS support],
[ case "$enableval" in [ case "$enableval" in
no) AC_MSG_RESULT(no); WITH_FIPS= ;; yes) AC_MSG_RESULT(yes); WITH_FIPS=1 ;;
*) AC_MSG_RESULT(yes); WITH_FIPS=1 ;; *) AC_MSG_RESULT(no); WITH_FIPS= ;;
esac], esac],
[ AC_MSG_RESULT(yes); WITH_FIPS=1 ]) [ AC_MSG_RESULT(no); WITH_FIPS= ])
if test -n "$WITH_FIPS"; then if test -n "$WITH_FIPS"; then
if test -n "$WITH_OPENSSL"; then if test -n "$WITH_OPENSSL"; then
@ -1274,6 +1274,10 @@ AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV),
dnl Search for unsetenv() dnl Search for unsetenv()
AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV)) AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV))
dnl Search for SSLv2_client_method, SSLv2_server_method
AC_CHECK_FUNC(SSLv3_client_method, AC_DEFINE(HAVE_SSLv3_client_method), AC_CHECK_LIB(crypt, SSLv3_client_method, [LIBS=-lcrypt $LIBS]))
AC_CHECK_FUNC(SSLv2_server_method, AC_DEFINE(HAVE_SSLv2_server_method), AC_CHECK_LIB(crypt, SSLv2_server_method, [LIBS=-lcrypt $LIBS]))
dnl Run time checks dnl Run time checks

View file

@ -1,5 +1,5 @@
/* source: fdname.c */ /* source: fdname.c */
/* Copyright Gerhard Rieger 2003-2008 */ /* Copyright Gerhard Rieger 2003-2011 */
/* Published under the GNU General Public License V.2, see file COPYING */ /* Published under the GNU General Public License V.2, see file COPYING */
/* the subroutine sockname prints the basic info about the address of a socket /* the subroutine sockname prints the basic info about the address of a socket
@ -103,7 +103,6 @@ static int procgetfdname(int fd, char *filepath, size_t pathsize) {
int statname(const char *file, int fd, int filetype, FILE *outfile) { int statname(const char *file, int fd, int filetype, FILE *outfile) {
char filepath[PATH_MAX]; char filepath[PATH_MAX];
int result;
filepath[0] = '\0'; filepath[0] = '\0';
#if HAVE_PROC_DIR_FD #if HAVE_PROC_DIR_FD
@ -144,7 +143,7 @@ int statname(const char *file, int fd, int filetype, FILE *outfile) {
case (S_IFSOCK>>12): /* 12, socket */ case (S_IFSOCK>>12): /* 12, socket */
#if _WITH_SOCKET #if _WITH_SOCKET
if (fd >= 0) { if (fd >= 0) {
result = sockname(fd, outfile); sockname(fd, outfile);
} else if (file) { } else if (file) {
fprintf(outfile, "socket %s", file); fprintf(outfile, "socket %s", file);
} else { } else {

View file

@ -215,7 +215,6 @@ int filan_stat(
#endif /* !HAVE_STAT64 */ #endif /* !HAVE_STAT64 */
, int statfd, int dynfd, FILE *outfile) { , int statfd, int dynfd, FILE *outfile) {
char stdevstr[8]; char stdevstr[8];
int result;
/* print header */ /* print header */
if (!headprinted) { if (!headprinted) {
@ -374,7 +373,7 @@ int filan_stat(
case (S_IFIFO): /* 1, FIFO */ case (S_IFIFO): /* 1, FIFO */
break; break;
case (S_IFCHR): /* 2, character device */ case (S_IFCHR): /* 2, character device */
result = cdevan(statfd, outfile); cdevan(statfd, outfile);
break; break;
case (S_IFDIR): /* 4, directory */ case (S_IFDIR): /* 4, directory */
break; break;
@ -387,7 +386,7 @@ int filan_stat(
#ifdef S_IFSOCK #ifdef S_IFSOCK
case (S_IFSOCK): /* 12, socket */ case (S_IFSOCK): /* 12, socket */
#if _WITH_SOCKET #if _WITH_SOCKET
result = sockan(statfd, outfile); sockan(statfd, outfile);
#else #else
Warn("SOCKET support not compiled in"); Warn("SOCKET support not compiled in");
return -1; return -1;

View file

@ -1,5 +1,5 @@
/* source: sslcls.c */ /* source: sslcls.c */
/* Copyright Gerhard Rieger 2001-2010 */ /* Copyright Gerhard Rieger 2001-2011 */
/* Published under the GNU General Public License V.2, see file COPYING */ /* Published under the GNU General Public License V.2, see file COPYING */
/* explicit system call and C library trace function, for those who miss strace /* explicit system call and C library trace function, for those who miss strace
@ -35,71 +35,75 @@ int sycSSL_library_init(void) {
return result; return result;
} }
SSL_METHOD *sycSSLv2_client_method(void) { #if HAVE_SSLv2_client_method
SSL_METHOD *result; const SSL_METHOD *sycSSLv2_client_method(void) {
const SSL_METHOD *result;
Debug("SSLv2_client_method()"); Debug("SSLv2_client_method()");
result = SSLv2_client_method(); result = SSLv2_client_method();
Debug1("SSLv2_client_method() -> %p", result); Debug1("SSLv2_client_method() -> %p", result);
return result; return result;
} }
#endif
SSL_METHOD *sycSSLv2_server_method(void) { #if HAVE_SSLv2_server_method
SSL_METHOD *result; const SSL_METHOD *sycSSLv2_server_method(void) {
const SSL_METHOD *result;
Debug("SSLv2_server_method()"); Debug("SSLv2_server_method()");
result = SSLv2_server_method(); result = SSLv2_server_method();
Debug1("SSLv2_server_method() -> %p", result); Debug1("SSLv2_server_method() -> %p", result);
return result; return result;
} }
#endif
SSL_METHOD *sycSSLv3_client_method(void) { const SSL_METHOD *sycSSLv3_client_method(void) {
SSL_METHOD *result; const SSL_METHOD *result;
Debug("SSLv3_client_method()"); Debug("SSLv3_client_method()");
result = SSLv3_client_method(); result = SSLv3_client_method();
Debug1("SSLv3_client_method() -> %p", result); Debug1("SSLv3_client_method() -> %p", result);
return result; return result;
} }
SSL_METHOD *sycSSLv3_server_method(void) { const SSL_METHOD *sycSSLv3_server_method(void) {
SSL_METHOD *result; const SSL_METHOD *result;
Debug("SSLv3_server_method()"); Debug("SSLv3_server_method()");
result = SSLv3_server_method(); result = SSLv3_server_method();
Debug1("SSLv3_server_method() -> %p", result); Debug1("SSLv3_server_method() -> %p", result);
return result; return result;
} }
SSL_METHOD *sycSSLv23_client_method(void) { const SSL_METHOD *sycSSLv23_client_method(void) {
SSL_METHOD *result; const SSL_METHOD *result;
Debug("SSLv23_client_method()"); Debug("SSLv23_client_method()");
result = SSLv23_client_method(); result = SSLv23_client_method();
Debug1("SSLv23_client_method() -> %p", result); Debug1("SSLv23_client_method() -> %p", result);
return result; return result;
} }
SSL_METHOD *sycSSLv23_server_method(void) { const SSL_METHOD *sycSSLv23_server_method(void) {
SSL_METHOD *result; const SSL_METHOD *result;
Debug("SSLv23_server_method()"); Debug("SSLv23_server_method()");
result = SSLv23_server_method(); result = SSLv23_server_method();
Debug1("SSLv23_server_method() -> %p", result); Debug1("SSLv23_server_method() -> %p", result);
return result; return result;
} }
SSL_METHOD *sycTLSv1_client_method(void) { const SSL_METHOD *sycTLSv1_client_method(void) {
SSL_METHOD *result; const SSL_METHOD *result;
Debug("TLSv1_client_method()"); Debug("TLSv1_client_method()");
result = TLSv1_client_method(); result = TLSv1_client_method();
Debug1("TLSv1_client_method() -> %p", result); Debug1("TLSv1_client_method() -> %p", result);
return result; return result;
} }
SSL_METHOD *sycTLSv1_server_method(void) { const SSL_METHOD *sycTLSv1_server_method(void) {
SSL_METHOD *result; const SSL_METHOD *result;
Debug("TLSv1_server_method()"); Debug("TLSv1_server_method()");
result = TLSv1_server_method(); result = TLSv1_server_method();
Debug1("TLSv1_server_method() -> %p", result); Debug1("TLSv1_server_method() -> %p", result);
return result; return result;
} }
SSL_CTX *sycSSL_CTX_new(SSL_METHOD *method) { SSL_CTX *sycSSL_CTX_new(const SSL_METHOD *method) {
SSL_CTX *result; SSL_CTX *result;
Debug1("SSL_CTX_new(%p)", method); Debug1("SSL_CTX_new(%p)", method);
result = SSL_CTX_new(method); result = SSL_CTX_new(method);

View file

@ -1,5 +1,5 @@
/* source: sslcls.h */ /* source: sslcls.h */
/* Copyright Gerhard Rieger 2001-2010 */ /* Copyright Gerhard Rieger 2001-2011 */
/* Published under the GNU General Public License V.2, see file COPYING */ /* Published under the GNU General Public License V.2, see file COPYING */
#ifndef __sslcls_h_included #ifndef __sslcls_h_included
@ -10,15 +10,15 @@
void sycSSL_load_error_strings(void); void sycSSL_load_error_strings(void);
int sycSSL_library_init(void); int sycSSL_library_init(void);
SSL_METHOD *sycSSLv2_client_method(void); const SSL_METHOD *sycSSLv2_client_method(void);
SSL_METHOD *sycSSLv2_server_method(void); const SSL_METHOD *sycSSLv2_server_method(void);
SSL_METHOD *sycSSLv3_client_method(void); const SSL_METHOD *sycSSLv3_client_method(void);
SSL_METHOD *sycSSLv3_server_method(void); const SSL_METHOD *sycSSLv3_server_method(void);
SSL_METHOD *sycSSLv23_client_method(void); const SSL_METHOD *sycSSLv23_client_method(void);
SSL_METHOD *sycSSLv23_server_method(void); const SSL_METHOD *sycSSLv23_server_method(void);
SSL_METHOD *sycTLSv1_client_method(void); const SSL_METHOD *sycTLSv1_client_method(void);
SSL_METHOD *sycTLSv1_server_method(void); const SSL_METHOD *sycTLSv1_server_method(void);
SSL_CTX *sycSSL_CTX_new(SSL_METHOD *method); SSL_CTX *sycSSL_CTX_new(const SSL_METHOD *method);
SSL *sycSSL_new(SSL_CTX *ctx); SSL *sycSSL_new(SSL_CTX *ctx);
int sycSSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, int sycSSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
const char *CApath); const char *CApath);

View file

@ -149,7 +149,9 @@
#if HAVE_UTIL_H #if HAVE_UTIL_H
#include <util.h> /* NetBSD, OpenBSD openpty() */ #include <util.h> /* NetBSD, OpenBSD openpty() */
#endif #endif
#if HAVE_LIBUTIL_H #if HAVE_BSD_LIBUTIL_H
#include <bsd/libutil.h> /* FreeBSD openpty() */
#elif HAVE_LIBUTIL_H
#include <libutil.h> /* FreeBSD openpty() */ #include <libutil.h> /* FreeBSD openpty() */
#endif #endif
#if HAVE_SYS_STROPTS_H #if HAVE_SYS_STROPTS_H

15
test.sh
View file

@ -1744,6 +1744,8 @@ runstcp4 () {
pid=$! pid=$!
usleep $MICROS usleep $MICROS
kill "$pid" 2>/dev/null kill "$pid" 2>/dev/null
wait
usleep $MICROS
test ! -s "$td/tcp4.stderr" test ! -s "$td/tcp4.stderr"
} }
@ -1753,8 +1755,9 @@ runstcp6 () {
# PORT="$1" # PORT="$1"
$SOCAT /dev/null TCP6-LISTEN:$PORT 2>"$td/tcp6.stderr" & $SOCAT /dev/null TCP6-LISTEN:$PORT 2>"$td/tcp6.stderr" &
pid=$! pid=$!
usleep $MICROS
kill "$pid" 2>/dev/null kill "$pid" 2>/dev/null
wait
usleep $MICROS
test ! -s "$td/tcp6.stderr" test ! -s "$td/tcp6.stderr"
} }
@ -1766,6 +1769,8 @@ runsudp4 () {
pid=$! pid=$!
usleep $MICROS usleep $MICROS
kill "$pid" 2>/dev/null kill "$pid" 2>/dev/null
wait
usleep $MICROS
test ! -s "$td/udp4.stderr" test ! -s "$td/udp4.stderr"
} }
@ -1777,6 +1782,8 @@ runsudp6 () {
pid=$! pid=$!
usleep $MICROS usleep $MICROS
kill "$pid" 2>/dev/null kill "$pid" 2>/dev/null
wait
usleep $MICROS
test ! -s "$td/udp6.stderr" test ! -s "$td/udp6.stderr"
} }
@ -1787,6 +1794,8 @@ runssctp4 () {
pid=$! pid=$!
usleep $MICROS usleep $MICROS
kill "$pid" 2>/dev/null kill "$pid" 2>/dev/null
wait
usleep $MICROS
test ! -s "$td/sctp4.stderr" test ! -s "$td/sctp4.stderr"
} }
@ -1797,6 +1806,8 @@ runssctp6 () {
pid=$! pid=$!
usleep $MICROS usleep $MICROS
kill "$pid" 2>/dev/null kill "$pid" 2>/dev/null
wait
usleep $MICROS
test ! -s "$td/sctp6.stderr" test ! -s "$td/sctp6.stderr"
} }
@ -3867,7 +3878,7 @@ TEST="$NAME: $TESTKEYW half close"
# have a "peer" socat "peer" that executes "$OD_C" and see if EOF on the # have a "peer" socat "peer" that executes "$OD_C" and see if EOF on the
# connecting socat brings the result of od # connecting socat brings the result of od
if ! eval $NUMCOND; then :; if ! eval $NUMCOND; then :;
elif [ "$FEAT" != ';' -a ! testaddrs "$FEAT" >/dev/null; then elif [ "$FEAT" != ',' ] && ! testaddrs "$FEAT" >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}$FEAT not available${NORMAL}\n" $N $PRINTF "test $F_n $TEST... ${YELLOW}$FEAT not available${NORMAL}\n" $N
numCANT=$((numCANT+1)) numCANT=$((numCANT+1))
elif ! runs$RUNS; then elif ! runs$RUNS; then

View file

@ -1,5 +1,5 @@
/* source: xio-exec.c */ /* source: xio-exec.c */
/* Copyright Gerhard Rieger 2001-2008 */ /* Copyright Gerhard Rieger 2001-2011 */
/* Published under the GNU General Public License V.2, see file COPYING */ /* Published under the GNU General Public License V.2, see file COPYING */
/* this file contains the source for opening addresses of exec type */ /* this file contains the source for opening addresses of exec type */
@ -54,7 +54,7 @@ static int xioopen_exec(int argc, const char *argv[], struct opt *opts,
NULL NULL
} ; } ;
char **pargv = NULL; char **pargv = NULL;
int pargc, i; int pargc;
size_t len; size_t len;
const char *strp; const char *strp;
char *token; /*! */ char *token; /*! */
@ -62,14 +62,12 @@ static int xioopen_exec(int argc, const char *argv[], struct opt *opts,
char *path = NULL; char *path = NULL;
char *tmp; char *tmp;
int numleft; int numleft;
int result;
/*! Close(something) */ /*! Close(something) */
/* parse command line */ /* parse command line */
Debug1("child: args = \"%s\"", argv[1]); Debug1("child: args = \"%s\"", argv[1]);
pargv = Malloc(8*sizeof(char *)); pargv = Malloc(8*sizeof(char *));
if (pargv == NULL) return STAT_RETRYLATER; if (pargv == NULL) return STAT_RETRYLATER;
i = 0;
len = strlen(argv[1])+1; len = strlen(argv[1])+1;
strp = argv[1]; strp = argv[1];
token = Malloc(len); /*! */ token = Malloc(len); /*! */
@ -125,7 +123,7 @@ static int xioopen_exec(int argc, const char *argv[], struct opt *opts,
Dup2(duptostderr, 2); Dup2(duptostderr, 2);
} }
Notice1("execvp'ing \"%s\"", token); Notice1("execvp'ing \"%s\"", token);
result = Execvp(token, pargv); Execvp(token, pargv);
/* here we come only if execvp() failed */ /* here we come only if execvp() failed */
switch (pargc) { switch (pargc) {
case 1: Error3("execvp(\"%s\", \"%s\"): %s", token, pargv[0], strerror(errno)); break; case 1: Error3("execvp(\"%s\", \"%s\"): %s", token, pargv[0], strerror(errno)); break;

View file

@ -54,13 +54,7 @@ int
successful establishment of tcp connection */ successful establishment of tcp connection */
result = _xioopen_listen(xfd, xioflags, result = _xioopen_listen(xfd, xioflags,
(struct sockaddr *)us, uslen, (struct sockaddr *)us, uslen,
opts, pf, socktype, proto, opts, pf, socktype, proto, level);
#if WITH_RETRY
(xfd->retry||xfd->forever)?E_INFO:E_ERROR
#else
E_ERROR
#endif /* WITH_RETRY */
);
/*! not sure if we should try again on retry/forever */ /*! not sure if we should try again on retry/forever */
switch (result) { switch (result) {
case STAT_OK: break; case STAT_OK: break;

View file

@ -1,5 +1,5 @@
/* source: xio-named.c */ /* source: xio-named.c */
/* Copyright Gerhard Rieger 2001-2008 */ /* Copyright Gerhard Rieger 2001-2011 */
/* Published under the GNU General Public License V.2, see file COPYING */ /* Published under the GNU General Public License V.2, see file COPYING */
/* this file contains the source for filesystem entry functions */ /* this file contains the source for filesystem entry functions */
@ -96,7 +96,6 @@ int _xioopen_named_early(int argc, const char *argv[], xiofile_t *xfd,
int groups, int groups,
bool *exists, struct opt *opts) { bool *exists, struct opt *opts) {
const char *path = argv[1]; const char *path = argv[1];
unsigned int iogroups = 0;
#if HAVE_STAT64 #if HAVE_STAT64
struct stat64 statbuf; struct stat64 statbuf;
#else #else
@ -120,10 +119,8 @@ int _xioopen_named_early(int argc, const char *argv[], xiofile_t *xfd,
Error2("stat(\"%s\"): %s", path, strerror(errno)); Error2("stat(\"%s\"): %s", path, strerror(errno));
return STAT_RETRYLATER; return STAT_RETRYLATER;
} }
iogroups = GROUP_REG;
*exists = false; *exists = false;
} else { } else {
iogroups = _groupbits(statbuf.st_mode);
*exists = true; *exists = true;
} }
@ -135,7 +132,6 @@ int _xioopen_named_early(int argc, const char *argv[], xiofile_t *xfd,
Info1("\"%s\" already exists; removing it", path); Info1("\"%s\" already exists; removing it", path);
if (Unlink(path) < 0) { if (Unlink(path) < 0) {
Error2("unlink(\"%s\"): %s", path, strerror(errno)); Error2("unlink(\"%s\"): %s", path, strerror(errno));
*exists = true;
} else { } else {
*exists = false; *exists = false;
} }

View file

@ -690,7 +690,7 @@ int
SSL_CTX **ctx) SSL_CTX **ctx)
{ {
bool opt_fips = false; bool opt_fips = false;
SSL_METHOD *method; const SSL_METHOD *method;
char *me_str = NULL; /* method string */ char *me_str = NULL; /* method string */
char *ci_str = NULL; /* cipher string */ char *ci_str = NULL; /* cipher string */
char *opt_key = NULL; /* file name of client private key */ char *opt_key = NULL; /* file name of client private key */
@ -747,8 +747,14 @@ int
if (!server) { if (!server) {
if (me_str != 0) { if (me_str != 0) {
if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) { if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) {
#if HAVE_SSLv2_client_method
method = sycSSLv2_client_method(); method = sycSSLv2_client_method();
} else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { #else
Error1("OpenSSL method \"%s\" not provided by library", me_str);
method = sycSSLv23_server_method();
#endif
} else
if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
method = sycSSLv3_client_method(); method = sycSSLv3_client_method();
} else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") || } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") ||
!strcasecmp(me_str, "SSL")) { !strcasecmp(me_str, "SSL")) {
@ -758,16 +764,22 @@ int
method = sycTLSv1_client_method(); method = sycTLSv1_client_method();
} else { } else {
Error1("openssl-method=\"%s\": unknown method", me_str); Error1("openssl-method=\"%s\": unknown method", me_str);
method = sycSSLv23_client_method()/*!*/; method = sycSSLv23_client_method();
} }
} else { } else {
method = sycSSLv23_client_method()/*!*/; method = sycSSLv23_client_method();
} }
} else /* server */ { } else /* server */ {
if (me_str != 0) { if (me_str != 0) {
if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) { if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) {
#if HAVE_SSLv2_server_method
method = sycSSLv2_server_method(); method = sycSSLv2_server_method();
} else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { #else
Error1("OpenSSL method \"%s\" not provided by library", me_str);
method = sycSSLv23_server_method();
#endif
} else
if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
method = sycSSLv3_server_method(); method = sycSSLv3_server_method();
} else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") || } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") ||
!strcasecmp(me_str, "SSL")) { !strcasecmp(me_str, "SSL")) {
@ -777,10 +789,10 @@ int
method = sycTLSv1_server_method(); method = sycTLSv1_server_method();
} else { } else {
Error1("openssl-method=\"%s\": unknown method", me_str); Error1("openssl-method=\"%s\": unknown method", me_str);
method = sycSSLv23_server_method()/*!*/; method = sycSSLv23_server_method();
} }
} else { } else {
method = sycSSLv23_server_method()/*!*/; method = sycSSLv23_server_method();
} }
} }

View file

@ -736,7 +736,6 @@ int _xioopen_connect(struct single *xfd, struct sockaddr *us, size_t uslen,
union sockaddr_union sin, *sinp; union sockaddr_union sin, *sinp;
unsigned short *port, i, N; unsigned short *port, i, N;
div_t dv; div_t dv;
bool problem;
/* prepare sockaddr for bind probing */ /* prepare sockaddr for bind probing */
if (us) { if (us) {
@ -784,7 +783,6 @@ int _xioopen_connect(struct single *xfd, struct sockaddr *us, size_t uslen,
} }
dv = div(random(), IPPORT_RESERVED-XIO_IPPORT_LOWER); dv = div(random(), IPPORT_RESERVED-XIO_IPPORT_LOWER);
i = N = XIO_IPPORT_LOWER + dv.rem; i = N = XIO_IPPORT_LOWER + dv.rem;
problem = false;
do { /* loop over lowport bind() attempts */ do { /* loop over lowport bind() attempts */
*port = htons(i); *port = htons(i);
if (Bind(xfd->fd, (struct sockaddr *)sinp, sizeof(*sinp)) < 0) { if (Bind(xfd->fd, (struct sockaddr *)sinp, sizeof(*sinp)) < 0) {
@ -1187,7 +1185,6 @@ int _xioopen_dgram_recvfrom(struct single *xfd, int xioflags,
struct opt *opts, struct opt *opts,
int pf, int socktype, int proto, int level) { int pf, int socktype, int proto, int level) {
char *rangename; char *rangename;
socklen_t salen;
bool dofork = false; bool dofork = false;
pid_t pid; /* mostly int; only used with fork */ pid_t pid; /* mostly int; only used with fork */
char infobuff[256]; char infobuff[256];
@ -1312,7 +1309,6 @@ int _xioopen_dgram_recvfrom(struct single *xfd, int xioflags,
struct msghdr msgh = {0}; struct msghdr msgh = {0};
socket_init(pf, pa); socket_init(pf, pa);
salen = sizeof(struct sockaddr);
if (drop) { if (drop) {
char *dummy[2]; char *dummy[2];

View file

@ -462,7 +462,6 @@ int xioopen_udp_recvfrom(int argc, const char *argv[], struct opt *opts,
int pf, int socktype, int ipproto) { int pf, int socktype, int ipproto) {
union sockaddr_union us; union sockaddr_union us;
socklen_t uslen = sizeof(us); socklen_t uslen = sizeof(us);
bool needbind = false;
int result; int result;
if (argc != 2) { if (argc != 2) {
@ -510,7 +509,6 @@ int xioopen_udp_recvfrom(int argc, const char *argv[], struct opt *opts,
case PF_INET6: us.ip6.sin6_addr = la.ip6.sin6_addr; break; case PF_INET6: us.ip6.sin6_addr = la.ip6.sin6_addr; break;
#endif #endif
} }
needbind = true;
} }
} }

View file

@ -2828,7 +2828,7 @@ int retropt_bind(struct opt *opts,
const char portsep[] = ":"; const char portsep[] = ":";
const char *ends[] = { portsep, NULL }; const char *ends[] = { portsep, NULL };
const char *nests[] = { "[", "]", NULL }; const char *nests[] = { "[", "]", NULL };
bool addrallowed, portallowed; bool portallowed;
char *bindname, *bindp; char *bindname, *bindp;
char hostname[512], *hostp = hostname, *portp = NULL; char hostname[512], *hostp = hostname, *portp = NULL;
size_t hostlen = sizeof(hostname)-1; size_t hostlen = sizeof(hostname)-1;
@ -2864,7 +2864,6 @@ int retropt_bind(struct opt *opts,
#if WITH_IP6 #if WITH_IP6
case AF_INET6: case AF_INET6:
#endif /*WITH_IP6 */ #endif /*WITH_IP6 */
addrallowed = true;
portallowed = (feats>=2); portallowed = (feats>=2);
nestlex((const char **)&bindp, &hostp, &hostlen, ends, NULL, NULL, nests, nestlex((const char **)&bindp, &hostp, &hostlen, ends, NULL, NULL, nests,
true, false, false); true, false, false);