From 72b05700e40b065a054d9c80f78cfb55475a07bb Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Sun, 15 Jan 2017 12:23:07 +0100 Subject: [PATCH] Corrections in docu and test.sh --- CHANGES | 5 ++++ doc/socat.yo | 4 +-- test.sh | 71 ++++++++++++++++++++++++++++++++++++++------------ xio-readline.c | 2 +- 4 files changed, 63 insertions(+), 19 deletions(-) diff --git a/CHANGES b/CHANGES index 5b2b471..2d104ac 100644 --- a/CHANGES +++ b/CHANGES @@ -99,6 +99,9 @@ testing: A few corrections in test.sh + DTLS1 test hangs on some distributions. Test is now only performed + with OpenSSL 1.0.2 or higher. + docu: Corrected source of socat man page to correctly show man references like socket(2); removed obseolete entries from See Also @@ -111,6 +114,8 @@ docu: Fixed a couple of English spelling and grammar mistakes. Thanks to Jakub Wild for sending the patches. + NOEXPAND() was not resolved 2 times. + More minor docu corrections legal: diff --git a/doc/socat.yo b/doc/socat.yo index 805f970..258686e 100644 --- a/doc/socat.yo +++ b/doc/socat.yo @@ -1503,10 +1503,10 @@ label(OPTION_SHUT_NONE)dit(bf(tt(shut-none))) connection to not do anything. label(OPTION_SHUT_DOWN)dit(bf(tt(shut-down))) Changes the (address dependent) method of shutting down the write part of a - connection to tt(NOEXPAND(shutdown(fd, SHUT_WR))). Is only useful with sockets. + connection to NOEXPAND(shutdown(fd, SHUT_WR)). Is only useful with sockets. label(OPTION_SHUT_CLOSE)dit(bf(tt(shut-close))) Changes the (address dependent) method of shutting down the write part of a - connection to tt(NOEXPAND(close(fd))). + connection to NOEXPAND(close(fd)). label(OPTION_SHUT_NULL)dit(bf(tt(shut-null))) When one address indicates EOF, socat() will send a zero sized packet to the write channel of the other address to transfer the EOF condition. This is diff --git a/test.sh b/test.sh index 730b970..b1ed18c 100755 --- a/test.sh +++ b/test.sh @@ -47,6 +47,7 @@ _MICROS=$((MICROS+999999)); SECONDs="${_MICROS%??????}" withroot=0 # perform privileged tests even if not run by root #PATH=$PATH:/opt/freeware/bin #PATH=$PATH:/usr/local/ssl/bin +PATH=$PATH:/sbin # RHEL6:ip case "$0" in */*) PATH="${0%/*}:$PATH" esac @@ -4938,7 +4939,7 @@ N=$((N+1)) NAME=READLINE #set -vx case "$TESTS" in -*%$N%*|*%functions%*|*%pty%*|*%$NAME%*) +*%$N%*|*%functions%*|*%pty%*|*%readline%*|*%$NAME%*) TEST="$NAME: readline with password and sigint" if ! eval $NUMCOND; then :; elif ! feat=$(testaddrs readline pty); then @@ -11261,7 +11262,6 @@ pid1=$! sleep 1 echo "$da 2" |$CMD1 >"${tf}2" 2>"${te}2" & pid2=$! -rc2=$! sleep 2 kill $pid1 $pid2 $pid0 2>/dev/null; wait if echo -e "$da 1\n$da 2" |diff - $tf >$tdiff; then @@ -11297,14 +11297,14 @@ UNIX UNIX $td/test\$N.server - # care for timing, understand what you want :-) -while read KEYW FEAT ADDR IPPORT; do +while read KEYW FEAT ADDR IPPORT SHUT; do if [ -z "$KEYW" ]|| [[ "$KEYW" == \#* ]]; then continue; fi PROTO=$KEYW proto="$(echo "$PROTO" |tr A-Z a-z)" # test the max-children option on pseudo connected sockets NAME=${KEYW}MAXCHILDREN case "$TESTS" in -*%$N%*|*%functions%*|*%maxchildren%*|*%socket%*|*%dgram%*|*%udp%*|*%$NAME%*) +*%$N%*|*%functions%*|*%maxchildren%*|*%socket%*|*%$NAME%*) TEST="$NAME: max-children option" # start a listen process with max-children=1; connect with a client, let it # send data and then sleep; connect with second client that wants to send @@ -11327,7 +11327,7 @@ te="$td/test$N.stderr" tdiff="$td/test$N.diff" da="test$N $(date) $RANDOM" CMD0="$TRACE $SOCAT $opts -U FILE:$tf,o-trunc,o-creat,o-append $PROTO-LISTEN:$tsl,fork,max-children=1" -CMD1="$TRACE $SOCAT $opts -u - $PROTO-CONNECT:$tsc" +CMD1="$TRACE $SOCAT $opts -u - $PROTO-CONNECT:$tsc,$SHUT" printf "test $F_n $TEST... " $N $CMD0 >/dev/null 2>"${te}0" & pid0=$! @@ -11337,7 +11337,6 @@ pid1=$! sleep 1 echo "$da 2" |$CMD1 >"${tf}2" 2>"${te}2" & pid2=$! -rc2=$! sleep 1 kill -QUIT $pid1 $pid2 $pid0 2>/dev/null; wait if echo -e "$da 1" |diff - $tf >$tdiff; then @@ -11360,9 +11359,15 @@ fi # NUMCOND esac N=$((N+1)) done <<<" -UDP4 UDP 127.0.0.1 PORT -UDP6 UDP 127.0.0.1 PORT +UDP4 UDP 127.0.0.1 PORT shut-null +UDP6 UDP 127.0.0.1 PORT shut-null +UNIX UNIX $td/test\$N.server - " +# debugging this hanging test was difficult - following lessons learned: +# kill had no effect when child process existed +# strace -f (on Fedora-23) sometimes writes/pads? blocks with \0, overwriting client traces +# using the TRACE feature lets above kill command kill strace, not socat +# care for timing, understand what you want :-) # socat up to 1.7.2.0 had a bug in xioscan_readline() that could be exploited @@ -11370,12 +11375,16 @@ UDP6 UDP 127.0.0.1 PORT # problem reported by Johan Thillemann NAME=READLINE_OVFL case "$TESTS" in -*%$N%*|*%functions%*|*%bugs%*|*%security%*|*%$NAME%*) +*%$N%*|*%functions%*|*%bugs%*|*%security%*|*%readline%*|*%$NAME%*) TEST="$NAME: test for buffer overflow in readline prompt handling" # address 1 is the readline where write data was handled erroneous # address 2 provides data to trigger the buffer overflow # when no SIGSEGV or so occurs the test succeeded (bug fixed) -if ! eval $NUMCOND; then :; else +if ! eval $NUMCOND; then :; +elif ! feat=$(testaddrs readline pty); then + $PRINTF "test $F_n $TEST... ${YELLOW}$(echo "$feat"| tr 'a-z' 'A-Z') not available${NORMAL}\n" $N + numCANT=$((numCANT+1)) +else tf="$td/test$N.stdout" te="$td/test$N.stderr" ti="$td/test$N.data" @@ -11579,7 +11588,11 @@ TEST="$NAME: test OPENSSL-CONNECT with bind option" # have a simple SSL server that just echoes data. # connect with socat using OPENSSL-CONNECT with bind, send data and check if the # reply is identical. -if ! eval $NUMCOND; then :; else +if ! eval $NUMCOND; then :; +elif ! testaddrs openssl >/dev/null; then + $PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N + numCANT=$((numCANT+1)) +else tf0="$td/test$N.0.stdout" te0="$td/test$N.0.stderr" tf1="$td/test$N.1.stdout" @@ -11687,9 +11700,10 @@ TEST="$NAME: $SSLDIST sets env SOCAT_${SSLDIST}_${MODULE}_${FIELD}" # code extracts and prints the SOCAT related environment vars. # outside code then checks if the environment contains the variables correctly # describing the desired field. +FEAT=$(echo "$ssldist" |tr a-z A-Z) if ! eval $NUMCOND; then :; -elif ! feat=$(testaddrs $FEAT); then - $PRINTF "test $F_n $TEST... ${YELLOW}$(echo "$feat" |tr a-z A-Z) not available${NORMAL}\n" $N +elif ! testaddrs $FEAT >/dev/null; then + $PRINTF "test $F_n $TEST... ${YELLOW}$FEAT not available${NORMAL}\n" $N numCANT=$((numCANT+1)) else tf="$td/test$N.stdout" @@ -12135,7 +12149,11 @@ TEST="$NAME: SYSTEM address does not shutdown its parents addresses" # when the client recieves its data and terminates without error the test succeeded # in case of the bug the client issues an error like: # SSL_connect(): error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac -if ! eval $NUMCOND; then :; else +if ! eval $NUMCOND; then :; +elif ! testaddrs openssl >/dev/null; then + $PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N + numCANT=$((numCANT+1)) +else tf="$td/test$N.stdout" te="$td/test$N.stderr" tdiff="$td/test$N.diff" @@ -12222,6 +12240,14 @@ esac PORT=$((PORT+1)) N=$((N+1)) +# the OPENSSL_METHOD_DTLS1 test hangs sometimes, probably depending on the openssl version. +OPENSSL_VERSION="$(openssl version)" +OPENSSL_VERSION="${OPENSSL_VERSION#* }" +OPENSSL_VERSION="${OPENSSL_VERSION%%-*}" +OPENSSL_VERSION_GOOD=1.0.2 # this is just a guess. + # known bad: 1.0.1e + # known good: 1.0.2j + # test if the various SSL methods can be used with OpenSSL for method in SSL3 SSL23 TLS1 TLS1.1 TLS1.2 DTLS1; do @@ -12234,7 +12260,11 @@ TEST="$NAME: test OpenSSL method $method" # Start a second socat process connecting to the listener using # the same method, send some data and catch the reply. # If the reply is identical to the sent data the test succeeded. -if ! eval $NUMCOND; then :; else +if ! eval $NUMCOND; then :; +elif ! testaddrs openssl >/dev/null; then + $PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N + numCANT=$((numCANT+1)) +else tf="$td/test$N.stdout" te="$td/test$N.stderr" tdiff="$td/test$N.diff" @@ -12242,6 +12272,10 @@ da="test$N $(date) $RANDOM" CMD0="$SOCAT $opts OPENSSL-LISTEN:$PORT,reuseaddr,method=$method,cipher=aNULL,verify=0 PIPE" CMD1="$SOCAT $opts - OPENSSL-CONNECT:$LOCALHOST:$PORT,method=$method,cipher=aNULL,verify=0" printf "test $F_n $TEST... " $N +if [ "$method" = DTLS1 -a "$(echo -e "$OPENSSL_VERSION\n1.0.2" |sort -V |tail -n 1)" = "$OPENSSL_VERSION_GOOD" ]; then + $PRINTF "${YELLOW}might hang, skipping${NORMAL}\n" + numCANT=$((numCANT+1)) +else $CMD0 >/dev/null 2>"${te}0" & pid0=$! waittcp4port $PORT 1 @@ -12264,6 +12298,7 @@ else numFAIL=$((numFAIL+1)) listFAIL="$listFAIL $N" fi +fi # !DTLS1 hang fi # NUMCOND ;; esac @@ -12563,7 +12598,11 @@ case "$TESTS" in TEST="$NAME: test OpenSSL ECDHE" # generate a ECDHE key, start an OpenSSL server, connect with a client and try to # pass data -if ! eval $NUMCOND; then :; else +if ! eval $NUMCOND; then :; +elif ! testaddrs openssl >/dev/null; then + $PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N + numCANT=$((numCANT+1)) +else tf="$td/test$N.stdout" te="$td/test$N.stderr" tdiff="$td/test$N.diff" diff --git a/xio-readline.c b/xio-readline.c index ee64e6f..3f1b015 100644 --- a/xio-readline.c +++ b/xio-readline.c @@ -62,7 +62,7 @@ static int xioopen_readline(int argc, const char *argv[], struct opt *opts, strcpy(cp, "readline on stdin for reading"); cp = strchr(cp, '\0'); if ((rw+1)&2) - strcpy(cp, " and "); cp = strchr(cp, '\0'); + strcpy(cp, " and "); cp = strchr(cp, '\0'); } if ((rw+1)&2) { strcpy(cp, "stdio for writing"); cp = strchr(cp, '\0');