From 7701095d451dd34f92259508cf5f644856ccb78b Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Fri, 21 Jun 2013 16:19:02 +0200 Subject: [PATCH] SSLv2 only when available; fixed sa_family_t compile error; minor cleanup --- CHANGES | 6 ++++++ config.h.in | 14 +++++++++++++- configure.in | 18 ++++++++++++------ fdname.c | 5 ++--- filan.c | 7 +++---- sslcls.c | 40 ++++++++++++++++++++++------------------ sslcls.h | 20 ++++++++++---------- sysincludes.h | 9 +++++++-- test.sh | 32 +++++++++++++++++++++++++++++--- xio-exec.c | 8 +++----- xio-listen.c | 8 +------- xio-named.c | 6 +----- xio-openssl.c | 28 ++++++++++++++++++++-------- xio-socket.c | 6 +----- xio-udp.c | 4 +--- xioopts.c | 5 ++--- 16 files changed, 133 insertions(+), 83 deletions(-) diff --git a/CHANGES b/CHANGES index 5fa0328..51e284d 100644 --- a/CHANGES +++ b/CHANGES @@ -134,6 +134,12 @@ porting: corrections for OpenEmbedded, especially termios SHIFT values and ISPEED/OSPEED. Thanks to John Faith for providing the patch + fixed sa_family_t compile error on DragonFly; minor code cleanup. + Thanks to Tony Young for reporting this issue and sending a patch. + + Ubuntu Oneiric: OpenSSL no longer provides SSLv2 functions; libutil.sh + is now bsd/libutil.h; compiler warns on vars that is only written to + new features: added option max-children that limits the number of concurrent child processes. Thanks to Sam Liddicott for providing the patch. diff --git a/config.h.in b/config.h.in index 32f0957..c3b7c04 100644 --- a/config.h.in +++ b/config.h.in @@ -1,5 +1,5 @@ /* source: config.h.in */ -/* Copyright Gerhard Rieger 2001-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ #ifndef __config_h_included @@ -142,6 +142,9 @@ /* Define if you have the hstrerror prototype */ #undef HAVE_PROTOTYPE_HSTRERROR + +/* Define if you have the header file. */ +#undef HAVE_INTTYPES_H /* Define if you have the header file. */ #undef HAVE_FCNTL_H @@ -259,6 +262,9 @@ /* Define if you have the header file. (NetBSD, OpenBSD: openpty()) */ #undef HAVE_UTIL_H + +/* Define if you have the header file. */ +#undef HAVE_BSD_LIBUTIL_H /* Define if you have the header file. (FreeBSD: openpty()) */ #undef HAVE_LIBUTIL_H @@ -378,6 +384,12 @@ /* Define if you have the unsetenv function. not on HP-UX */ #undef HAVE_UNSETENV + +/* Define if you have the SSLv2_client_method function. not in new openssl */ +#undef HAVE_SSLv2_client_method + +/* Define if you have the SSLv2_server_method function. not in new openssl */ +#undef HAVE_SSLv2_server_method /* Define if you have the flock function */ #undef HAVE_FLOCK diff --git a/configure.in b/configure.in index e4acf58..0018217 100644 --- a/configure.in +++ b/configure.in @@ -1,5 +1,5 @@ nl source: configure.in -dnl Copyright Gerhard Rieger 2001-2012 +dnl Copyright Gerhard Rieger dnl Published under the GNU General Public License V.2, see file COPYING dnl Process this file with autoconf to produce a configure script. @@ -53,6 +53,7 @@ export CFLAGS dnl Checks for header files. AC_HEADER_STDC +AC_CHECK_HEADERS(inttypes.h) AC_HEADER_SYS_WAIT AC_CHECK_HEADERS(fcntl.h limits.h strings.h sys/param.h sys/ioctl.h sys/time.h syslog.h unistd.h) AC_CHECK_HEADERS(pwd.h grp.h stdint.h sys/types.h sys/poll.h sys/socket.h sys/uio.h sys/stat.h netdb.h sys/un.h) @@ -76,7 +77,7 @@ AC_CHECK_HEADERS(termios.h linux/if_tun.h) AC_CHECK_HEADERS(net/if_dl.h) AC_CHECK_HEADERS(linux/types.h linux/errqueue.h) AC_CHECK_HEADERS(sys/utsname.h sys/select.h sys/file.h) -AC_CHECK_HEADERS(util.h libutil.h sys/stropts.h regex.h) +AC_CHECK_HEADERS(util.h bsd/libutil.h libutil.h sys/stropts.h regex.h) AC_CHECK_HEADERS(linux/fs.h linux/ext2_fs.h) dnl Checks for setgrent, getgrent and endgrent. @@ -552,12 +553,12 @@ fi # check for fips support AC_MSG_CHECKING(whether to include openssl fips support) -AC_ARG_ENABLE(fips, [ --disable-fips disable OpenSSL FIPS support], +AC_ARG_ENABLE(fips, [ --enable-fips enable OpenSSL FIPS support], [ case "$enableval" in - no) AC_MSG_RESULT(no); WITH_FIPS= ;; - *) AC_MSG_RESULT(yes); WITH_FIPS=1 ;; + yes) AC_MSG_RESULT(yes); WITH_FIPS=1 ;; + *) AC_MSG_RESULT(no); WITH_FIPS= ;; esac], - [ AC_MSG_RESULT(yes); WITH_FIPS=1 ]) + [ AC_MSG_RESULT(no); WITH_FIPS= ]) if test -n "$WITH_FIPS"; then if test -n "$WITH_OPENSSL"; then @@ -880,6 +881,7 @@ AC_TRY_COMPILE([#include AC_MSG_CHECKING(for sa_family_t) AC_CACHE_VAL(sc_cv_type_sa_family_t, [AC_TRY_COMPILE([#include +#include #include ],[sa_family_t s;], [sc_cv_type_sa_family_t=yes], [sc_cv_type_sa_family_t=no])]) @@ -1288,6 +1290,10 @@ AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV), dnl Search for unsetenv() AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV)) +dnl Search for SSLv2_client_method, SSLv2_server_method +AC_CHECK_FUNC(SSLv3_client_method, AC_DEFINE(HAVE_SSLv3_client_method), AC_CHECK_LIB(crypt, SSLv3_client_method, [LIBS=-lcrypt $LIBS])) +AC_CHECK_FUNC(SSLv2_server_method, AC_DEFINE(HAVE_SSLv2_server_method), AC_CHECK_LIB(crypt, SSLv2_server_method, [LIBS=-lcrypt $LIBS])) + dnl Run time checks diff --git a/fdname.c b/fdname.c index bc15103..5ac7bfb 100644 --- a/fdname.c +++ b/fdname.c @@ -1,5 +1,5 @@ /* source: fdname.c */ -/* Copyright Gerhard Rieger 2003-2008 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* the subroutine sockname prints the basic info about the address of a socket @@ -103,7 +103,6 @@ static int procgetfdname(int fd, char *filepath, size_t pathsize) { int statname(const char *file, int fd, int filetype, FILE *outfile) { char filepath[PATH_MAX]; - int result; filepath[0] = '\0'; #if HAVE_PROC_DIR_FD @@ -144,7 +143,7 @@ int statname(const char *file, int fd, int filetype, FILE *outfile) { case (S_IFSOCK>>12): /* 12, socket */ #if _WITH_SOCKET if (fd >= 0) { - result = sockname(fd, outfile); + sockname(fd, outfile); } else if (file) { fprintf(outfile, "socket %s", file); } else { diff --git a/filan.c b/filan.c index 48397ec..20ae88e 100644 --- a/filan.c +++ b/filan.c @@ -1,5 +1,5 @@ /* source: filan.c */ -/* Copyright Gerhard Rieger 2001-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* the subroutine filan makes a "FILe descriptor ANalysis". It checks the @@ -215,7 +215,6 @@ int filan_stat( #endif /* !HAVE_STAT64 */ , int statfd, int dynfd, FILE *outfile) { char stdevstr[8]; - int result; /* print header */ if (!headprinted) { @@ -374,7 +373,7 @@ int filan_stat( case (S_IFIFO): /* 1, FIFO */ break; case (S_IFCHR): /* 2, character device */ - result = cdevan(statfd, outfile); + cdevan(statfd, outfile); break; case (S_IFDIR): /* 4, directory */ break; @@ -387,7 +386,7 @@ int filan_stat( #ifdef S_IFSOCK case (S_IFSOCK): /* 12, socket */ #if _WITH_SOCKET - result = sockan(statfd, outfile); + sockan(statfd, outfile); #else Warn("SOCKET support not compiled in"); return -1; diff --git a/sslcls.c b/sslcls.c index fd66a43..bd2455c 100644 --- a/sslcls.c +++ b/sslcls.c @@ -1,5 +1,5 @@ /* source: sslcls.c */ -/* Copyright Gerhard Rieger 2001-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* explicit system call and C library trace function, for those who miss strace @@ -35,71 +35,75 @@ int sycSSL_library_init(void) { return result; } -SSL_METHOD *sycSSLv2_client_method(void) { - SSL_METHOD *result; +#if HAVE_SSLv2_client_method +const SSL_METHOD *sycSSLv2_client_method(void) { + const SSL_METHOD *result; Debug("SSLv2_client_method()"); result = SSLv2_client_method(); Debug1("SSLv2_client_method() -> %p", result); return result; } +#endif -SSL_METHOD *sycSSLv2_server_method(void) { - SSL_METHOD *result; +#if HAVE_SSLv2_server_method +const SSL_METHOD *sycSSLv2_server_method(void) { + const SSL_METHOD *result; Debug("SSLv2_server_method()"); result = SSLv2_server_method(); Debug1("SSLv2_server_method() -> %p", result); return result; } +#endif -SSL_METHOD *sycSSLv3_client_method(void) { - SSL_METHOD *result; +const SSL_METHOD *sycSSLv3_client_method(void) { + const SSL_METHOD *result; Debug("SSLv3_client_method()"); result = SSLv3_client_method(); Debug1("SSLv3_client_method() -> %p", result); return result; } -SSL_METHOD *sycSSLv3_server_method(void) { - SSL_METHOD *result; +const SSL_METHOD *sycSSLv3_server_method(void) { + const SSL_METHOD *result; Debug("SSLv3_server_method()"); result = SSLv3_server_method(); Debug1("SSLv3_server_method() -> %p", result); return result; } -SSL_METHOD *sycSSLv23_client_method(void) { - SSL_METHOD *result; +const SSL_METHOD *sycSSLv23_client_method(void) { + const SSL_METHOD *result; Debug("SSLv23_client_method()"); result = SSLv23_client_method(); Debug1("SSLv23_client_method() -> %p", result); return result; } -SSL_METHOD *sycSSLv23_server_method(void) { - SSL_METHOD *result; +const SSL_METHOD *sycSSLv23_server_method(void) { + const SSL_METHOD *result; Debug("SSLv23_server_method()"); result = SSLv23_server_method(); Debug1("SSLv23_server_method() -> %p", result); return result; } -SSL_METHOD *sycTLSv1_client_method(void) { - SSL_METHOD *result; +const SSL_METHOD *sycTLSv1_client_method(void) { + const SSL_METHOD *result; Debug("TLSv1_client_method()"); result = TLSv1_client_method(); Debug1("TLSv1_client_method() -> %p", result); return result; } -SSL_METHOD *sycTLSv1_server_method(void) { - SSL_METHOD *result; +const SSL_METHOD *sycTLSv1_server_method(void) { + const SSL_METHOD *result; Debug("TLSv1_server_method()"); result = TLSv1_server_method(); Debug1("TLSv1_server_method() -> %p", result); return result; } -SSL_CTX *sycSSL_CTX_new(SSL_METHOD *method) { +SSL_CTX *sycSSL_CTX_new(const SSL_METHOD *method) { SSL_CTX *result; Debug1("SSL_CTX_new(%p)", method); result = SSL_CTX_new(method); diff --git a/sslcls.h b/sslcls.h index 82058eb..fc837a3 100644 --- a/sslcls.h +++ b/sslcls.h @@ -1,5 +1,5 @@ /* source: sslcls.h */ -/* Copyright Gerhard Rieger 2001-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ #ifndef __sslcls_h_included @@ -10,15 +10,15 @@ void sycSSL_load_error_strings(void); int sycSSL_library_init(void); -SSL_METHOD *sycSSLv2_client_method(void); -SSL_METHOD *sycSSLv2_server_method(void); -SSL_METHOD *sycSSLv3_client_method(void); -SSL_METHOD *sycSSLv3_server_method(void); -SSL_METHOD *sycSSLv23_client_method(void); -SSL_METHOD *sycSSLv23_server_method(void); -SSL_METHOD *sycTLSv1_client_method(void); -SSL_METHOD *sycTLSv1_server_method(void); -SSL_CTX *sycSSL_CTX_new(SSL_METHOD *method); +const SSL_METHOD *sycSSLv2_client_method(void); +const SSL_METHOD *sycSSLv2_server_method(void); +const SSL_METHOD *sycSSLv3_client_method(void); +const SSL_METHOD *sycSSLv3_server_method(void); +const SSL_METHOD *sycSSLv23_client_method(void); +const SSL_METHOD *sycSSLv23_server_method(void); +const SSL_METHOD *sycTLSv1_client_method(void); +const SSL_METHOD *sycTLSv1_server_method(void); +SSL_CTX *sycSSL_CTX_new(const SSL_METHOD *method); SSL *sycSSL_new(SSL_CTX *ctx); int sycSSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath); diff --git a/sysincludes.h b/sysincludes.h index ee25556..2661509 100644 --- a/sysincludes.h +++ b/sysincludes.h @@ -1,10 +1,13 @@ /* source: sysincludes.h */ -/* Copyright Gerhard Rieger 2001-2009 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ #ifndef __sysincludes_h_included #define __sysincludes_h_included 1 +#if HAVE_INTTYPES_H +#include /* uint16_t */ +#endif #if HAVE_LIMITS_H #include /* USHRT_MAX */ #endif @@ -147,7 +150,9 @@ #if HAVE_UTIL_H #include /* NetBSD, OpenBSD openpty() */ #endif -#if HAVE_LIBUTIL_H +#if HAVE_BSD_LIBUTIL_H +#include /* FreeBSD openpty() */ +#elif HAVE_LIBUTIL_H #include /* FreeBSD openpty() */ #endif #if HAVE_SYS_STROPTS_H diff --git a/test.sh b/test.sh index 42a54b7..260fe4d 100755 --- a/test.sh +++ b/test.sh @@ -146,7 +146,8 @@ OpenBSD)IFCONFIG=/sbin/ifconfig ;; OSF1) IFCONFIG=/sbin/ifconfig ;; SunOS) IFCONFIG=/sbin/ifconfig ;; Darwin)IFCONFIG=/sbin/ifconfig ;; -#*) IFCONFIG=/sbin/ifconfig ;; +DragonFly) IFCONFIG=/sbin/ifconfig ;; +*) IFCONFIG=/sbin/ifconfig ;; esac # for some tests we need a second local IPv4 address @@ -178,6 +179,12 @@ SunOS) #BCIFADDR="$SECONDADDR" #BCADDR=$($IFCONFIG $BROADCASTIF |grep 'broadcast ' |sed 's/.*broadcast/broadcast/' |awk '{print($2);}') ;; +DragonFly) + MAINIF=$($IFCONFIG -a |grep -v ^lp |grep '^[a-z]' |grep -v '^lo0: ' |head -1 |cut -d: -f1) + BROADCASTIF="$MAINIF" + SECONDADDR=$($IFCONFIG $BROADCASTIF |grep 'inet ' |awk '{print($2);}') + BCIFADDR="$SECONDADDR" + BCADDR=$($IFCONFIG $BROADCASTIF |grep 'broadcast ' |sed 's/.*broadcast/broadcast/' |awk '{print($2);}') ;; #AIX|FreeBSD|Solaris) *) SECONDADDR=$(expr "$($IFCONFIG -a |grep 'inet ' |fgrep -v ' 127.0.0.1 ' |head -n 1)" : '.*inet \([0-9.]*\) .*') @@ -1669,7 +1676,7 @@ ifprocess () { NetBSD) l="$(ps -aj |grep "^[^ ][^ ]*[ ][ ]*$(printf %5u $1) ")" ;; OpenBSD) l="$(ps -kaj |grep "^........ $(printf %5u $1)")" ;; SunOS) l="$(ps -fade |grep "^........ $(printf %5u $1)")" ;; - DragonFly)l="$(ps -faje |grep "^[^ ][^ ]*[ ][ ]*$(printf %5u $1)")" ;; + DragonFly)l="$(ps -faje |grep "^[^ ][^ ]*[ ][ ]*$(printf %5u $1)")" ;; CYGWIN*) l="$(ps -pafe |grep "^[^ ]*[ ][ ]*$1[ ]")" ;; *) l="$(ps -fade |grep "^[^ ][^ ]*[ ][ ]*$(printf %5u $1) ")" ;; esac @@ -1715,6 +1722,7 @@ isdefunct () { HP-UX) l="$(echo "$1" |grep ' $')" ;; Linux) l="$(echo "$1" |grep ' $')" ;; SunOS) l="$(echo "$1" |grep ' $')" ;; + DragonFly)l="$(echo "$1" |grep ' $')" ;; *) l="$(echo "$1" |grep ' $')" ;; esac [ -n "$l" ]; @@ -1745,7 +1753,8 @@ runsip4 () { OSF1) l=$($IFCONFIG -a |grep ' inet ') ;; SunOS) l=$($IFCONFIG -a |grep 'inet ') ;; Darwin)l=$($IFCONFIG lo0 |fgrep 'inet 127.0.0.1 ') ;; -# *) l=$($IFCONFIG -a |grep ' ::1[^:0-9A-Fa-f]') ;; + DragonFly)l=$($IFCONFIG -a |fgrep 'inet 127.0.0.1 ');; + *) l=$($IFCONFIG -a |grep ' ::1[^:0-9A-Fa-f]') ;; esac [ -z "$l" ] && return 1 # existence of interface might not suffice, check for routeability: @@ -1792,6 +1801,8 @@ runstcp4 () { pid=$! usleep $MICROS kill "$pid" 2>/dev/null + wait + usleep $MICROS test ! -s "$td/tcp4.stderr" } @@ -1803,6 +1814,8 @@ runstcp6 () { pid=$! usleep $MICROS kill "$pid" 2>/dev/null + wait + usleep $MICROS test ! -s "$td/tcp6.stderr" } @@ -1814,6 +1827,8 @@ runsudp4 () { pid=$! usleep $MICROS kill "$pid" 2>/dev/null + wait + usleep $MICROS test ! -s "$td/udp4.stderr" } @@ -1825,6 +1840,8 @@ runsudp6 () { pid=$! usleep $MICROS kill "$pid" 2>/dev/null + wait + usleep $MICROS test ! -s "$td/udp6.stderr" } @@ -1835,6 +1852,8 @@ runssctp4 () { pid=$! usleep $MICROS kill "$pid" 2>/dev/null + wait + usleep $MICROS test ! -s "$td/sctp4.stderr" } @@ -1845,6 +1864,8 @@ runssctp6 () { pid=$! usleep $MICROS kill "$pid" 2>/dev/null + wait + usleep $MICROS test ! -s "$td/sctp6.stderr" } @@ -1948,6 +1969,7 @@ checktcp4port () { HP-UX) l=$(netstat -an |grep '^tcp 0 0 .*[0-9*]\.'$port' .* LISTEN$') ;; OSF1) l=$(/usr/sbin/netstat -an |grep '^tcp 0 0 .*[0-9*]\.'$port' [ ]*\*\.\* [ ]*LISTEN') ;; CYGWIN*) l=$(netstat -an -p TCP |grep '^ TCP [0-9.]*:'$port' .* LISTENING') ;; + DragonFly)l=$(netstat -ant |grep '^tcp4 .* .*[0-9*]\.'$port' [ ]* \*\.\* [ ]* LISTEN.*') ;; *) l=$(netstat -an |grep -i 'tcp .*[0-9*][:.]'$port' .* listen') ;; esac [ -z "$l" ] && return 0 @@ -1976,6 +1998,7 @@ waittcp4port () { HP-UX) l=$(netstat -an |grep '^tcp 0 0 .*[0-9*]\.'$port' .* LISTEN$') ;; OSF1) l=$(/usr/sbin/netstat -an |grep '^tcp 0 0 .*[0-9*]\.'$port' [ ]*\*\.\* [ ]*LISTEN') ;; CYGWIN*) l=$(netstat -an -p TCP |grep '^ TCP [0-9.]*:'$port' .* LISTENING') ;; + DragonFly) l=$(netstat -ant |grep '^tcp4 .* .*[0-9*]\.'$port' [ ]* \*\.\* [ ]* LISTEN.*') ;; *) l=$(netstat -an |grep -i 'tcp .*[0-9*][:.]'$port' .* listen') ;; esac [ \( \( $logic -ne 0 \) -a -n "$l" \) -o \ @@ -2010,6 +2033,7 @@ waitudp4port () { SunOS) l=$(netstat -an -f inet -P udp |grep '.*[1-9*]\.'$port' [ ]*Idle') ;; HP-UX) l=$(netstat -an |grep '^udp 0 0 .*[0-9*]\.'$port' .* \*\.\* ') ;; OSF1) l=$(/usr/sbin/netstat -an |grep '^udp 0 0 .*[0-9*]\.'$port' [ ]*\*\.\*') ;; + DragonFly) l=$(netstat -an |grep '^udp4 .* .*[0-9*]\.'$port' [ ]* \*\.\* [ ]*') ;; *) l=$(netstat -an |grep -i 'udp .*[0-9*][:.]'$port' ') ;; esac [ \( \( $logic -ne 0 \) -a -n "$l" \) -o \ @@ -2074,6 +2098,7 @@ waittcp6port () { AIX) l=$(netstat -an |grep '^tcp[6 ] 0 0 .*[*0-9]\.'$port' .* LISTEN$') ;; SunOS) l=$(netstat -an -f inet6 -P tcp |grep '.*[1-9*]\.'$port' .*\* [ ]* 0 .* LISTEN') ;; #OSF1) l=$(/usr/sbin/netstat -an |grep '^tcp6 0 0 .*[0-9*]\.'$port' [ ]*\*\.\* [ ]*LISTEN') /*?*/;; + DragonFly) l=$(netstat -ant |grep '^tcp6 .* .*[0-9*]\.'$port' [ ]* \*\.\* [ ]* LISTEN.*') ;; *) l=$(netstat -an |grep -i 'tcp6 .*:'$port' .* listen') ;; esac [ \( \( $logic -ne 0 \) -a -n "$l" \) -o \ @@ -2105,6 +2130,7 @@ waitudp6port () { SunOS) l=$(netstat -an -f inet6 -P udp |grep '.*[1-9*]\.'$port' [ ]*Idle') ;; #HP-UX) l=$(netstat -an |grep '^udp 0 0 .*[0-9*]\.'$port' ') ;; #OSF1) l=$(/usr/sbin/netstat -an |grep '^udp6 0 0 .*[0-9*]\.'$port' [ ]*\*\.\*') ;; + DragonFly) l=$(netstat -ant |grep '^udp6 .* .*[0-9*]\.'$port' [ ]* \*\.\* [ ]*') ;; *) l=$(netstat -an |grep -i 'udp .*[0-9*][:.]'$port' ') ;; esac [ \( \( $logic -ne 0 \) -a -n "$l" \) -o \ diff --git a/xio-exec.c b/xio-exec.c index 7f6364f..1ac257b 100644 --- a/xio-exec.c +++ b/xio-exec.c @@ -1,5 +1,5 @@ /* source: xio-exec.c */ -/* Copyright Gerhard Rieger 2001-2009 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* this file contains the source for opening addresses of exec type */ @@ -84,7 +84,7 @@ static int xioopen_exec1(int argc, const char *argv[], struct opt *opts, NULL } ; char **pargv = NULL; - int pargc, i; + int pargc; size_t len; const char *strp; char *token; /*! */ @@ -92,14 +92,12 @@ static int xioopen_exec1(int argc, const char *argv[], struct opt *opts, char *path = NULL; char *tmp; int numleft; - int result; /*! Close(something) */ /* parse command line */ Debug1("child: args = \"%s\"", argv[1]); pargv = Malloc(8*sizeof(char *)); if (pargv == NULL) return STAT_RETRYLATER; - i = 0; len = strlen(argv[1])+1; strp = argv[1]; token = Malloc(len); /*! */ @@ -155,7 +153,7 @@ static int xioopen_exec1(int argc, const char *argv[], struct opt *opts, Dup2(duptostderr, 2); } Notice1("execvp'ing \"%s\"", token); - result = Execvp(token, pargv); + Execvp(token, pargv); /* here we come only if execvp() failed */ switch (pargc) { case 1: Error3("execvp(\"%s\", \"%s\"): %s", token, pargv[0], strerror(errno)); break; diff --git a/xio-listen.c b/xio-listen.c index 00fbd25..cf00ef9 100644 --- a/xio-listen.c +++ b/xio-listen.c @@ -54,13 +54,7 @@ int successful establishment of tcp connection */ result = _xioopen_listen(xfd, xioflags, (struct sockaddr *)us, uslen, - opts, pf, socktype, proto, -#if WITH_RETRY - (xfd->retry||xfd->forever)?E_INFO:E_ERROR -#else - E_ERROR -#endif /* WITH_RETRY */ - ); + opts, pf, socktype, proto, level); /*! not sure if we should try again on retry/forever */ switch (result) { case STAT_OK: break; diff --git a/xio-named.c b/xio-named.c index 892cc96..874c8c9 100644 --- a/xio-named.c +++ b/xio-named.c @@ -1,5 +1,5 @@ /* source: xio-named.c */ -/* Copyright Gerhard Rieger 2001-2008 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* this file contains the source for filesystem entry functions */ @@ -96,7 +96,6 @@ int _xioopen_named_early(int argc, const char *argv[], xiofile_t *xfd, int groups, bool *exists, struct opt *opts) { const char *path = argv[1]; - unsigned int iogroups = 0; #if HAVE_STAT64 struct stat64 statbuf; #else @@ -120,10 +119,8 @@ int _xioopen_named_early(int argc, const char *argv[], xiofile_t *xfd, Error2("stat(\"%s\"): %s", path, strerror(errno)); return STAT_RETRYLATER; } - iogroups = GROUP_REG; *exists = false; } else { - iogroups = _groupbits(statbuf.st_mode); *exists = true; } @@ -135,7 +132,6 @@ int _xioopen_named_early(int argc, const char *argv[], xiofile_t *xfd, Info1("\"%s\" already exists; removing it", path); if (Unlink(path) < 0) { Error2("unlink(\"%s\"): %s", path, strerror(errno)); - *exists = true; } else { *exists = false; } diff --git a/xio-openssl.c b/xio-openssl.c index 4110cd8..065198c 100644 --- a/xio-openssl.c +++ b/xio-openssl.c @@ -1,5 +1,5 @@ /* source: xio-openssl.c */ -/* Copyright Gerhard Rieger 2002-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* this file contains the implementation of the openssl addresses */ @@ -822,7 +822,7 @@ int SSL_CTX **ctx) { bool opt_fips = false; - SSL_METHOD *method; + const SSL_METHOD *method; char *me_str = NULL; /* method string */ char *ci_str = NULL; /* cipher string */ char *opt_key = NULL; /* file name of client private key */ @@ -878,8 +878,14 @@ int if (!server) { if (me_str != 0) { if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) { +#if HAVE_SSLv2_client_method method = sycSSLv2_client_method(); - } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { +#else + Error1("OpenSSL method \"%s\" not provided by library", me_str); + method = sycSSLv23_server_method(); +#endif + } else + if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { method = sycSSLv3_client_method(); } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") || !strcasecmp(me_str, "SSL")) { @@ -889,16 +895,22 @@ int method = sycTLSv1_client_method(); } else { Error1("openssl-method=\"%s\": unknown method", me_str); - method = sycSSLv23_client_method()/*!*/; + method = sycSSLv23_client_method(); } } else { - method = sycSSLv23_client_method()/*!*/; + method = sycSSLv23_client_method(); } } else /* server */ { if (me_str != 0) { if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) { +#if HAVE_SSLv2_server_method method = sycSSLv2_server_method(); - } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { +#else + Error1("OpenSSL method \"%s\" not provided by library", me_str); + method = sycSSLv23_server_method(); +#endif + } else + if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { method = sycSSLv3_server_method(); } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") || !strcasecmp(me_str, "SSL")) { @@ -908,10 +920,10 @@ int method = sycTLSv1_server_method(); } else { Error1("openssl-method=\"%s\": unknown method", me_str); - method = sycSSLv23_server_method()/*!*/; + method = sycSSLv23_server_method(); } } else { - method = sycSSLv23_server_method()/*!*/; + method = sycSSLv23_server_method(); } } diff --git a/xio-socket.c b/xio-socket.c index 7a0ff1e..beae1ba 100644 --- a/xio-socket.c +++ b/xio-socket.c @@ -1,5 +1,5 @@ /* source: xio-socket.c */ -/* Copyright Gerhard Rieger 2001-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* this file contains the source for socket related functions, and the @@ -778,7 +778,6 @@ int _xioopen_connect(struct single *xfd, struct sockaddr *us, size_t uslen, union sockaddr_union sin, *sinp; unsigned short *port, i, N; div_t dv; - bool problem; /* prepare sockaddr for bind probing */ if (us) { @@ -826,7 +825,6 @@ int _xioopen_connect(struct single *xfd, struct sockaddr *us, size_t uslen, } dv = div(random(), IPPORT_RESERVED-XIO_IPPORT_LOWER); i = N = XIO_IPPORT_LOWER + dv.rem; - problem = false; do { /* loop over lowport bind() attempts */ *port = htons(i); if (Bind(xfd->rfd, (struct sockaddr *)sinp, sizeof(*sinp)) < 0) { @@ -1234,7 +1232,6 @@ int _xioopen_dgram_recvfrom(struct single *xfd, int xioflags, int rw = (xioflags&XIO_ACCMODE); int s; char *rangename; - socklen_t salen; bool dofork = false; pid_t pid; /* mostly int; only used with fork */ char infobuff[256]; @@ -1388,7 +1385,6 @@ int _xioopen_dgram_recvfrom(struct single *xfd, int xioflags, struct msghdr msgh = {0}; socket_init(pf, pa); - salen = sizeof(struct sockaddr); if (drop) { char *dummy[2]; diff --git a/xio-udp.c b/xio-udp.c index 8b9d7c6..2e9c0ab 100644 --- a/xio-udp.c +++ b/xio-udp.c @@ -1,5 +1,5 @@ /* source: xio-udp.c */ -/* Copyright Gerhard Rieger 2001-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* this file contains the source for handling UDP addresses */ @@ -489,7 +489,6 @@ int xioopen_udp_recvfrom(int argc, const char *argv[], struct opt *opts, int pf, int socktype, int ipproto) { union sockaddr_union us; socklen_t uslen = sizeof(us); - bool needbind = false; int result; if (argc != 2) { @@ -536,7 +535,6 @@ int xioopen_udp_recvfrom(int argc, const char *argv[], struct opt *opts, case PF_INET6: us.ip6.sin6_addr = la.ip6.sin6_addr; break; #endif } - needbind = true; } } diff --git a/xioopts.c b/xioopts.c index b9cecc2..b05f3ab 100644 --- a/xioopts.c +++ b/xioopts.c @@ -1,5 +1,5 @@ /* source: xioopts.c */ -/* Copyright Gerhard Rieger 2001-2012 */ +/* Copyright Gerhard Rieger */ /* Published under the GNU General Public License V.2, see file COPYING */ /* this file contains the source for address options handling */ @@ -2820,7 +2820,7 @@ int retropt_bind(struct opt *opts, const char portsep[] = ":"; const char *ends[] = { portsep, NULL }; const char *nests[] = { "[", "]", NULL }; - bool addrallowed, portallowed; + bool portallowed; char *bindname, *bindp; char hostname[512], *hostp = hostname, *portp = NULL; size_t hostlen = sizeof(hostname)-1; @@ -2856,7 +2856,6 @@ int retropt_bind(struct opt *opts, #if WITH_IP6 case AF_INET6: #endif /*WITH_IP6 */ - addrallowed = true; portallowed = (feats>=2); nestlex((const char **)&bindp, &hostp, &hostlen, ends, NULL, NULL, nests, true, false, false, false);