bcollet/socat
1
0
Fork 0
mirror of https://repo.or.cz/socat.git synced 2024-12-22 07:22:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
socat/CHANGES

2878 lines
99 KiB
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

####################### V 1.8.0.2:
Security:
Socat security advisory 9
CVE-2024-54661: Arbitrary file overwrite
Socat 1.6.0.0 through 1.8.0.1 and version 2 distributions contain a
wrapper script "readline.sh" that uses a predictable temporary
directory, allowing unprivileged users to overwrite arbitrary files
belonging to the scripts caller.
This is fixed in Version 1.8.0.2
Mitigating factors: readline.sh is usually neither installed in a bin
directory nor is it documented. Major Linux distributions install it in
examples/ or doc/; however it is invoked by test.sh script.
Thanks to Wolfgang Frisch from SuSE for finding and reporting this
issue.
Test: READLINE_SH_OVERWRITE
####################### V 1.8.0.1:
Corrections:
When no IP version was preferred by environment, option -4/-6, or
address option pf, Socat version 1.8.0.0 address TCP-LISTEN did not
accept TCP4 connections under BSD family operating systems, but only
TCP6. To regain previous behaviour, preferring IP version 4 is now the
default. This also fixes some other issues with bind and range options.
Thanks to Mike Andrews for reporting this issue.
Tests: LISTEN_4 LISTEN_6 V1800_*_RANGE V1800_*_BIND
Added Socat option -0 to allow version 1.8.0.0 behaviour (no preferred
IP version).
UDP-SENDTO, UDPLITE-SENDTO, and IP-SENDTO addresses now select an IPv4
address in case the server name resolves to both IPv4 and IPv6
addresses.
Tests: V1800_*_SENDTO_RESOLV_6_4
Guard applyopts_termios_value() with WITH_TERMIOS.
Thanks to Kush Upadhyay from Amazon Bottlerocket team for providing the
patch.
In some situations xioclose() was called nested what could cause hanging
of OpenSSL in pthread_rwlock_wrlock()
socat 1.8.0.0 with addresses of type RECVFROM and option fork, where
the second address failed to connect/open in the child process, entered
a fork loop that was only stopped by FD exhaustion caused by FD leak.
Test: RECVFROM_FORK_LOOP
socat 1.8.0.0 had an FD leak with addresses of type RECVFROM with fork.
Test: RECVFROM_FORK_LEAK
With version 1.8.0.0, options ipv6-join-group and ipv6-join-source-group
did not work.
Thanks to Linus Luessing for reporting this bug.
IP-SENDTO and option pf (protocol-family) with protocol name (vs.numeric
argument) failed with message:
E retropts_int(): trailing garbage in numerical arg of option "protocol-family"
Test: IP_SENDTO_PF
Fixed a possible buffer overrun with long log lines. In fact it does
not write beyond end of buffer but lets pass excessive data to the
write() function.
Thanks to Heinrich Schuchardt from Canonical for reporting and sending
a patch.
Reworked domain name resolution, centralized IPv4/IPv6 sorting.
Print warning about not checking CRLs in OpenSSL only in the first
child process.
Features:
Total inactivity timeout option -T 0 now means 0.0 seconds; up to
version 1.8.0.0 it meant no total inactivity timeout.
Changed socat-chain.sh, socat-mux.sh, and socat-broker.sh to work with
older Socat versions.
socat-mux.sh and socat-broker.sh, when run as root, now internally use
low (512..1023) UDP ports to increase security.
Added option ai-all (sets AI_ALL flag of getaddrinfo() resolver)
Socks5 now also allows syntax without socks port, and supports option
socksport.
Porting:
Changes for building and testing on NetBSD
New Linux distributions dislike egrep, fgrep
When NETDB_INTERNAL is not available it should be set to -1.
Thanks to Baruch Siach for sending a patch.
On OpenSolaris/Illumos, isastream() is declared only in stropts.h, not
in sys/stropts.h
Thanks to Andy Fiddaman for sending a patch.
On latest Illumos, compilation failed due to new unexpected SO_PROTOCOL
implementation.
Thanks to Andy Fiddaman for sending a patch.
Building:
Makefile.in: procan.o build requires srcdir prefix for explicit source
file.
Thanks to Hongxu Jia and Andrew Schoolman for providing patches.
Makefile.in: the CC define for procan.o build failed when CC had more
than one word.
Thanks to Hongxu Jia for providing an inital patch.
Testing:
Added the optional DEVTESTS feature for developer tests with controlled
name resolution to both IPv4 and IPV6 addresses: configure Socat with
--enable-devtests, this provides internal resolution of domain
dest-unreach.net with host names: localhost-4, localhost-6,
localhost-4-6, and localhost-6-4
test.sh: lots of corrections and improvements
test.sh: many hardcoded sleep values were replaced by much shorter
values tuned to performance of the platform.
test.sh -D for output of platform/system specific defines (variables)
test.sh: fixed ss determination; more DEFS
Documentation:
Fixed a lot of typos.
Thanks to Solomon Victorino for sending the patch.
####################### V 1.8.0.0:
Security:
Socats OpenSSL addresses do not (and never did) check certificate
revocation lists (CRLs). Socat now prints a warning about this.
Features:
Added the --experimental option that enables use of features that might
change in the future.
Now warning messages are printed by default. If you want to see only
errors and fatals as in previous versions, use option -d0;
option -d4 is equivalent to -dddd and to -d -d -d -d
The number of warnings has been reduced, e.g.removing a non existing
file does in most cases no longer log a warning.
Added address type internal SOCKETPAIR. This is similar to the unnamed
PIPE address (only for internal echoing) but it provides datagram mode
(the default) and thus keeps packet boundaries.
Tests: SOCKETPAIR_STREAM SOCKETPAIR_DATAGRAM SOCKETPAIR_SEQPACKET
SOCKETPAIR_BOUNDARIES
New option -S <mask> controls catching and logging of signals that are
not internally used by Socat.
Tests: SIGTERM_NOLOG SIG31_LOG
Added option ipv6-join-source-group.
Thanks to Martin Buck and David Schweizer for sending patches.
Added option http-version to PROXY-CONNECT address to support servers
that are not able to handle HTTP version 1.0
Test: PROXY_HTTPVERSION
Feature inspired by Robin Palotai.
New options openssl-maxfraglen and openssl-maxsendfrag for
functions/macros SSL_CTX_set_tlsext_max_fragment_length() and
SSL_CTX_set_max_send_fragment().
Thanks to James Tavares for his contribution.
Added Info log of resulting OpenSSL max fragment length.
Implemented options rcvtimeo and sndtimeo, the first of which may be
useful to prevent endlessly hanging DTLS connection etablishment.
Test: RCVTIMEO_DTLS
Feature proposed by Vladimir Nikishkin.
The file names with -r and -R now may contain environment variable
references.
Test: VARS_IN_SNIFFPATH
Socat option --statistics logs final byte and packet counter values
before exit. Signal USR1 logs actual values.
Tests: OPTION_STATISTICS SIGUSR1_STATISTICS
Added option sitout-eio to specify a timerange in which EIO on the pty
of a sub process is tolerated.
Red Hat issue 1853102 related.
Thanks to Jonathan Casiot for sending an initial patch.
Socat now installs as socat1 and is referenced by symbolic link socat,
same with man page (socat1.1 by socat.1)
New option children-shutup[=1|2...] decreases severity of log
messages in LISTEN and CONNECT type sub processes.
Test: CHILDREN_SHUTUP
New option retrieve-vlan for supporting VLANs in INTERFACE addresses:
Linux normally keeps VLAN tags in outgoing raw packets, but appears to
strip them from incoming packets and makes them available in
PACKET_AUXDATA ancillary messages only.
Up do version 1.7.4.5 Socat did not handle this situation, so the VLAN
tags where effectively stripped off incoming packets.
With this option Socat restores the VLAN tag.
Feature inspired by Zhao Dong.
Socket option SO_REUSEADDR is now automatically applied to TCP LISTEN
addresses. reuseaddr= restores the old behaviour.
Tests: TCP4_REUSEADDR OPENSSL_6_REUSEADDR REUSEADDR_NULL
TCP based client addresses now try all results of name resolution until
a connection attempt succeeded.
Tests: TRY_ADDRS_4 TRY_ADDRS_4_6
Feature recommended by Anand Buddhdev.
configure option --enable-default-ipv allows to specify at build time if
IPv4, IPv6, or none of these is the preferred default; this is related
to environment variables SOCAT_PREFERRED_RESOLVE_IP and
SOCAT_DEFAULT_LISTEN_IP, and to Socat option -4, -6.
Furthermore, mechanism of IPv4 vs.IPv6 selection has been reworked.
When no IP version is preferred by these mechanism, passive Socat
addresses (LISTEN, RECV, RECVFROM) default to IPv6 because it might
support both versions (but checkout option ipv6-v6only).
For client addresses, when one of these mechanisms applies and name
resolution gives addresses of both IP versions, the addresses of the
preferred versions are tried first.
New option ai-addrconfig sets or unsets the AI_ADDRCONFIG flag of the
resolver to prevent name resolution to address families that are not
available in the network configuration. Default value is 1 in case the
resolver does not get an address family hint.
Flag AI_PASSIVE is now automatically applied for LISTEN, RECV, and
RECVFROM type addresses, and with bind option. In addition to its
application to the getaddrinfo() function, when this flag is set while
no IP version is preferred by build, environment, option, or address
type, Socat chooses IPv6 because this might activate both versions (but
check option ipv6-v6only).
Added option ai-passive to control this flag explicitely.
New option ai-v4mapped (v4mapped) sets or unsets the AI_V4MAPPED flag
of the resolver. For Socat addresses requiring IPv6 addresses, this
resolves IPv4 addresses to the approriate IPv6 address [::ffff:*:*].
DNS resolver Options (res-*) are now set for the complete open phase of
the address, not per getaddrinfo() invocation.
Added the netns option that tries to open an address in the given
network namespace.
Tests: NETNS NETNS_EXEC
New address ACCEPT-FD (ACCEPT) expects a listening file descriptor
passed from parent, and accepts one or more connections for data
transfer. This can be used with "inetd mode" of systemd.
Test: ACCEPT_FD
Added experimental socks5 TCP client support (connect,bind); syntax:
SOCKS5-CONNECT:<socks-server>:<socks-port>:<target-host>:<target-port>
SOCKS5-LISTEN:<socks-server>:<socks-port>:<listen-host>:<listen-port>
Thanks to Charlie Svensson and others for contributions.
New address types POSIXMQ-RECEIVE, POSIXMQ-READ, POSIXMQ-SEND, and
POSIXMQ-BIDIRECTIONAL (Linux only, experimental), and option
posixmq-priority
Tests: LINUX_POSIXMQ_READ_PRIO LINUX_POSIXMQ_RECV_FORK
LINUX_POSIXMQ_RECV_MAXCHILDREN LINUX_POSIXMQ_SEND_MAXCHILDREN
New address SHELL invokes a shell but without the overhead of SYSTEM
Added options res-retrans and res-retry that make use of undocumented
resolver variables to set the retransmission time interval resp.the
number of times to retransmit.
Disable them and the old res-* opts with: ./configure --disable-resolve
Added option res-nsaddr that overrides /etc/resolv.conf nameserver
address based on an undocumented resolver feature.
New option chdir changes the working directory of the address to the
given path, only during the open stage.
Tests: CHDIR_ON_CREATE CHDIR_ON_SYSTEM
Option umask now applies only during opening of its very address, not
for the lifetime of the process; the original umask is restored
afterwards.
Tests: UMASK_ON_CREATE UMASK_ON_SYSTEM
Added option unix-bind-tempname (bind-tempname) to allow UNIX (and
ABSTRACT) client addresses to bind to unique addresses even when
invoked in forked off sub processes.
Tests: UNIX_LISTEN_CONNECT_BIND_TEMPNAME UNIX_LISTEN_CLIENT_BIND_TEMPNAME
UNIX_RECVFROM_CLIENT_BIND_TEMPNAME UNIX_RECVFROM_SENDTO_BIND_TEMPNAME
ABSTRACT_LISTEN_CONNECT_BIND_TEMPNAME ABSTRACT_LISTEN_CLIENT_BIND_TEMPNAME
ABSTRACT_RECVFROM_CLIENT_BIND_TEMPNAME ABSTRACT_RECVFROM_SENDTO_BIND_TEMPNAME
Thanks to Kai Lüke for sending an initial patch.
New option f-setpipe-sz (pipesz) sets the pipe size on systems that
provide ioctl F_SETIPE_SZ.
Filan prints the current value.
Tests: STDIN_F_SETPIPE_SZ EXEC_F_SETPIPE_SZ
Bidirectional PIPE addresses may block on writing a data chunk larger
than pipe buffer. Socat now tries to detect if transfer block size is
large enough and issues a warning.
Added direct support of DCCP protocol, new addresses:
DCCP-CONNECT (DCCP)
DCCP-LISTEN (DCCP-L)
DCCP4-CONNECT (DCCP4)
DCCP4-LISTEN (DCCP4-L)
DCCP6-CONNECT (DCCP6)
DCCP6-LISTEN (DCCP6-L)
New option: dccp-set-ccid (ccid)
Support for UDP-Lite protocol, new addresses:
UDPLITE-CONNECT
UDPLITE-LISTEN
UDPLITE-DATAGRAM
UDPLITE-RECV
UDPLITE-RECVFROM
UDPLITE-SENDTO
All these are also available in UDPLITE4-* and UDPLITE6-* form;
options udplite-recv-cscov and udplite-send-cscov.
Procan now prints info about CC and __STDC_VERSION__, about FD_SETSIZE,
value of SO_PROTOCOL/SO_PROTOTYPE and some other defines, definitions
of many C types, and the actual umask.
Procan tries to find the name of the controlling terminal, on Linux it
reads info from /proc/self/stat and searches for a device with matching
major and minor numbers.
Added socat-chain.sh that makes it possible to stack protocols, e.g. to
drive socks through TLS, or to use TLS over a serial line.
Tests: SOCAT_CHAIN_SOCKS4 SOCAT_CHAIN_SSL_PTY
Added script socat-mux.sh that performs n-to-1 / 1-to-n communications
using two Socat instances with multicasting.
Tests: SOCAT_MUX
Corrections:
When a sub process (EXEC, SYSTEM) terminated with exit code other than
0, its last sent data might have been lost depending on timing of read/
write and SIGCHLD in Socat.
Now the SIGCHLD handler does not simply terminate Socat in this case,
but remembers the failure and allows further processing.
Thanks to Luke Jones for reporting this issue.
Now catching the case of empty SNI host to prevent OpenSSL error.
This is related to Red Hat issue 2081414.
Better formatted help output; address keywords in help output are now
printed in uppercase.
In previous Socat versions errors EPIPE and ECONNRESET on read() were
handled at warning level, thus not automatically leading to termination
with exit code 1. Beginning with this release these conditions are
handled as errors with termination and exit code 1 to not pretend
success on possible data loss.
Problem reported by Scott Burkett.
In previous Socat versions errors on shutdown() were ignored (info
level).
Now Socat handles EPIPE and ECONNRESET as errors to indicate possible
failure of data transfer.
INTERFACE addresses did not accept options of INTERFACE group (for
historical reasons they were only available with TUN addresses).
Opening addresses did not check if they support all directions expected
by Socat. Now an error is printed when, e.g,, a read-only type address
is opened for writing.
A lot of minor corrections, e.g., catch readline() errors in filan,
detect byte order in procan
Test: EXEC_SIGINT
OpenSSL cipherlist option did not override global openssl.cnf settings.
Now SSL_CTX_set_cipher_list() is called before
SSL_CTX_use_certificate_chain_file().
Thanks to Hiroshi Sakurai for reporting the problem and suggesting this
solution.
Fixed option sourceport with UDP6-DATAGRAM.
Some client addresses (e.g. TCP-CONNECT) take the fork option for
automatically spawning new connections, however the max-children option
was not applied.
Fixed the end-close option, it just did not work.
In configure.ac was a direct call to gcc instead of $CC which broke
cross compiling.
Thanks to Fergus Dall for sending a patch.
Coding:
Introduced groups_t instead of uint32_t, for more flexibility.
Rearranged option group bits to only require 32 bits on older systems.
Make gcc happy, replace strncat with "manual" copying
On addresses like UDP-RECVFROM with fork option every packet causes a
new child process which then reads the packet. The parent process must
wait until the packet has been read before checking again. The former
synchronization mechanism using SIGUSR1 is now replaced by a
socketpair. SIGUSR1 is no longer used for internal synchronization.
Tests: UDP4_FORK UDP6_FORK UNIX_FORK
Renamed xioopts_t to xioparms_t to avoid confusion with xioopts module.
Moved multicast related code from xioopts.c to xio-ip.c and xio-ip6.c
Pointers of type struct single are now always called sfd.
Porting:
Removed Config/ because its contents have not been maintained for many
years.
Try to not receive outgoing packets on raw (PF_PACKET) sockets - use
PACKET_IGNORE_OUTGOING socket options when available.
Test: INTERFACE_IGNOREOUTGOING
Renewed port to OpenBSD:
Guard OPENSSL_INIT_SETTINGS; and minor changes.
Thanks to Paul Hunt for sending a fix of the configure
--enable-openssl-base processing.
Enable direct largefile support on "smaller" systems per
_FILE_OFFSET_BITS and _LARGE_FILES.
Thanks to Fergus Dall for sending a patch.
Some corrections for better 32bit systems support.
Testing:
Removed obselete parts from test.sh
test.sh: Introduced function checkcond
Renamed test.sh option -foreign to -internet
Documentation:
Removed obselete file doc/xio.help
Added doc for option ipv6-join-group (ipv6-add-membership)
Thanks to Martin Buck for sending the patch.
Renamed xiogetpacketsrc() to xiogetancillary()
On bad parameter number now print syntax.
####################### V 1.7.4.5 (not released):
Corrections:
On connect() failure and in some other situations Socat tries to get
detailled information about the error with recvmsg(). Error return of
this function is now logged as Info instead of Warn.
Tests of the correction of the "IP_ADD_SOURCE_MEMBERSHIP but not struct
ip_mreq_source" issue left an #undef in xiosysincludes.h that disabled
the ip-add-source-membership option.
Thanks to Benjamin Poirier for sending a patch.
Fixed a bug in dalan module that caused SIGSEGV in, e.g.,
SOCKET-LISTEN:1:1:'"/tmp/sock"'
Test: DALAN_NO_SIGSEGV
The retry option with some address types (TCP) did not close() the
sockets after failed attempts, resulting in an FD leak.
Filan: Corrected some syntax error messages
Filan: Fixed a bug introduced in 1.7.4.4 that broke displaying
TCP/UDP on options -s, -S
Test: FILAN_SHORT_TCP
Filan: If IP protocol type cannot be retrieved, display at least the
socket type
Filan: Fixed diag_set() call in filan_main.c, bug popped up with C23.
Thanks to Cristian Rodríguez from openSUSE for reporting this issue.
Querying the vsock Context Identifier (CID) requires an FD from opening
/dev/vsock.
Thanks to Volker Simonis for sending a patch.
Fixed an internal FD leak in the EXEC,SYSTEM addresses.
The FDs of the socketpair that queues messages from signal handlers
lacked FD_CLOEXEC and thus leaked into EXEC and SYSTEM child processes.
Option stderr on addresses EXEC and SYSTEM uses a temporary FD. It
lacked the FD_CLOEXEC setting and thus leakt into child processes.
Restoring of STDIO tty settings failed on Solaris type operating
systems.
Thanks to Gordon W.Ross for reporting and fixing this issue.
Test: RESTORE_TTY
The OpenSSL client SNI parameter, when not explicitely specified, is
derived from option commonname or rom target server name. This is not
useful with IP addresses, which Socat now checks and avoids.
Socat options -L and -W create lock files using mkstemp(), so they had
permissions 600. There does not seem to be a good reason for this
restrictive mode. Furthermore Silla Rizzoli experienced that Minicom
ignores lock files with mode 600, so it is set to 644 now.
Procan tries to find out VSOCK CID only when running as root
The mechanism for deferring logs from signal handlers had an issue that
caused lots of unwanted recvfrom() calls.
Do not try to remove abstract UNIX socket entries after use.
Features:
VSOCK, VSOCK-L support options pf, socktype, prototype (currently
useless)
Coding:
New Environment variable SOCAT_TRANSFER_WAIT that Socat sleep before
starting the data transfer loop. Useful, e.g., to accumulate multiple
packets in a receiving datagram socket before starting to process them.
"//" comments were used for disabling experimental code. These lines
have now been removed or disabled in other ways to make Socat compile
with C89/C90 standard again.
fcntl() trace prints flags now in hexadecimal.
Stream dump options -r and -R now open their pathes with CLOEXEC to
prevent leaking into sub processes.
Test: EXEC_SNIFF
Stream dump write now warn on write errors and partial writes (but
still do not recover).
Removed trailing white space from *.h and *.c files.
Porting:
Small correction in configure.ac makes Socat C99 able.
Thanks to Florian Weimer from Red Hat for providing a patch.
Documentation:
Syntax and semantics of some options (esp.unlink-close) were not clear.
Thanks to Anthony Chavez for reporting this and making suggestions.
socat-tun.html described TCP as tunnel medium but this does not keep
packet boundaries. Changed to UDP.
Added examples for DCCP client and server.
Complex Socat examples are now displayed in two or three lines for
better overview.
dest-unreach.css stylesheet has been improved to support this.
Testing:
Idea: EXEC,SYSTEM addresses can keep packet boundaries when option
socktype=<val-of-SOCK_DGRAM>
Tests: EXECSOCKETPAIRPACKETS SYSTEMSOCKETPAIRPACKETS
Cosmetic corrections of EXEC,SYSTEM tests.
test.sh: Added option --expect-fail to specify comma separated list of
test numbers whose failure shall not cause a failure of the whole
script.
test.sh: Added help text
Speeded up wait loops; more addresses in upper case; more tests with
command printing ($VERBOSE)
test.sh: Check if ports are free before using them for tests
Test EXEC_FDS checks with Filan if EXEC address only passes stdio FDs.
Improved template; prepared namesFAIL, -d (DEBUG)
####################### V 1.7.4.4:
Corrections:
In error.c msg2() there was a stack overflow on long messages: The
terminating \0 Byte was written behind the last position.
Thanks to Martin Liška for sending the address sanitizer report.
UDP-RECVFROM with fork sometimes terminated when multiple packets
arrived. This issue was introduced with a bug fix in version 1.7.4.0.
Reason was not handling EAGAIN on recvmsg().
Thanks to Jamie McQuillan for reporting this issue.
Address TCP with options connect-timeout and retry terminated
immediately when a connection attempt failed on network error or
connection refused.
Test: TCP_TIMEOUT_RETRY
Thanks to Kamil Holubicki for reporting this issue.
There were a couple of weaknesses and errors when accessing invalid or
incompatible file system entries with UNIX domain, file, and generic
addresses.
For example, UNIX-CONNECT, when using a non matching socktype, failed
with -1 and did not print an error message, instead of printing an
error message and exiting with rc=1.
Thanks to Paul Wise for reporting and analyzing the case of accessing
a left over socket entry with GOPEN.
The rawer option failed because it tried to clear CREAD.
Test: RAWER
UDP-SEND and UPD-SENDTO with option lowport always bound to port 1
instead of a free port in range 640..1023
Test: UDP_LOWPORT
Fixed bad parser error message on "socat /tmp/x\"x/x -"
Tightened syntax checks to detect numerical arguments that are missing
or have trailing garbage.
Test: INTEGER_GARBAGE
ctype(3) functions need there arguments to be unsigned char.
Thanks to Taylor R Campbell for sending a patch.
Filan library uses Socats diag/error message system and therefore had
always the signal handler messages socket pair open. This fix avoids
this socketpair in standalone Filan.
Corrected printf format for type socklen_t in two places.
Porting:
OpenSSL, at least 1.1 on Ubuntu, crashed with SIGSEGV under certain
conditions: client connection to server with certificate with empty
subject, and pressing ^C after successful connect.
This crash is now prevented by setting OPENSSL_INIT_NO_ATEXIT.
Thanks to Martin Dorey for reporting and analyzing this issue, and for
providing an environment for reproduction.
Socat failed to compile on platforms that have
IP_ADD_SOURCE_MEMBERSHIP but not struct ip_mreq_source
Thanks to Justin Yackoski for sending a patch.
configure.ac's detection of getprotobynumber_r() variant did not
recognize if this function does not exist, e.g. on Musl libc.
Thanks to Alexander Kanavin and Baruch Siach for sending patches.
Corrected message format when no strftime() is available; improved
handling of very long host or program names
Solaris requires that termios options are always applied to the slave
side of PTY.
Fixed ancillary messages on Solaris.
Filan: Solaris has the open file path infos in /proc/<pid>/path/
Thanks to Andy Fiddaman for directing me to the patch.
Filan now recognizes and prints Solaris doors and event ports.
Solaris derivatives no longer need librt for clock_gettime()
Thanks to Andy Fiddaman for directing me to the patch.
LibreSSL does not have OPENSSL_INIT_new(). This function is now
guarded. Socat might build with LibreSSL.
Thanks to Orbea for reporting and helping.
Building:
Failure during building documentation, e.g. due to missing Yodl
packages, now does not let the build process fail.
Feature requested by Seyhun.
Features:
Filan prints target of symlink when appropriate
Test: FILANSYMLINK
VSOCK-LISTEN now generates environment variables SOCAT_PEERADDR,
SOCAT_PEERPORT, SOCAT_SOCKADDR, SOCAT_SOCKPORT
New address aliases VSOCK, VSOCK-L
Documentation:
Fixed typo in doc/socat-tun.html and link in README.
Thanks to William Suthers for reporting.
Fixed hard coded path in docu examples.
Thanks to Jakub Wilk for sending a patch.
Updated doc/socat-openssltunnel.html: 2048 bits, commonname
Testing:
Unset SOCAT_MAIN_WAIT on informational Socat calls
SOCAT=socat used ./socat instead of the version derived by $PATH
Do not try VSOCK_ECHO test when feature is not compiled in.
Fixed logging of test 220 TUNINTERFACE
Musl libc refuses to execve() shell scripts, 2 tests needed to be
adapted.
Musl libc has FOPEN_MAX=1000 which made bash dumping core on test
EXCEED_FOPEN_MAX.
Added tests for failures of UNIX socket and GOPEN accesses to non
matching file system entries.
Tests:
CONNECT_TO_MISSING CONNECT_TO_DENIED CONNECT_TO_DIRECTORY
CONNECT_TO_ORPHANED CONNECT_TO_FILE CONNECT_TO_DGRAM
CONNECT_TO_SEQPACKET SEND_TO_MISSING SEND_TO_DENIED SEND_TO_DIRECTORY
SEND_TO_ORPHANED SEND_TO_FILE SEND_TO_STREAM SEND_TO_SEQPACKET
SENDTO_TO_MISSING SENDTO_TO_DENIED SENDTO_TO_DIRECTORY
SENDTO_TO_ORPHANED SENDTO_TO_FILE SENDTO_TO_STREAM SENDTO_TO_SEQPACKET
SEQPACKET_TO_MISSING SEQPACKET_TO_DENIED SEQPACKET_TO_DIRECTORY
SEQPACKET_TO_ORPHANED SEQPACKET_TO_FILE SEQPACKET_TO_STREAM
SEQPACKET_TO_DGRAM UNIX_TO_MISSING UNIX_TO_DENIED UNIX_TO_DIRECTORY
UNIX_TO_FILE UNIX_TO_ORPHANED GOPEN_TO_DENIED GOPEN_TO_DIRECTORY
GOPEN_TO_ORPHANED
On RHEL-9 SCTP support requires installation of package
kernel-modules-extra. test.sh now detects when SCTP is missing in
kernel and reacts with warnings instead of errors.
VSOCK loopback still does not seem to work even in kernel 5.13, so just
issue warning on "No such device".
####################### V 1.7.4.3:
Corrections:
Socat crashed with SIGSEGV when peer presented a certificate without
(or empty?) subject.
Thanks to Martin Dorey for reporting this issue and sending a patch.
Socat 1.7.4.2 did not compile on OmniOS (and probably other OpenSolaris
distributions)
Thanks to Andy Fiddaman for sending a patch.
Socat since 1.7.4.0 did not compile on Solaris and its derivatives
because the getprotobynumber_r() function prototype differ from the
Linux version.
configure now checks for the variant.
Thanks to Robert Zybeck for reporting this issue.
The variable for the no-sni option was not initialized and could thus
break OpenSSL certificate verification. E.g., test OPENSSL_SNI on some
platform succeeded with -g but failed with -O compiler option.
Thanks to valgrind for quickly finding the cause.
Porting:
Again porting Socat to AIX (7.1) - Fixed configure and compile issues:
Adapted include requirements for IPv6
Guarded MSG_DONTWAIT
Continued porting Socat to AIX-7.1 - Fixed some runtime errors:
UNIX domain sockets of type SEQPACKET are not available.
Connecting to UNIX datagram socket fails with EPROTONOSUPPORT (vs.
EPROTOTYPE on most other OSes).
Streams: Must not push ldterm when it is already active (hangs).
Building:
Socats build date and time may now be set externally with environment
variable SOURCE_DATE_EPOCH.
Thanks to Viktor Kleinik for sending a patch.
Building Socat in a sub directory failed.
Now the following works even for the docu parts:
mkdir -p myos; cd myos; ../configure && make; cd ..
Thanks to Jon Ringle for sending a patch.
Testing:
test.sh: many corrections for AIX's older shell utilities, e.g.sleep(1)
does not allow fractions of seconds, grep does not understand '\<';
OpenIndiana/SunOS netstat format;
many more functional and cosmetic code corrections.
Documentation:
The socktype option was documented unspecifically as type option.
Thanks to Jonas Metzger for the hint.
####################### V 1.7.4.2:
Corrections:
The per address parameters for OpenSSL overlapped in memory with socket
parameters. Magically this did not seem to cause problems except on
MacOS Catalina that reported errors like:
socat[3458] E Select(7, &0x80, NULL, NULL, {140392884396544.000000}):
Invalid argument
Test: OPENSSL_PARA_OVERLAP
Thanks to Ryo Ota for reporting this bug.
Fixed a few minor coding issues
A VSOCK warning message was generated with all listening addresses
instead of only with VSOCK-LISTEN
When an OPENSSL-CONNECT client presented a certificate with IPv6
subject alternate name and the OPENSSL-LISTEN server had no commonname
option, the server crashed with SIGSEGV in xioip6_pton().
Test: OPENSSL_CLIENT_IP6_CN
Red Hat bug 1981308
Thanks to Vlad Slepukhin for reporting this issue and providing a patch
Corrected a typo in configure.ac that broke option --enable-openssl-base
Thanks to john1doe for reporting this issue.
Socat looped endlessly, not responding to SIGTERM, when a service name
(for port) could not be resolved.
Test: BAD_SERVICE
Using options of NAMED group, e.g.chown, with abstract UNIX domain
sockets, produced errors because the function was applied with a normal
file system related call, e.g.chown(), using file "" (empty name). Instead of
chown(), Socat now uses fchown() on the file descriptor. However, such
a call usually has no real effect.
Test: ABSTRACT_USER
Thanks to Andreas Fink for reporting this issue.
Option -R did not only dump ("sniff") right-to-left, but also
left-to-right traffic to the given file.
Test: SNIFF_RIGHT_TO_LEFT
Thanks to 1314 gsf for reporting this bug and sending a patch.
Options -r and -R, when opening a named pipe that has no actual reader,
failed with "No such device or address". To solve this problem, Socat
now opens the pipe in rw-Mode.
Thanks to Cody J.Soultz for sending a patch.
The call "socat -r - PIPE" traced to file ./- instead of issuing a
syntax error.
Print a message when readbytes option causes EOF
The ip-recverr option had no effect. Corrected and improved its
handling of ancilliary messages, so it is able to analyze ICMP error
packets (Linux only?)
Setgui(), Setuid() calls in xio-progcall.c were useless.
Testing:
Prevent the TIMESTAMP tests from sporadically failing due do seconds
overflow
Fixed in test.sh a few issues reported by shellcheck
Documentation:
Added missing docu of OpenSSL options min-proto-version,
max-proto-version.
Added missing closing parenthesis in socat.yo.
Thanks to Emanuele Torre for reporting this issue.
Corrected more typos and added missing bug info to CHANGES, performed
some non functional corrections.
Porting:
Corrected building when clock_gettime() not available, with or without
gettimeofday().
####################### V 1.7.4.1:
Corrections:
Socat 1.7.4.0 failed to compile especially on 32 bit systems.
Thanks to Wang Mingyu and others for sending a patch or reporting this
issue.
Under certain conditions OpenSSL stream connections, in particular bulk
data transfer in unidirectional mode, failed during transfer or near
its with Connection reset by peer on receiver side.
This happened with Socat versions 1.7.3.3 to 1.7.4.0. Reasons were
lazy SSL shutdown handling on the sender side in combination with
SSL_MODE_AUTO_RETRY turned off.
Fix: After SSH_shutdown but before socket shutdown call SSL_read()
Test: OPENSSL_STREAM_TO_SERVER
Fixes Red Hat issue 1870279.
####################### V 1.7.4.0:
Security:
Buffer size option (-b) is internally doubled for CR-CRLF conversion,
but not checked for integer overflow. This could lead to heap based
buffer overflow, assuming the attacker could provide this parameter.
Test: BLKSIZE_INT_OVERFL
Thanks to Lê Hiếu Bùi for reporting this issue and sending an
example exploit.
Corrections:
Socats address parser read over end of string when there were unbalanced
quotes
Test: UNBALANCED_QUOTE
Removed unused usleep() call from sycls.c
Unsetenv() was conditional in sysutils.c but not in xio-openssl.c thus
building failed on Solaris 9.
Thanks to Greg Earle for reporting this issue and providing a patch.
Mitigated race condition of quickly terminating SYSTEM or EXEC child
processes.
Option o-direct might require alignment of read/write buffer to, e.g.,
512 bytes, Socat now takes care of this when allocating the buffer.
With this fix read() succeeds, however, write() still might fail when
not writing complete pages.
Test: O_DIRECT
There was a race condition in the way Socat UDP-RECVFROM and similar
addresses with option fork prevents one packet from triggering
multiple processes. The symptom was that Socat master process seemed to
hang and did not process further packets. The fix makes use of
pselect() system call.
Thanks to Fulvio Scapin for reporting this issue.
UNIX domain client addresses applied file system entry options (group
NAMED) to the server socket instead of the client (bind) socket entry.
Tests: UNIX_SENDTO_UNLINK UNIX_CONNECT_UNLINK
Thanks to Nico Williams for reporting this major issue.
Length of single address options was limited to 511 bytes. This value
is now increased to 2047 bytes.
Change suggested by Mario Camou.
Addresses of type RECVFROM with option fork looped with an error
message in case that the second address failed before consuming the
packet. The fix makes RECVFROM drop the packet when the second address
failed before reading it. Use retry or forever option with the second
address if you want to avoid data loss.
Fixes Red Hat bug 1907718
Thanks to Chunmei Xu for reporting this issue and proving the patch.
Socats DTLS implementation has been reworked and appears to work now
reasonably over UDP.
New addresses: OPENSSL-DTLS-SERVER (DTLS-L),
OPENSSL-DTLS-CLIENT (DTLS)
Tests: OPENSSL_DTLS_CLIENT OPENSSL_DTLS_SERVER
OPENSSL_METHOD_DTLS1 OPENSSL_METHOD_DTLS1.2
Thanks to Brandon Carpenter, Qing Wan, and Pavel Nakonechnyi for
sending patches.
filan did not output the socket protocol.
filan -s assumed each stream socket to be TCP and each datagram socket
to be UDP. Now it uses SO_PROTOCOL and getprotoent() for correct output.
Help text showed two parameters for UDP4-RECVFROM address, but only
<port> is allowed.
Thanks to John the Scott for reporting this issue.
Error messages from SSL_read() and SSL_write() sometimes stated
SSL_connect instead of originating function name.
Fixed some more non functional minor issues.
Porting:
In gcc version 10 the default changed from -fcommon to -fno-common.
Consequently, linking filan and procan failed with error
"multiple definition of `deny_severity'" and `allow_severity'
Fixed by removing definitions in filan.c and procan.c
Debian issue 957823
Thanks to László Böszörményi and others for reporting this issue.
Solaris 9 does not provide strndup(); added substitute code.
Thanks to Greg Earle for providing a patch.
Added configure option --enable-openssl-base to specify the location of
a non-OS OpenSSL installation
There are systems whose kernel understands SCTP but getaddrinfo does
not. As workaround after EIA_SOCKTYPE on name and service resolution
fall back to ai_socktype=0; if it fails with EAI_SERVICE, set
ai_protocol=0 and try again
Test: SCTP_SERVICENAME
Per file filesystem options were still named ext2-* and depended on
<linux/ext2_fs.h>. Now they are called fs-* and depend on <linux/fs.h>.
These fs-* options are also available on old systems with ext2_fs.h
New options openssl-min-proto-version (min-version) and
openssl-max-proto-version (max-version) give access to the related
OpenSSL set-macros and substitute deprecated version-specific methods.
Test: OPENSSL_MIN_VERSION
With OpenSSL use OPENSSL_init_SSL when available, instead of deprecated
SSL_library_init.
With OPENSSL_API_COMPAT=0x10000000L the files openssl/dh.h, openssl/bn.h
must explicitely be included.
Thanks to Rosen Penev for reporting and sending a patch.
Testing:
test.sh now produces a list of tests that could not be performed for
any reason. This helps to analyse these cases.
OpenSSL s_server appearently started to neglect TCPs half close feature.
Test OPENSSL_TCP4 has been changed to tolerate this.
OpenSSL changed its behaviour when connection is rejected. Tests
OPENSSLCERTSERVER, OPENSSL_CN_CLIENT_SECURITY, and
OPENSSL_CN_SERVER_SECURITY now tolerate this.
OpenSSL no longer allows explicit renegotiation with TLSv1.3, thus the
appropriate tests failed.
Fix: use TLSv1.2 for renegotiation tests
Tests: OPENSSLRENEG1 OPENSSLRENEG2
Ubuntu 20.04 requires 2048 bit certificates with OpenSSL
Archlinux 2020 has not which command; its ip,ss commands have modified
version strings
More testing issues solved:
* ss to pipe might omit column separator
* UDP6MULTICAST_UNIDIR fails on newer Linux kernels
* do not use sort -V
* renamed testaddrs() to testfeats(), and introduced new testaddrs()
New features:
GOPEN and UNIX-CLIENT addresses now support sockets of type SEQPACKET.
Test: GOPENUNIXSEQPACKET
Feature suggested by vi0oss.
The generic setsockopt-int and related options are, in case of
listening/accepting addresses, applied to the connected socket(s). To enable
setting options on the listening socket, a new option setsockopt-listen
has been implemented. See the documentation for info on data types.
Tests: SETSOCKOPT SETSOCKOPT_LISTEN
Thanks to Steven Danna and Korian Edeline for reporting this issue.
Filan option -S gives short description like -s but with improved
format
Socat OpenSSL client, when server was specified using IP address, did
not verify connection on certificates SubjectAltName IP entries.
Tests: OPENSSL_SERVERALTAUTH OPENSSL_SERVERALTIP4AUTH OPENSSL_SERVERALTIP6AUTH
Fixes Red Hat bug 1805132
Added options -r and -R for raw dump of transferred data to files.
Test: OPTION_RAW_DUMP
Added option ip-transparent (socket option IP_TRANSPARENT)
Thanks to Wang Shanker for sending a patch.
OPENSSL-CONNECT now automatically uses the SNI feature, option
openssl-no-sni turns it off. Option openssl-snihost overrides the value
of option openssl-commonname or the server name.
Tests: OPENSSL_SNI OPENSSL_NO_SNI
Thanks to Travis Burtrum for providing the initial patch
New option accept-timeout (listen-timeout)
Test: ACCEPTTIMEOUT
Proposed by Roland
New option ip-add-source-membership
Feature inspired by Brian (b f31415)
INCOMPATIBLE CHANGE: Address UDP-DATAGRAM now does not check peerport
of replies, as it did up to version 1.7.3.4. Use option sourceport when
you need the old behaviour.
Test: UDP_DATAGRAM_SOURCEPORT
Feature inspired by Hans Bueckler for SSDP inquiry (for UPnP)
New option proxy-authorization-file reads PROXY-CONNECT credentials
from file and makes it possible to hide this data from the process
table.
Test: PROXYAUTHFILE
Thanks to Charles Stephens for sending an initial patch.
Added AF_VSOCK support with VSOCK-CONNECT and VSOCK-LISTEN addresses.
Developed by Stefano Garzarella.
Coding:
Added printf formats for uint16_t etc.
Documentation:
Address UDP-RECV does not support option fork.
Thanks to Fulvio Scapin for reporting that mistake in docu.
TUN address documentation showed TCP for backend which may merge
consecutive packets which causes data loss.
Thanks to Tomasz Lakota for reporting this issue.
####################### V 1.7.3.4:
Corrections:
Header of xiotermios_speed() declared parameter unsigned int instead of
speed_t, thus compiling failed on MacOS
Thanks to Joe Strout and others for reporting this bug.
Thanks to Andrew Childs and others for sending a patch.
Under certain circumstances, termios options of the first address were
applied to the second address, resulting in error
"Inappropriate ioctl for device"
This affected version 1.7.3.3 only.
Test: TERMIOS_PH_ALL
Thanks to Ivan J. for reporting this issue.
Socat failed to compile when no poll() system call was found by
configure.
Thanks to Jason White for sending a patch.
Due to use of SSL_CTX_clear_mode() Socat failed to compile on old
systems with, e.g., OpenSSL-0.9.8. Thanks to Simon Matter and Moritz B.
for reporting this problem and sending initial patches.
getaddrinfo() in IP4-SENDTO and IP6-SENDTO addresses failed with
"ai_socktype not supported" when protocol 6 was addressed.
The fix removes the possibility to use service names with SCTP.
Test: IP_SENDTO_6
Thanks to Sören for sending an initial patch.
Under certain circumstances, Socat printed the "socket ... is at EOF"
multiple times.
Test: MULTIPLE_EOF
Newer parts of test.sh used substitutions ${x,,*} or ${x^^*} that are
not implemented in older bash versions.
####################### V 1.7.3.3:
Corrections:
Makefile.in did not specify dependencies of filan on vsnprintf_r.o
and snprinterr.o
Added definition of FILAN_OBJS
Thanks to Craig Leres, Clayton Shotwell, and Chris Packham for
providing patches.
configure option --enable-msglevel did not work with numbers
The autoconf mechanism for determining SHIFT_OFFSET did not work when
cross compiling.
Thanks to Max Freisinger from Gentoo for sending a patch.
Socat still depended on obsolete gethostbyname() function, thus
compiling with MUSL libc failed.
Problem reported by Kennedy33.
The async signal safe diagnostic system used FDs 3 and 4 internally, so
use of appropriate fdin or fdout led to failures.
Test: DIAG_FDIN
Problem reported by Onur Sentürk.
The socket based mechanism for passing messages and signal information
from signal handler to process could reach and kill the wrong process.
Introduces functions diag_sock_pair(), diag_fork()
Thanks to Darren Zhao for analysing and reporting this problem.
Option ipv6-join-group did not work because it was applied in the wrong
phase
Test: UDP6MULTICAST_UNIDIR
Thanks to Angus Gratton for sending a patch.
Setting ispeed and ospeed failed for some serial devices because the
two settings were applied with two different get/set cycles, Thanks to
Alexandre Fenyo for providing an initial patch.
However, the actual fix is part of a conceptual change of the termios
module that aims for applying all changes in a single tcsetattr call.
Fixes FreeBSD Bug 198441
Termios options TAB0,TAB1,TAB2,TAB3, and XTABS did not have an effect.
Thanks to Alan Walters for reporting this bug.
Substituted cumbersom ISPEED_OFFSET mechanism for cfsetispeed() calls
With TCP6-LISTEN and the other passive IPv6 addresses the range option
just failed: due to a bug in the syntax parser and two more bugs in
the xiocheckrange_ip6() function.
The syntax has now been changed from "[::1/128]" to "[::1]/128"!
Thanks Leah Neukirchen for sending an initial fix.
For name resolution Socat only checked the first character of the host
name to decide if it is an IPv4 address. This was not RFC conform. This
fix removes the possibility for use of IPv4 addresses with IPv6, e.g.
TCP6:127.0.0.1:80
Debian issue 695885
Thanks to Nicolas Fournil for reporting this issue.
Print a useful error message when single character options appear to be
merged in Socat invocation
Test: SOCAT_OPT_HINT
Fixed some docu typos.
Thanks to Travis Wellman, Thomas <tjps636>, Dan Kenigsberg,
Julian Zinn, and Simon Matter
Porting:
OpenSSL functions TLS1_client_method() and similar are
deprecated. Socat now uses recommended TLS_client_method(). The old
functions and dependend option openssl-method can still be
used when configuring socat with --enable-openssl-method
Shell scripts in socat distribution are now headed with:
#! /usr/bin/env bash
to make them better portable to systems without /bin/bash
Thanks to Maya Rashish for sending a patch
RES_AAONLY, RES_PRIMARY are deprecated. You can still enable them with
configure option --enable-res-deprecated.
New versions of OpenSSL preset SSL_MODE_AUTO_RETRY which may hang socat.
Solution: clear SSL_MODE_AUTO_RETRY when it is set.
Renamed configure.in to configure.ac and set an appropriate symlink for
older environments.
Related Gentoo bug 426262: Warning on configure.in
Thanks to Francesco Turco for reporting that warning.
Fixed new IPv6 range code for platforms without s6_addr32 component.
Testing:
test.sh: Show a warning when phase-1 (insecure phase) of a security
test fails
OpenSSL tests failed on actual Linux distributions. Measures:
Increased key lengths from 768 to 1024 bits
Added test.sh option -C to delete temp certs from prevsious runs
Provide DH-parameter in certificate in PEM
OpenSSL s_server option -verify 0 must be omitted
OpenSSL authentication method aNULL no longer works
Failure of cipher aNULL is not a failure
Failure of methods SSL3 and SSL23 is desired
test.sh depended on ifconfig and netstat utilities which are no longer
availabie in some distributions. test.sh now checks for and prefers
ip and ss.
Thanks to Ruediger Meier for reporting this problem.
More corrections to test.sh:
Language settings could still influence test results
netstat was still required
Suppress usleep deprecated messag
Force use of IPv4 with some certificates
Set timeout for UDPxMAXCHILDREN tests
Git:
Added missing Config/Makefile.DragonFly-2-8-2,
Config/config.DragonFly-2-8-2.h
Removed testcert.conf (to be generated by test.sh)
Cosmetics:
Simplified handling of missing termios defines.
New features:
Permit combined -d options as -dd etc.
porting:
ext2 options are now fs options.
####################### V 1.7.3.2:
corrections:
SIGSEGV and other signals could lead to a 100% CPU loop
Failing name resolution could lead to SIGSEGV
Thanks to Max for reporting this issue.
Include <stddef.h> for ptrdiff_t
Thanks to Jeroen Roovers for reporting this issue.
Building with --disable-sycls failed due to missing sslcls.h defines
Socat hung when configured with --disable-sycls.
Some minor corrections with includes etc.
Option so-reuseport did not work. Thanks to Some Raghavendra Prabhu
for sending a patch.
Programs invoked with EXEC, nofork, and -u or -U had stdin and stdout
incorrectly assigned
Test: EXEC_NOFORK_UNIDIR
Thanks to David Reiss for reporting this problem.
Socat exited with status 0 even when a program invoked with SYSTEM or
EXEC failed.
Tests: SYSTEM_RC EXEC_RC
Issue reported by Felix Winkelmann.
AddressSanitizer reported a few buffer overflows (false positives).
Nevertheless fixed Socat source.
Issue reported by Hanno Böck.
Socat did not use option ipv6-join-group.
Test: USE_IPV6_JOIN_GROUP
Thanks to Linus Lüssing for sending a patch.
UDP-LISTEN did not honor the max-children option.
Test: UDP4MAXCHILDREN UDP6MAXCHILDREN
Thanks to Leander Berwers for reporting this issue.
Options so-rcvtimeo and so-sndtimeo do not work with poll()/select()
and therefore were useless.
Thanks to Steve Borenstein for reporting this issue.
Option dhparam was documented as dhparams. Added the alias name
dhparams to fix this.
Thanks to Alexander Neumann for sending a patch.
Options shut-down and shut-close did not work.
Thanks to Stefan Schimanski for providing a patch.
There was a bug in printing readline log message caused by a misleading
indentation.
Thanks to Paul Wouters for reporting.
The internal vsnprintf_r function looped or crashed on size parameter
with hexadecimal output.
Ignore exit code of child process when it was killed by master due to
EOF
Corrected byte order on read of IPV6_TCLASS value from ancillary
message
Fixed type of the bool element in options. This had bug caused failures
e.g. of ignoreeof on big-endian systems when bool was not based on int.
On systems with predefined bool type whose size differs from int some
IPv6 and TCP options (per setsockopt()) failed.
Length of integral data in ancillary messages varies (TOS: 1 byte,
TTL: 4 bytes), the old implementation failed for TTL on big-endian
hosts.
Fixed an issue in options processing: TUN and DNS flags had failed on
big-endian systems and the NO- forms had probable never worked.
porting:
Type conflict between int and sig_atomic_t between declaration and
definition of diag_immediate_type and diag_immediate_exit broke
compilation on FreeBSD 10.1 with clang. Thanks to Emanuel Haupt for
reporting this bug.
Socat failed to compile on platforms with OpenSSL without
DTLSv1_client_method or DTLSv1_server_method.
Thanks to Simon Matter for sending a patch.
NuttX OS headers do not provide struct ip, thus socat did not compile.
Made struct ip subject to configure.
Thanks to SP for reporting this issue.
Socat failed to compile with OpenSSL version 1.0.2d where
SSLv3_server_method and SSLv3_client_method are no longer defined.
Thanks to Mischa ter Smitten for reporting this issue and providing
a patch.
configure checked for OpenSSL EC_KEY assuming it is a define but it
is a type, thus OpenSSL ECDHE ciphers failed even on Linux.
Thanks to Andrey Arapov for reporting this bug.
Changes to make socat compile with OpenSSL 1.1.
Thanks to Sebastian Andrzej Siewior e.a. from the Debian team for
providing the base patch.
Debian Bug#828550
Make Socat compatible with BoringSSL.
Thanks to Matt Braithwaite for providing a patch.
OpenSSL: Use RAND_status to determine PRNG state
Thanks to Adam Langley for providing a patch
AIX-7 uses an extended O_ACCMODE that does not fit socat's internal
requirements. Thanks to Garrick Trowsdale for providing a patch
LibreSSL support: check for OPENSSL_NO_COMP
Thanks to Bernard Spil for providing a patch
testing:
socks4echo.sh and socks4a-echo.sh hung with new bash with read -n
test.sh: stderr; option -v (verbose); FDOUT_ERROR description
improved proxy.sh - it now also takes hostnames
A few corrections in test.sh
DTLS1 test hangs on some distributions. Test is now only performed
with OpenSSL 1.0.2 or higher.
More corrections to test.sh that reveal a mistake with IPV6_TCLASS
docu:
Corrected source of socat man page to correctly show man references
like socket(2); removed obseolete entries from See Also
Docu and some comments mentioned addresses SSL-LISTEN and SSL-CONNECT
that do not exist (OPENSSL-LISTEN, SSL-L; and OPENNSSL-CONNECT, SSL
are correct).
Thanks to Zhigang Wang for reporting this issue.
Fixed a couple of English spelling and grammar mistakes.
Thanks to Jakub Wild for sending the patches.
NOEXPAND() was not resolved 2 times.
More minor docu corrections
legal:
Added contributors to copyright notices. Suggested by Matt Braithwaite.
####################### V 1.7.3.1:
security:
Socat security advisory 8
A stack overflow in vulnerability was found that can be triggered when
command line arguments (complete address specifications, host names,
file names) are longer than 512 bytes.
Successful exploitation might allow an attacker to execute arbitrary
code with the privileges of the socat process.
This vulnerability can only be exploited when an attacker is able to
inject data into socat's command line.
A vulnerable scenario would be a CGI script that reads data from clients
and uses (parts of) this data as hostname for a Socat invocation.
Test: NESTEDOVFL
Credits to Takumi Akiyama for finding and reporting this issue.
Socat security advisory 7
MSVR-1499
In the OpenSSL address implementation the hard coded 1024 bit DH p
parameter was not prime. The effective cryptographic strength of a key
exchange using these parameters was weaker than the one one could get by
using a prime p. Moreover, since there is no indication of how these
parameters were chosen, the existence of a trapdoor that makes possible
for an eavesdropper to recover the shared secret from a key exchange
that uses them cannot be ruled out.
Futhermore, 1024bit is not considered sufficiently secure.
Fix: generated a new 2048bit prime.
Thanks to Santiago Zanella-Beguelin and Microsoft Vulnerability
Research (MSVR) for finding and reporting this issue.
####################### V 1.7.3.0:
security:
Socat security advisory 6
CVE-2015-1379: Possible DoS with fork
Fixed problems with signal handling caused by use of not async signal
safe functions in signal handlers that could freeze socat, allowing
denial of service attacks.
Many changes in signal handling and the diagnostic messages system were
applied to make the code async signal safe but still provide detailled
logging from signal handlers:
Coded function vsnprintf_r() as async signal safe incomplete substitute
of libc vsnprintf()
Coded function snprinterr() to replace %m in strings with a system error
message
Instead of gettimeofday() use clock_gettime() when available
Pass Diagnostic messages from signal handler per unix socket to the main
program flow
Use sigaction() instead of signal() for better control
Turn off nested signal handler invocations
Thanks to Peter Lobsinger for reporting and explaining this issue.
Red Hat issue 1019975: add TLS host name checks
OpenSSL client checks if the server certificates names in
extensions/subjectAltName/DNS or in subject/commonName match the name
used to connect or the value of the openssl-commonname option.
Test: OPENSSL_CN_CLIENT_SECURITY
OpenSSL server checks if the client certificates names in
extensions/subjectAltNames/DNS or subject/commonName match the value of
the openssl-commonname option when it is used.
Test: OPENSSL_CN_SERVER_SECURITY
Red Hat issue 1019964: socat now uses the system certificate store with
OPENSSL when neither options cafile nor capath are used
Red Hat issue 1019972: needs to specify OpenSSL cipher suites
Default cipherlist is now "HIGH:-NULL:-PSK:-aNULL" instead of empty to
prevent downgrade attacks
new features:
OpenSSL addresses set couple of environment variables from values in
peer certificate, e.g.:
SOCAT_OPENSSL_X509_SUBJECT, SOCAT_OPENSSL_X509_ISSUER,
SOCAT_OPENSSL_X509_COMMONNAME,
SOCAT_OPENSSL_X509V3_SUBJECTALTNAME_DNS
Tests: ENV_OPENSSL_{CLIENT,SERVER}_X509_*
Added support for methods TLSv1, TLSv1.1, TLSv1.2, and DTLS1
Tests: OPENSSL_METHOD_*
Enabled OpenSSL server side use of ECDHE ciphers. Feature suggested
by Andrey Arapov.
Added a new option termios-rawer for ptys.
Thanks to Christian Vogelgsang for pointing me to this requirement
corrections:
Bind with ABSTRACT commands used non-abstract namespace (Linux).
Test: ABSTRACT_BIND
Thanks to Denis Shatov for reporting this bug.
Fixed return value of nestlex()
Option ignoreeof on the right address hung.
Test: IGNOREEOF_REV
Thanks to Franz Fasching for reporting this bug.
Address SYSTEM, when terminating, shut down its parent addresses,
e.g. an SSL connection which the parent assumed to still be active.
Test: SYSTEM_SHUTDOWN
Passive (listening or receiving) addresses with empty port field bound
to a random port instead of terminating with error.
Test: TCP4_NOPORT
configure with some combination of disable options produced config
files that failed to compile due to missing IPPROTO_TCP.
Thanks to Thierry Fournier for report and patch.
fixed a few minor bugs with OpenSSL in configure and with messages
Socat did not work in FIPS mode because 1024 instead of 512 bit DH prime
is required. Thanks to Zhigang Wang for reporting and sending a patch.
Christophe Leroy provided a patch that fixes memory leaks reported by
valgrind
Help for filan -L was bad, is now corrected to:
"follow symbolic links instead of showing their properties"
Address options fdin and fdout were silently ignored when not applicable
due to -u or -U option. Now these combinations are caught as errors.
Test: FDOUT_ERROR
Issue reported by Hendrik.
Added option termios-cfmakeraw that calls cfmakeraw() and is preferred
over option raw which is now obsolote. On SysV systems this call is
simulated by appropriate setting.
Thanks to Youfu Zhang for reporting issue with option raw.
porting:
Socat included <sys/poll.h> instead of POSIX <poll.h>
Thanks to John Spencer for reporting this issue.
Version 1.7.2.4 changed the check for gcc in configure.ac; this
broke cross compiling. The particular check gets reverted.
Thanks to Ross Burton and Danomi Manchego for reporting this issue.
Debian Bug#764251: Set the build timestamp to a deterministic time:
support external BUILD_DATE env var to allow to build reproducable
binaries
Joachim Fenkes provided an new adapted spec file.
Type bool and macros Min and Max are defined by socat which led to
compile errors when they were already provided by build framework.
Thanks to Liyu Liu for providing a patch.
David Arnstein contributed a patch for NetBSD 5.1 including stdbool.h
support and appropriate files in Config/
Lauri Tirkkonen contributed a patch regarding netinet/if_ether.h
on Illumos
Changes for Openindiana: define _XPG4_2, __EXTENSIONS__,
_POSIX_PTHREAD_SEMANTICS; and minor changes
Red Hat issue 1182005: socat 1.7.2.4 build failure missing
linux/errqueue.h
Socat failed to compile on on PPC due to new requirements for
including <linux/errqueue.h> and a weakness in the conditional code.
Thanks to Michel Normand for reporting this issue.
doc:
In the man page the PTY example was badly formatted. Thanks to
J.F.Sebastian for sending a patch.
Added missing CVE ids to security issues in CHANGES
testing:
Do not distribute testcert.conf with socat source but generate it
(and new testcert6.conf) during test.sh run.
####################### V 1.7.2.4:
corrections:
LISTEN based addresses applied some address options, e.g. so-keepalive,
to the listening file descriptor instead of the connected file
descriptor
Thanks to Ulises Alonso for reporting this bug
make failed after configure with non gcc compiler due to missing
include. Thanks to Horacio Mijail for reporting this problem
configure checked for --disable-rawsocket but printed
--disable-genericsocket in the help text. Thanks to Ben Gardiner for
reporting and patching this bug
In xioshutdown() a wrong branch was chosen after RECVFROM type addresses.
Probably no impact.
Thanks to David Binderman for reporting this issue.
procan could not cleanly format ulimit values longer than 16 decimal
digits. Thanks to Frank Dana for providing a patch that increases field
width to 24 digits.
OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with
"Invalid argument"
Thanks to Emile den Tex for reporting this bug.
Changed some variable definitions to make gcc -O2 aliasing checker happy
Thanks to Ilya Gordeev for reporting these warnings
On big endian platforms with type long >32bit the range option applied a
bad base address. Thanks to hejia hejia for reporting and fixing this bug.
Red Hat issue 1022070: missing length check in xiolog_ancillary_socket()
Red Hat issue 1022063: out-of-range shifts on net mask bits
Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4()
Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy()
uses
Red Hat issue 1021958: fixed a bug with faulty buffer/data length
calculation in xio-ascii.c:_xiodump()
Red Hat issue 1021972: fixed a missing NUL termination in return string
of sysutils.c:sockaddr_info() for the AF_UNIX case
fixed some typos and minor issues, including:
Red Hat issue 1021967: formatting error in manual page
UNIX-LISTEN with fork option did not remove the socket file system entry
when exiting. Other file system based passive address types had similar
issues or failed to apply options umask, user e.a.
Thanks to Lorenzo Monti for pointing me to this issue
porting:
Red Hat issue 1020203: configure checks fail with some compilers.
Use case: clang
Performed changes for Fedora release 19
Adapted, improved test.sh script
Red Hat issue 1021429: getgroupent fails with large number of groups;
use getgrouplist() when available instead of sequence of calls to
getgrent()
Red Hat issue 1021948: snprintf API change;
Implemented xio_snprintf() function as wrapper that tries to emulate C99
behaviour on old glibc systems, and adapted all affected calls
appropriately
Mike Frysinger provided a patch that supports long long for time_t,
socklen_t and a few other libc types.
Artem Mygaiev extended Cedril Priscals Android build script with pty code
The check for fips.h required stddef.h
Thanks to Matt Hilt for reporting this issue and sending a patch
Check for linux/errqueue.h failed on some systems due to lack of
linux/types.h inclusion. Thanks to Michael Vastola for sending a patch.
autoconf now prefers configure.ac over configure.in
Thanks to Michael Vastola for sending a patch.
type of struct cmsghdr.cmsg is system dependend, determine it with
configure; some more print format corrections
docu:
libwrap always logs to syslog
added actual text version of GPLv2
####################### V 1.7.2.3:
security:
Socat security advisory 5
CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
overflow with data from command line (see socat-secadv5.txt)
Credits to Florian Weimer of the Red Hat Product Security Team
####################### V 1.7.2.2:
security:
Socat security advisory 4
CVE-2013-3571:
after refusing a client connection due to bad source address or source
port socat shutdown() the socket but did not close() it, resulting in
a file descriptor leak in the listening process, visible with lsof and
possibly resulting in EMFILE Too many open files. This issue could be
misused for a denial of service attack.
Full credits to Catalin Mitrofan for finding and reporting this issue.
####################### V 1.7.2.1:
security:
Socat security advisory 3
CVE-2012-0219:
fixed a possible heap buffer overflow in the readline address. This bug
could be exploited when all of the following conditions were met:
1) one of the addresses is READLINE without the noprompt and without the
prompt options.
2) the other (almost arbitrary address) reads malicious data (which is
then transferred by socat to READLINE).
Workaround: when using the READLINE address apply option prompt or
noprompt.
Full credits to Johan Thillemann for finding and reporting this issue.
####################### V 1.7.2.0:
corrections:
when UNIX-LISTEN was applied to an existing file it failed as expected
but removed the file. Thanks to Bjoern Bosselmann for reporting this
problem
fixed a bug where socat might crash when connecting to a unix domain
socket using address GOPEN. Thanks to Martin Forssen for bug report and
patch.
UDP-LISTEN would alway set SO_REUSEADDR even without fork option and
when user set it to 0. Thanks to Michal Svoboda for reporting this bug.
UNIX-CONNECT did not support half-close. Thanks to Greg Hughes who
pointed me to that bug
TCP-CONNECT with option nonblock reported successful connect even when
it was still pending
address option ioctl-intp failed with "unimplemented type 26". Thanks
to Jeremy W. Sherman for reporting and fixing that bug
socat option -x did not print packet direction, timestamp etc; thanks
to Anthony Sharobaiko for sending a patch
address PTY does not take any parameters but did not report an error
when some were given
Marcus Meissner provided a patch that fixes invalid output and possible
process crash when socat prints info about an unnamed unix domain
socket
Michal Soltys reported the following problem and provided an initial
patch: when socat was interrupted, e.g. by SIGSTOP, and resumed during
data transfer only parts of the data might have been written.
Option o-nonblock in combination with large transfer block sizes
may result in partial writes and/or EAGAIN errors that were not handled
properly but resulted in data loss or process termination.
Fixed a bug that could freeze socat when during assembly of a log
message a signal was handled that also printed a log message. socat
development had been aware that localtime() is not thread safe but had
only expected broken messages, not corrupted stack (glibc 2.11.1,
Ubuntu 10.4)
an internal store for child pids was susceptible to pid reuse which
could lead to sporadic data loss when both fork option and exec address
were used. Thanks to Tetsuya Sodo for reporting this problem and
sending a patch
OpenSSL server failed with "no shared cipher" when using cipher aNULL.
Fixed by providing temporary DH parameters. Thanks to Philip Rowlands
for drawing my attention to this issue.
UDP-LISTEN slept 1s after accepting a connection. This is not required.
Thanks to Peter Valdemar Morch for reporting this issue
fixed a bug that could lead to error or socat crash after a client
connection with option retry had been established
fixed configure.in bug on net/if.h check that caused IF_NAMESIZE to be
undefined
improved dev_t print format definition
porting:
Cedril Priscal ported socat to Android (using Googles cross compiler).
The port includes the socat_buildscript_for_android.sh script
added check for component ipi_spec_dst in struct in_pktinfo so
compilation does not fail on Cygwin (thanks to Peter Wagemans for
reporting this problem)
build failed on RHEL6 due to presence of fips.h; configure now checks
for fipsld too. Thanks to Andreas Gruenbacher for reporting this
problem
check for netinet6/in6.h only when IPv6 is available and enabled
don't fail to compile when the following defines are missing:
IPV6_PKTINFO IPV6_RTHDR IPV6_DSTOPTS IPV6_HOPOPTS IPV6_HOPLIMIT
Thanks to Jerry Jacobs for reporting this problem (Mac OS X Lion 10.7)
check if define __APPLE_USE_RFC_2292 helps to enable IPV6_* (MacOSX
Lion 7.1); thanks to Jerry Jacobs to reporting this problem and
proposing a solution
fixed compiler warnings on Mac OS X 64bit. Thanks to Guy Harris for
providing the patch.
corrections for OpenEmbedded, especially termios SHIFT values and
ISPEED/OSPEED. Thanks to John Faith for providing the patch
minor corrections to docu and test.sh resulting from local compilation
on Openmoko SHR
fixed sa_family_t compile error on DragonFly. Thanks to Tony Young for
reporting this issue and sending a patch.
Ubuntu Oneiric: OpenSSL no longer provides SSLv2 functions; libutil.sh
is now bsd/libutil.h; compiler warns on vars that is only written to
new features:
added option max-children that limits the number of concurrent child
processes. Thanks to Sam Liddicott for providing the patch.
Till Maas added support for tun/tap addresses without IP address
added an option openssl-compress that allows to disable the compression
feature of newer OpenSSL versions. Thanks to Michael Hanselmann for
providing this contribution (sponsored by Google Inc.)
docu:
minor corrections in docu (thanks to Paggas)
client process -> child process
####################### V 1.7.1.3:
security:
Socat security advisory 2
CVE-2010-2799:
fixed a stack overflow vulnerability that occurred when command
line arguments (whole addresses, host names, file names) were longer
than 512 bytes.
Note that this could only be exploited when an attacker was able to
inject data into socat's command line.
Full credits to Felix Gröbert, Google Security Team, for finding and
reporting this issue
####################### V 1.7.1.2:
corrections:
user-late and group-late, when applied to a pty, affected the system
device /dev/ptmx instead of the pty (thanks to Matthew Cloke for
pointing me to this bug)
socats openssl addresses failed with "nonblocking operation did not
complete" when the peer performed a renegotiation. Thanks to Benjamin
Delpy for reporting this bug.
info message during socks connect showed bad port number on little
endian systems due to wrong byte order (thanks to Peter M. Galbavy for
bug report and patch)
Debian bug 531078: socat execs children with SIGCHLD ignored; corrected
to default. Thanks to Martin Dorey for reporting this bug.
porting:
building socat on systems that predefined the CFLAGS environment to
contain -Wall failed (esp.RedHat). Thanks to Paul Wouters for reporting
this problem and to Simon Matter for providing the patch
support for Solaris 8 and Sun Studio support (thanks to Sebastian
Kayser for providing the patches)
on some 64bit systems a compiler warning "cast from pointer to integer
of different size" was issued on some option definitions
added struct sockaddr_ll to union sockaddr_union to avoid "strict
aliasing" warnings (problem reported by Paul Wouters)
docu:
minor corrections in docu
####################### V 1.7.1.1:
corrections:
corrected the "fixed possible SIGSEGV" fix because SIGSEGV still might
occur under those conditions. Thanks to Toni Mattila for first
reporting this problem.
ftruncate64 cut its argument to 32 bits on systems with 32 bit long type
socat crashed on systems without setenv() (esp. SunOS up to Solaris 9);
thanks to Todd Stansell for reporting this bug
with unidirectional EXEC and SYSTEM a close() operation was performed
on a random number which could result in hanging e.a.
fixed a compile problem caused by size_t/socklen_t mismatch on 64bit
systems
docu mentioned option so-bindtodev but correct name is so-bindtodevice.
Thanks to Jim Zimmerman for reporting.
docu changes:
added environment variables example to doc/socat-multicast.html
####################### V 1.7.1.0:
new features:
address options shut-none, shut-down, and shut-close allow to control
socat's half close behaviour
with address option shut-null socat sends an empty packet to the peer
to indicate EOF
option null-eof changes the behaviour of sockets that receive an empty
packet to see EOF instead of ignoring it
introduced option names substuser-early and su-e, currently equivalent
to option substuser (thanks to Mike Perry for providing the patch)
corrections:
fixed some typos and improved some comments
####################### V 1.7.0.1:
corrections:
fixed possible SIGSEGV in listening addresses when a new connection was
reset by peer before the socket addresses could be retrieved. Thanks to
Mike Perry for sending a patch.
fixed a bug, introduced with version 1.7.0.0, that let client
connections with option connect-timeout fail when the connections
succeeded. Thanks to Bruno De Fraine for reporting this bug.
option end-close "did not apply" to addresses PTY, SOCKET-CONNECT,
and most UNIX-* and ABSTRACT-*
half close of EXEC and SYSTEM addresses did not work for pipes and
sometimes socketpair
help displayed for some option a wrong type
under some circumstances shutdown was called multiple times for the
same fd
####################### V 1.7.0.0:
new features:
new address types SCTP-CONNECT and SCTP-LISTEN implement SCTP stream
mode for IPv4 and IPv6; new address options sctp-maxseg and
sctp-nodelay (suggested by David A. Madore; thanks to Jonathan Brannan
for providing an initial patch)
new address "INTERFACE" for transparent network interface handling
(suggested by Stuart Nicholson)
added generic socket addresses: SOCKET-CONNECT, SOCKET-LISTEN,
SOCKET-SENDTO, SOCKET-RECVFROM, SOCKET-RECV, SOCKET-DATAGRAM allow
protocol independent socket handling; all parameters are explicitely
specified as numbers or hex data
added address options ioctl-void, ioctl-int, ioctl-intp, ioctl-string,
ioctl-bin for generic ioctl() calls.
added address options setsockopt-int, setsockopt-bin, and
setsockopt-string for generic setsockopt() calls
option so-type now only affects the socket() and socketpair() calls,
not the name resolution. so-type and so-prototype can now be applied to
all socket based addresses.
new address option "escape" allows to break a socat instance even when
raw terminal mode prevents ^C etc. (feature suggested by Guido Trotter)
socat sets environment variables SOCAT_VERSION, SOCAT_PID, SOCAT_PPID
for use in executed scripts
socat sets environment variables SOCAT_SOCKADDR, SOCAT_SOCKPORT,
SOCAT_PEERADDR, SOCAT_PEERPORT in LISTEN type addresses (feature
suggested by Ed Sawicki)
socat receives all ancillary messages with each received packet on
datagram related addresses. The messages are logged in raw form with
debug level, and broken down with info level. note: each type of
ancillary message must be enabled by appropriate address options.
socat provides the contents of ancillary messages received on RECVFROM
addresses in appropriate environment variables:
SOCAT_TIMESTAMP, SOCAT_IP_DSTADDR, SOCAT_IP_IF, SOCAT_IP_LOCADDR,
SOCAT_IP_OPTIONS, SOCAT_IP_TOS, SOCAT_IP_TTL, SOCAT_IPV6_DSTADDR,
SOCAT_IPV6_HOPLIMIT, SOCAT_IPV6_TCLASS
the following address options were added to enable ancillary messages:
so-timestamp, ip-pktinfo (not BSD), ip-recvdstaddr (BSD), ip-recverr,
ip-recvif (BSD), ip-recvopts, ip-recvtos, ip-recvttl, ipv6-recvdstopts,
ipv6-recverr, ipv6-recvhoplimit, ipv6-recvhopopts, ipv6-recvpathmtu,
ipv6-recvpktinfo, ipv6-recvrthdr, ipv6-recvtclass
new address options ipv6-tclass and ipv6-unicast-hops set the related
socket options.
STREAMS (UNIX System V STREAMS) can be configured with the new address
options i-pop-all and i-push (thanks to Michal Rysavy for providing a
patch)
corrections:
some raw IP and UNIX datagram modes failed on BSD systems
when UDP-LISTEN continued to listen after packet dropped by, e.g.,
range option, the old listen socket would not be closed but a new one
created. open sockets could accumulate.
there was a bug in ip*-recv with bind option: it did not bind, and
with the first received packet an error occurred:
socket_init(): unknown address family 0
test: RAWIP4RECVBIND
RECVFROM addresses with FORK option hung after processing the first
packet. test: UDP4RECVFROM_FORK
corrected a few mistakes that caused compiler warnings on 64bit hosts
(thanks to Jonathan Brannan e.a. for providing a patch)
EXEC and SYSTEM with stderr injected socat messages into the data
stream. test: EXECSTDERRLOG
when the EXEC address got a string with consecutive spaces it created
additional empty arguments (thanks to Olivier Hervieu for reporting
this bug). test: EXECSPACES
in ignoreeof polling mode socat also blocked data transfer in the other
direction during the 1s wait intervalls (thanks to Jorgen Cederlof for
reporting this bug)
corrected alphabetical order of options (proxy-auth)
some minor corrections
improved test.sh script: more stable timing, corrections for BSD
replaced the select() calls by poll() to cleanly fix the problems with
many file descriptors already open
socat option -lf did not log to file but to stderr
socat did not compile on Solaris when configured without termios
feature (thanks to Pavan Gadi for reporting this bug)
porting:
socat compiles and runs on AIX with gcc (thanks to Andi Mather for his
help)
socat compiles and runs on Cygwin (thanks to Jan Just Keijser for his
help)
socat compiles and runs on HP-UX with gcc (thanks to Michal Rysavy for
his help)
socat compiles and runs on MacOS X (thanks to Camillo Lugaresi for his
help)
further changes:
filan -s prefixes output with FD number if more than one FD
Makefile now supports datarootdir (thanks to Camillo Lugaresi for
providing the patch)
cleanup in xio-unix.c
####################### V 1.6.0.1:
new features:
new make target "gitclean"
docu source doc/socat.yo released
corrections:
exec:...,pty did not kill child process under some circumstances; fixed
by correcting typo in xio-progcall.c (thanks to Ralph Forsythe for
reporting this problem)
service name resolution failed due to byte order mistake
(thanks to James Sainsbury for reporting this problem)
socat would hang when invoked with many file descriptors already opened
fix: replaced FOPEN_MAX with FD_SETSIZE
thanks to Daniel Lucq for reporting this problem.
fixed bugs where sub processes would become zombies because the master
process did not catch SIGCHLD. this affected addresses UDP-LISTEN,
UDP-CONNECT, TCP-CONNECT, OPENSSL, PROXY, UNIX-CONNECT, UNIX-CLIENT,
ABSTRACT-CONNECT, ABSTRACT-CLIENT, SOCKSA, SOCKS4A
(thanks to Fernanda G Weiden for reporting this problem)
fixed a bug where sub processes would become zombies because the master
process caught SIGCHLD but did not wait(). this affected addresses
UDP-RECVFROM, IP-RECVFROM, UNIX-RECVFROM, ABSTRACT-RECVFROM
(thanks to Evan Borgstrom for reporting this problem)
corrected option handling with STDIO; usecase: cool-write
configure --disable-pty also disabled option waitlock
fixed small bugs on systems with struct ip_mreq without struct ip_mreqn
(thanks to Roland Illig for sending a patch)
corrected name of option intervall to interval (old form still valid
for us German speaking guys)
corrected some print statements and variable names
make uninstall did not uninstall procan
fixed lots of weaknesses in test.sh
corrected some bugs and typos in doc/socat.yo, EXAMPLES, C comments
further changes:
procan -c prints C defines important for socat
added test OPENSSLEOF for OpenSSL half close
####################### V 1.6.0.0:
new features:
new addresses IP-DATAGRAM and UDP-DATAGRAM allow versatile broadcast
and multicast modes
new option ip-add-membership for control of multicast group membership
new address TUN for generation of Linux TUN/TAP pseudo network
interfaces (suggested by Mat Caughron); associated options tun-device,
tun-name, tun-type; iff-up, iff-promisc, iff-noarp, iff-no-pi etc.
new addresses ABSTRACT-CONNECT, ABSTRACT-LISTEN, ABSTRACT-SENDTO,
ABSTRACT-RECV, and ABSTRACT-RECVFROM for abstract UNIX domain addresses
on Linux (requested by Zeeshan Ali); option unix-tightsocklen controls
socklen parameter on system calls.
option end-close for control of connection closing allows FD sharing
by sub processes
range option supports form address:mask with IPv4
changed behaviour of OPENSSL-LISTEN to require and verify client
certificate per default
options f-setlkw-rd, f-setlkw-wr, f-setlk-rd, f-setlk-wr allow finer
grained locking on regular files
uninstall target in Makefile (lack reported by Zeeshan Ali)
corrections:
fixed bug where only first tcpwrap option was applied; fixed bug where
tcpwrap IPv6 check always failed (thanks to Rudolf Cejka for reporting
and fixing this bug)
filan (and socat -D) could hang when a socket was involved
corrected PTYs on HP-UX (and maybe others) using STREAMS (inspired by
Roberto Mackun)
correct bind with udp6-listen (thanks to Jan Horak for reporting this
bug)
corrected filan.c peekbuff[0] which did not compile with Sun Studio Pro
(thanks to Leo Zhadanovsky for reporting this problem)
corrected problem with read data buffered in OpenSSL layer (thanks to
Jon Nelson for reporting this bug)
corrected problem with option readbytes when input stream stayed idle
after so many bytes
fixed a bug where a datagram receiver with option fork could fork two
sub processes per packet
further changes:
moved documentation to new doc/ subdir
new documents (kind of mini tutorials) are provided in doc/
####################### V 1.5.0.0:
new features:
new datagram modes for udp, rawip, unix domain sockets
socat option -T specifies inactivity timeout
rewrote lexical analysis to allow nested socat calls
addresses tcp, udp, tcp-l, udp-l, and rawip now support IPv4 and IPv6
socat options -4, -6 and environment variables SOCAT_DEFAULT_LISTEN_IP,
SOCAT_PREFERRED_RESOLVE_IP for control of protocol selection
addresses ssl, ssl-l, socks, proxy now support IPv4 and IPv6
option protocol-family (pf), esp. for openssl-listen
range option supports IPv6 - syntax: range=[::1/128]
option ipv6-v6only (ipv6only)
new tcp-wrappers options allow-table, deny-table, tcpwrap-etc
FIPS version of OpenSSL can be integrated - initial patch provided by
David Acker. See README.FIPS
support for resolver options res-debug, aaonly, usevc, primary, igntc,
recurse, defnames, stayopen, dnsrch
options for file attributes on advanced filesystems (ext2, ext3,
reiser): secrm, unrm, compr, ext2-sync, immutable, ext2-append, nodump,
ext2-noatime, journal-data etc.
option cool-write controls severeness of write failure (EPIPE,
ECONNRESET)
option o-noatime
socat option -lh for hostname in log output
traffic dumping provides packet headers
configure.in became part of distribution
socats unpack directory now has full version, e.g. socat-1.5.0.0/
corrected docu of option verify
corrections:
fixed tcpwrappers integration - initial fix provided by Rudolf Cejka
exec with pipes,stderr produced error
setuid-early was ignored with many address types
some minor corrections
####################### V 1.4.3.1:
corrections:
PROBLEM: UNIX socket listen accepted only one (or a few) connections.
FIX: do not remove listening UNIX socket in child process
PROBLEM: SIGSEGV when TCP part of SSL connect failed
FIX: check ssl pointer before calling SSL_shutdown
In debug mode, show connect client port even when connect fails
####################### V 1.4.3.0:
new features:
socat options -L, -W for application level locking
options "lockfile", "waitlock" for address level locking
(Stefan Luethje)
option "readbytes" limits read length (Adam Osuchowski)
option "retry" for unix-connect, unix-listen, tcp6-listen (Dale Dude)
pty symlink, unix listen socket, and named pipe are per default removed
after use; option unlink-close overrides this new behaviour and also
controls removal of other socat generated files (Stefan Luethje)
corrections:
option "retry" did not work with tcp-listen
EPIPE condition could result in a 100% CPU loop
further changes:
support systems without SHUT_RD etc.
handle more size_t types
try to find makedepend options with gcc 3 (richard/OpenMacNews)
####################### V 1.4.2.0:
new features:
option "connect-timeout" limits wait time for connect operations
(requested by Giulio Orsero)
option "dhparam" for explicit Diffie-Hellman parameter file
corrections:
support for OpenSSL DSA certificates (Miika Komu)
create install directories before copying files (Miika Komu)
when exiting on signal, return status 128+signum instead of 1
on EPIPE and ECONNRESET, only issue a warning (Santiago Garcia
Mantinan)
-lu could cause a core dump on long messages
further changes:
modifications to simplify using socats features in applications
####################### V 1.4.1.0:
new features:
option "wait-slave" blocks open of pty master side until a client
connects, "pty-intervall" controls polling
option -h as synonym to -? for help (contributed by Christian
Lademann)
filan prints formatted time stamps and rdev (disable with -r)
redirect filan's output, so stdout is not affected (contributed by
Luigi Iotti)
filan option -L to follow symbolic links
filan shows termios control characters
corrections:
proxy address no longer performs unsolicited retries
filan -f no longer needs read permission to analyze a file (but still
needs access permission to directory, of course)
porting:
Option dsusp
FreeBSD options noopt, nopush, md5sig
OpenBSD options sack-disable, signature-enable
HP-UX, Solaris options abort-threshold, conn-abort-threshold
HP-UX options b900, b3600, b7200
Tru64/OSF1 options keepinit, paws, sackena, tsoptena
further corrections:
address pty now uses ptmx as default if openpty is also available
####################### V 1.4.0.3:
security:
Socat security advisory 1
CVE-2004-1484:
fix to a syslog() based format string vulnerability that can lead to
remote code execution. See advisory socat-adv-1.txt
####################### V 1.4.0.2:
corrections:
exec'd write-only addresses get a chance to flush before being killed
error handler: print notice on error-exit
filan printed wrong file type information
####################### V 1.4.0.1:
corrections:
socks4a constructed invalid header. Problem found, reported, and fixed
by Thomas Themel, by Peter Palfrader, and by rik
with nofork, don't forget to apply some process related options
(chroot, setsid, setpgid, ...)
####################### V 1.4.0.0:
new features:
simple openssl server (ssl-l), experimental openssl trust
new options "cafile", "capath", "key", "cert", "egd", and "pseudo" for
openssl
new options "retry", "forever", and "intervall"
option "fork" for address TCP improves `gender changer´
options "sigint", "sigquit", and "sighup" control passing of signals to
sub process (thanks to David Shea who contributed to this issue)
readline takes respect to the prompt issued by the peer address
options "prompt" and "noprompt" allow to override readline's new
default behaviour
readline supports invisible password with option "noecho"
socat option -lp allows to set hostname in log output
socat option -lu turns on microsecond resolution in log output
corrections:
before reading available data, check if writing on other channel is
possible
tcp6, udp6: support hostname specification (not only IP address), and
map IP4 names to IP6 addresses
openssl client checks server certificate per default
support unidirectional communication with exec/system subprocess
try to restore original terminal settings when terminating
test.sh uses tmp dir /tmp/$USER/$$ instead of /tmp/$$
socks4 failed on platforms where long does not have 32 bits
(thanks to Peter Palfrader and Thomas Seyrat)
hstrerror substitute wrote wrong messages (HP-UX, Solaris)
proxy error message was truncated when answer contained multiple spaces
porting:
compiles with AIX xlc, HP-UX cc, Tru64 cc (but might not link)
####################### V 1.3.2.2:
corrections:
PROXY CONNECT failed when the status reply from the proxy server
contained more than one consecutive spaces. Problem reported by
Alexandre Bezroutchko
do not SIGSEGV when proxy address fails to resolve server name
udp-listen failed on systems where AF_INET != SOCK_DGRAM (e.g. SunOS).
Problem reported by Christoph Schittel
test.sh only tests available features
added missing IP and TCP options in filan analyzer
do not apply stdio address options to both directions when in
unidirectional mode
on systems lacking /dev/*random and egd, provide (weak) entropy from
libc random()
porting:
changes for HP-UX (VREPRINT, h_NETDB_INTERNAL)
compiles on True64, FreeBSD (again), NetBSD, OpenBSD
support for long long as st_ino type (Cygwin 1.5)
compile on systems where pty can not be featured
####################### V 1.3.2.1:
corrections:
"final" solution for the ENOCHLD problem
corrected "make strip"
default gcc debug/opt is "-O" again
check for /proc at runtime, even if configure found it
src.rpm accidently supported SuSE instead of RedHat
####################### V 1.3.2.0:
new features:
option "nofork" connects an exec'd script or program directly
to the file descriptors of the other address, circumventing the socat
transfer engine
support for files >2GB, using ftruncate64(), lseek64(), stat64()
filan has new "simple" output style (filan -s)
porting:
options "binary" and "text" for controlling line termination on Cygwin
file system access (hint from Yang Wu-Zhou)
fix by Yang Wu-Zhou for the Cygwin "No Children" problem
improved support for OSR: _SVID3; no IS_SOCK, no F_GETOWN (thanks to
John DuBois)
minor corrections to avoid warnings with gcc 3
further corrections and minor improvements:
configure script is generated with autoconf 2.57 (no longer 2.52)
configure passes CFLAGS to Makefile
option -??? for complete list of address options and their short forms
program name in syslog messages is derived from argv[0]
SIGHUP now prints notice instead of error
EIO during read of pty now gives Notice instead of Error, and
triggers EOF
use of hstrerror() for printing resolver error messages
setgrent() got required endgrent()
####################### V 1.3.1.0:
new features:
integration of Wietse Venema's tcpwrapper library (libwrap)
with "proxy" address, option "resolve" controls if hostname or IP
address is sent in request
option "lowport" establishes limited authorization for TCP and UDP
connections
improvement of .spec file for RPM creation (thanks to Gerd v. Egidy)
An accompanying change in the numbering scheme results in an
incompatibility with earlier socat RPMs!
solved problems and bugs:
PROBLEM: socat daemon terminated when the address of a connecting
client did not match range option value instead of continue listening
SOLVED: in this case, print warning instead of error to keep daemon
active
PROBLEM: tcp-listen with fork sometimes left excessive number of zombie
processes
SOLVED: dont assume that each exiting child process generates SIGCHLD
when converting CRNL to CR, socat converted to NL
further corrections:
configure script now disables features that depend on missing files
making it more robust in "unsupported" environments
server.pem permissions corrected to 600
"make install" now does not strip; use "make strip; make install"
if you like strip (suggested by Peter Bray)
####################### V 1.3.0.1:
solved problems and bugs:
PROBLEM: OPENSSL did not apply tcp, ip, and socket options
SOLVED: OPENSSL now correctly handles the options list
PROBLEM: CRNL to NL and CRNL to CR conversions failed when CRNL crossed
block boundary
SOLVED: these conversions now simply strip all CR's or NL's from input
stream
porting:
SunOS ptys now work on x86, too (thanks to Peter Bray)
configure looks for freeware libs in /pkgs/lib/ (thanks to Peter Bray)
further corrections:
added WITH_PROXY value to -V output
added compile dependencies of WITH_PTY and WITH_PROXY
-?? did not print option group of proxy options
corrected syntax for bind option in docu
corrected an issue with stdio in unidirectional mode
options socksport and proxyport support service names
ftp.sh script supports proxy address
man page no longer installed with execute permissions (thanks to Peter
Bray)
fixed a malloc call bug that could cause SIGSEGV or false "out of
memory" errors on EXEC and SYSTEM, depending on program name length and
libc.
####################### V 1.3.0.0:
new features:
proxy connect with optional proxy authentication
combined hex and text dump mode, credits to Gregory Margo
address pty applies options user, group, and perm to device
solved problems and bugs:
PROBLEM: option reuseport was not applied (BSD, AIX)
SOLVED: option reuseport now in phase PASTSOCKET instead of PREBIND,
credits to Jean-Baptiste Marchand
PROBLEM: ignoreeof with stdio was ignored
SOLVED: ignoreeof now works correctly with address stdio
PROBLEM: ftp.sh did not use user supplied password
SOLVED: ftp.sh now correctly passes password from command line
PROBLEM: server.pem had expired
SOLVED: new server.pem valid for ten years
PROBLEM: socks notice printed wrong port on some platforms
SOLVED: socks now uses correct byte-order for port number in notice
further corrections:
option name o_trunc corrected to o-trunc
combined use of -u and -U is now detected and prevented
made message system a little more robust against format string attacks
####################### V 1.2.0.0:
new features:
address pty for putting socat behind a new pseudo terminal that may
fake a serial line, modem etc.
experimental openssl integration
(it does not provide any trust between the peers because is does not
check certificates!)
options flock-ex, flock-ex-nb, flock-sh, flock-sh-nb to control all
locking mechanism provided by flock()
options setsid and setpgid now available with all address types
option ctty (controlling terminal) now available for all TERMIOS
addresses
option truncate (a hybrid of open(.., O_TRUNC) and ftruncate()) is
replaced by options o-trunc and ftruncate=offset
option sourceport now available with TCP and UDP listen addresses to
restrict incoming client connections
unidirectional mode right-to-left (-U)
solved problems and bugs:
PROBLEM: addresses without required parameters but an option containing
a '/' were incorrectly interpreted as implicit GOPEN address
SOLVED: if an address does not have ':' separator but contains '/',
check if the slash is before the first ',' before assuming
implicit GOPEN.
porting:
ptys under SunOS work now due to use of stream options
further corrections:
with -d -d -d -d -D, don't print debug info during file analysis
####################### V 1.1.0.1:
new features:
.spec file for RPM generation
solved problems and bugs:
PROBLEM: GOPEN on socket did not apply option unlink-late
SOLUTION: GOPEN for socket now applies group NAMED, phase PASTOPEN
options
PROBLEM: with unidirectional mode, an unnecessary close timeout was
applied
SOLUTION: in unidirectional mode, terminate without wait time
PROBLEM: using GOPEN on a unix domain socket failed for datagram
sockets
SOLUTION: when connect() fails with EPROTOTYPE, use a datagram socket
further corrections:
open() flag options had names starting with "o_", now corrected to "o-"
in docu, *-listen addresses were called *_listen
address unix now called unix-connect because it does not handle unix
datagram sockets
in test.sh, apply global command line options with all tests
####################### V 1.1.0.0:
new features:
regular man page and html doc - thanks to kromJx for prototype
new address type "readline", utilizing GNU readline and history libs
address option "history-file" for readline
new option "dash" to "exec" address that allows to start login shells
syslog facility can be set per command line option
new address option "tcp-quickack", found in Linux 2.4
option -g prevents option group checking
filan and procan can print usage
procan prints rlimit infos
solved problems and bugs:
PROBLEM: raw IP socket SIGSEGV'ed when it had been shut down.
SOLVED: set eof flag of channel on shutdown.
PROBLEM: if channel 2 uses a single non-socket FD in bidirectional mode
and has data available while channel 1 reaches EOF, the data is
lost.
SOLVED: during one loop run, first handle all data transfers and
_afterwards_ handle EOF.
PROBLEM: despite to option NONBLOCK, the connect() call blocked
SOLVED: option NONBLOCK is now applied in phase FD instead of LATE
PROBLEM: UNLINK options issued error when file did not exist,
terminating socat
SOLVED: failure of unlink() is only warning if errno==ENOENT
PROBLEM: TCP6-LISTEN required numeric port specification
SOLVED: now uses common TCP service resolver
PROBLEM: with PIPE, wrong FDs were shown for data transfer loop
SOLVED: retrieval of FDs now pays respect to PIPE pecularities
PROBLEM: using address EXEC against an address with IGNOREEOF, socat
never terminated
SOLVED: corrected EOF handling of sigchld
porting:
MacOS and old AIX versions now have pty
flock() now available on Linux (configure check was wrong)
named pipe were generated using mknod(), which requires root under BSD
now they are generated using mkfifo
further corrections:
lots of address options that were "forgotten" at runtime are now
available
option BINDTODEVICE now also called SO-BINDTODEVICE, IF
"make install" now installs binaries with ownership 0:0
####################### V 1.0.4.2:
solved problems and bugs:
PROBLEM: EOF of one stream caused close of other stream, giving it no
chance to go down regularly
SOLVED: EOF of one stream now causes shutdown of write part of other
stream
PROBLEM: sending mail via socks address to qmail showed that crlf
option does not work
SOLVED: socks address applies PH_LATE options
PROBLEM: in debug mode, no info about socat and platform was issued
SOLVED: print socat version and uname output in debug mode
PROBLEM: invoking socat with -t and no following parameters caused
SIGSEGV
SOLVED: -t and -b now check next argv entry
PROBLEM: when opening of logfile (-lf) failed, no error was reported
and no further messages were printed
SOLVED: check result of fopen and print error message if it failed
new features:
address type UDP-LISTEN now supports option fork: it internally applies
socket option SO_REUSEADDR so a new UDP socket can bind to port after
`accepting´ a connection (child processes might live forever though)
(suggestion from Damjan Lango)
####################### V 1.0.4.1:
solved problems and bugs:
PROB: assert in libc caused an endless recursion
SOLVED: no longer catch SIGABRT
PROB: socat printed wrong verbose prefix for "right to left" packets
SOLVED: new parameter for xiotransfer() passes correct prefix
new features:
in debug mode, socat prints its command line arguments
in verbose mode, escape special characters and replace unprintables
with '.'. Patch from Adrian Thurston.
####################### V 1.0.4.0:
solved problems and bugs:
Debug output for lstat and fstat said "stat"
further corrections:
FreeBSD now includes libutil.h
new features:
option setsid with exec/pty
option setpgid with exec/pty
option ctty with exec/pty
TCP V6 connect test
gettimeofday in sycls.c (no use yet)
porting:
before Gethostbyname, invoke inet_aton for MacOSX
####################### V 1.0.3.0:
solved problems and bugs:
PROB: test 9 of test.sh (echo via file) failed on some platforms,
socat exited without error message
SOLVED: _xioopen_named_early(): preset statbuf.st_mode with 0
PROB: test 17 hung forever
REASON: child death before select loop did not result in EOF
SOLVED: check of existence of children before starting select loop
PROB: test 17 failed
REASON: child dead triggered EOF before last data was read
SOLVED: after child death, read last data before setting EOF
PROB: filan showed that exec processes incorrectly had fd3 open
REASON: inherited open fd3 from main process
SOLVED: set CLOEXEC flag on pty fd in main process
PROB: help printed "undef" instead of group "FORK"
SOLVED: added "FORK" to group name array
PROB: fatal messages did not include severity classifier
SOLVED: added "F" to severity classifier array
PROB: IP6 addresses where printed incorrectly
SOLVED: removed type casts to unsigned short *
further corrections:
socat catches illegal -l modes
corrected error message on setsockopt(linger)
option tabdly is of type uint
correction for UDP over IP6
more cpp conditionals, esp. for IP6 situations
better handling of group NAMED options with listening UNIX sockets
applyopts2 now includes last given phase
corrected option group handling for most address types
introduce dropping of unappliable options (dropopts, dropopts2)
gopen now accepts socket and unix-socket options
exec and system now accept all socket and termios options
child process for exec and system addresses with option pty
improved descriptions and options for EXAMPLES
printf format for file mode changed to "0%03o" with length spec.
added va_end() in branch of msg()
changed phase of lock options from PASTOPEN to FD
support up to four early dying processes
structural changes:
xiosysincludes now includes sysincludes.h for non xio files
new features:
option umask
CHANGES file
TYPE_DOUBLE, u_double
OFUNC_OFFSET
added getsid(), setsid(), send() to sycls
procan prints sid (session id)
mail.sh gets -f (from) option
new EXAMPLEs for file creation
gatherinfo.sh now tells about failures
test.sh can check for much more address/option combinations
porting:
ispeed, ospeed for termios on FreeBSD
getpgid() conditional for MacOS 10
added ranlib in Makefile.in for MacOS 10
disable pty option if no pty mechanism is available (MacOS 10)
now compiles and runs on MacOS 10 (still some tests fail)
setgroups() conditional for cygwin
sighandler_t defined conditionally
use gcc option -D_GNU_SOURCE
Reference in a new issue View git blame Copy permalink