openssl/openssl-0.9.8g-ipv6-apps.patch

   1 diff -up openssl-0.9.8g/apps/s_socket.c.ipv6-apps openssl-0.9.8g/apps/s_socket.c
   2 --- openssl-0.9.8g/apps/s_socket.c.ipv6-apps    2005-06-13 05:21:00.000000000 +0200
   3 +++ openssl-0.9.8g/apps/s_socket.c      2007-12-03 13:28:42.000000000 +0100
   4 @@ -96,9 +96,7 @@ static struct hostent *GetHostByName(cha
   5  static void ssl_sock_cleanup(void);
   6  #endif
   7  static int ssl_sock_init(void);
   8 -static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
   9 -static int init_server(int *sock, int port, int type);
  10 -static int init_server_long(int *sock, int port,char *ip, int type);
  11 +static int init_server(int *sock, char *port, int type);
  12  static int do_accept(int acc_sock, int *sock, char **host);
  13  static int host_ip(char *str, unsigned char ip[4]);
  14
  15 @@ -228,60 +226,69 @@ static int ssl_sock_init(void)
  16         return(1);
  17         }
  18
  19 -int init_client(int *sock, char *host, int port, int type)
  20 +int init_client(int *sock, char *host, char *port, int type)
  21         {
  22 -       unsigned char ip[4];
  23 -       short p=0;
  24 -
  25 -       if (!host_ip(host,&(ip[0])))
  26 -               {
  27 -               return(0);
  28 -               }
  29 -       if (p != 0) port=p;
  30 -       return(init_client_ip(sock,ip,port,type));
  31 -       }
  32 -
  33 -static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
  34 -       {
  35 -       unsigned long addr;
  36 -       struct sockaddr_in them;
  37 -       int s,i;
  38 +       struct addrinfo *res, *res0, hints;
  39 +       char * failed_call = NULL;
  40 +       int s;
  41 +       int e;
  42
  43         if (!ssl_sock_init()) return(0);
  44
  45 -       memset((char *)&them,0,sizeof(them));
  46 -       them.sin_family=AF_INET;
  47 -       them.sin_port=htons((unsigned short)port);
  48 -       addr=(unsigned long)
  49 -               ((unsigned long)ip[0]<<24L)|
  50 -               ((unsigned long)ip[1]<<16L)|
  51 -               ((unsigned long)ip[2]<< 8L)|
  52 -               ((unsigned long)ip[3]);
  53 -       them.sin_addr.s_addr=htonl(addr);
  54 -
  55 -       if (type == SOCK_STREAM)
  56 -               s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
  57 -       else /* ( type == SOCK_DGRAM) */
  58 -               s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
  59 -
  60 -       if (s == INVALID_SOCKET) { perror("socket"); return(0); }
  61 +       memset(&hints, '\0', sizeof(hints));
  62 +       hints.ai_socktype = type;
  63 +       hints.ai_flags = AI_ADDRCONFIG;
  64 +
  65 +       e = getaddrinfo(host, port, &hints, &res);
  66 +       if (e)
  67 +       {
  68 +               fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
  69 +               if (e == EAI_SYSTEM)
  70 +                       perror("getaddrinfo");
  71 +               return (0);
  72 +               }
  73
  74 +       res0 = res;
  75 +       while (res)
  76 +               {
  77 +               s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
  78 +               if (s == INVALID_SOCKET)
  79 +                       {
  80 +                       failed_call = "socket";
  81 +                       goto nextres;
  82 +                       }
  83  #ifndef OPENSSL_SYS_MPE
  84         if (type == SOCK_STREAM)
  85                 {
  86 -               i=0;
  87 -               i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
  88 -               if (i < 0) { perror("keepalive"); return(0); }
  89 +                       int i=0;
  90 +                       i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
  91 +                               (char *)&i,sizeof(i));
  92 +                       if (i < 0) {
  93 +                               failed_call = "keepalive";
  94 +                               goto nextres;
  95 +                               }
  96                 }
  97  #endif
  98 -
  99 -       if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
 100 -               { close(s); perror("connect"); return(0); }
 101 +               if (connect(s,(struct sockaddr *)res->ai_addr,
 102 +                       res->ai_addrlen) == 0)
 103 +                       {
 104 +                       freeaddrinfo(res0);
 105         *sock=s;
 106         return(1);
 107         }
 108 +               failed_call = "socket";
 109 +nextres:
 110 +               if (s != INVALID_SOCKET)
 111 +                       close(s);
 112 +               res = res->ai_next;
 113 +               }
 114 +       freeaddrinfo(res0);
 115
 116 -int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
 117 +       perror(failed_call);
 118 +       return(0);
 119 +       }
 120 +
 121 +int do_server(char *port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
 122         {
 123         int sock;
 124         char *name = NULL;
 125 @@ -319,33 +326,38 @@ int do_server(int port, int type, int *r
 126                 }
 127         }
 128
 129 -static int init_server_long(int *sock, int port, char *ip, int type)
 130 +static int init_server(int *sock, char *port, int type)
 131         {
 132 -       int ret=0;
 133 -       struct sockaddr_in server;
 134 -       int s= -1,i;
 135 +       struct addrinfo *res, *res0, hints;
 136 +       char * failed_call = NULL;
 137 +       char port_name[8];
 138 +       int s;
 139 +       int e;
 140
 141         if (!ssl_sock_init()) return(0);
 142
 143 -       memset((char *)&server,0,sizeof(server));
 144 -       server.sin_family=AF_INET;
 145 -       server.sin_port=htons((unsigned short)port);
 146 -       if (ip == NULL)
 147 -               server.sin_addr.s_addr=INADDR_ANY;
 148 -       else
 149 -/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
 150 -#ifndef BIT_FIELD_LIMITS
 151 -               memcpy(&server.sin_addr.s_addr,ip,4);
 152 -#else
 153 -               memcpy(&server.sin_addr,ip,4);
 154 -#endif
 155 +       memset(&hints, '\0', sizeof(hints));
 156 +       hints.ai_socktype = type;
 157 +       hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
 158
 159 -               if (type == SOCK_STREAM)
 160 -                       s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
 161 -               else /* type == SOCK_DGRAM */
 162 -                       s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
 163 +       e = getaddrinfo(NULL, port, &hints, &res);
 164 +       if (e)
 165 +               {
 166 +               fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
 167 +               if (e == EAI_SYSTEM)
 168 +                       perror("getaddrinfo");
 169 +               return (0);
 170 +               }
 171
 172 -       if (s == INVALID_SOCKET) goto err;
 173 +       res0 = res;
 174 +       while (res)
 175 +               {
 176 +               s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
 177 +               if (s == INVALID_SOCKET)
 178 +                       {
 179 +                       failed_call = "socket";
 180 +                       goto nextres;
 181 +                       }
 182  #if defined SOL_SOCKET && defined SO_REUSEADDR
 183                 {
 184                 int j = 1;
 185 @@ -353,36 +365,39 @@ static int init_server_long(int *sock, i
 186                            (void *) &j, sizeof j);
 187                 }
 188  #endif
 189 -       if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
 190 +
 191 +               if (bind(s,(struct sockaddr *)res->ai_addr, res->ai_addrlen) == -1)
 192                 {
 193 -#ifndef OPENSSL_SYS_WINDOWS
 194 -               perror("bind");
 195 -#endif
 196 -               goto err;
 197 +                       failed_call = "bind";
 198 +                       goto nextres;
 199                 }
 200 -       /* Make it 128 for linux */
 201 -       if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
 202 -       i=0;
 203 -       *sock=s;
 204 -       ret=1;
 205 -err:
 206 -       if ((ret == 0) && (s != -1))
 207 +               if (type==SOCK_STREAM && listen(s,128) == -1)
 208                 {
 209 -               SHUTDOWN(s);
 210 +                       failed_call = "listen";
 211 +                       goto nextres;
 212                 }
 213 -       return(ret);
 214 +
 215 +               *sock=s;
 216 +               return(1);
 217 +
 218 +nextres:
 219 +               if (s != INVALID_SOCKET)
 220 +                       close(s);
 221 +               res = res->ai_next;
 222         }
 223 +       freeaddrinfo(res0);
 224
 225 -static int init_server(int *sock, int port, int type)
 226 -       {
 227 -       return(init_server_long(sock, port, NULL, type));
 228 +       if (s == INVALID_SOCKET) { perror("socket"); return(0); }
 229 +
 230 +       perror(failed_call);
 231 +       return(0);
 232         }
 233
 234  static int do_accept(int acc_sock, int *sock, char **host)
 235         {
 236 -       int ret,i;
 237 -       struct hostent *h1,*h2;
 238 -       static struct sockaddr_in from;
 239 +       static struct sockaddr_storage from;
 240 +       char buffer[NI_MAXHOST];
 241 +       int ret;
 242         int len;
 243  /*     struct linger ling; */
 244
 245 @@ -427,137 +442,62 @@ redoit:
 246         if (i < 0) { perror("keepalive"); return(0); }
 247  */
 248
 249 -       if (host == NULL) goto end;
 250 -#ifndef BIT_FIELD_LIMITS
 251 -       /* I should use WSAAsyncGetHostByName() under windows */
 252 -       h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
 253 -               sizeof(from.sin_addr.s_addr),AF_INET);
 254 -#else
 255 -       h1=gethostbyaddr((char *)&from.sin_addr,
 256 -               sizeof(struct in_addr),AF_INET);
 257 -#endif
 258 -       if (h1 == NULL)
 259 -               {
 260 -               BIO_printf(bio_err,"bad gethostbyaddr\n");
 261 -               *host=NULL;
 262 -               /* return(0); */
 263 -               }
 264 -       else
 265 +       if (host == NULL)
 266                 {
 267 -               if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
 268 -                       {
 269 -                       perror("OPENSSL_malloc");
 270 +               *sock=ret;
 271                         return(0);
 272                         }
 273 -               BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
 274
 275 -               h2=GetHostByName(*host);
 276 -               if (h2 == NULL)
 277 +       if (getnameinfo((struct sockaddr *)&from, sizeof(from),
 278 +               buffer, sizeof(buffer),
 279 +               NULL, 0, 0))
 280                         {
 281 -                       BIO_printf(bio_err,"gethostbyname failure\n");
 282 +               BIO_printf(bio_err,"getnameinfo failed\n");
 283 +               *host=NULL;
 284                         return(0);
 285                         }
 286 -               i=0;
 287 -               if (h2->h_addrtype != AF_INET)
 288 +       else
 289                         {
 290 -                       BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
 291 +               if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
 292 +                       {
 293 +                       perror("OPENSSL_malloc");
 294                         return(0);
 295                         }
 296 -               }
 297 -end:
 298 +               strcpy(*host, buffer);
 299         *sock=ret;
 300         return(1);
 301         }
 302 +       }
 303
 304 -int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
 305 -            short *port_ptr)
 306 +int extract_host_port(char *str, char **host_ptr,
 307 +            char **port_ptr)
 308         {
 309 -       char *h,*p;
 310 +       char *h,*p,*x;
 311
 312 -       h=str;
 313 -       p=strchr(str,':');
 314 +       x=h=str;
 315 +       if (*h == '[')
 316 +               {
 317 +               h++;
 318 +               p=strchr(h,']');
 319         if (p == NULL)
 320                 {
 321 -               BIO_printf(bio_err,"no port defined\n");
 322 +                       BIO_printf(bio_err,"no ending bracket for IPv6 address\n");
 323                 return(0);
 324                 }
 325         *(p++)='\0';
 326 -
 327 -       if ((ip != NULL) && !host_ip(str,ip))
 328 -               goto err;
 329 -       if (host_ptr != NULL) *host_ptr=h;
 330 -
 331 -       if (!extract_port(p,port_ptr))
 332 -               goto err;
 333 -       return(1);
 334 -err:
 335 -       return(0);
 336 +               x = p;
 337         }
 338 -
 339 -static int host_ip(char *str, unsigned char ip[4])
 340 -       {
 341 -       unsigned int in[4];
 342 -       int i;
 343 -
 344 -       if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
 345 -               {
 346 -               for (i=0; i<4; i++)
 347 -                       if (in[i] > 255)
 348 -                               {
 349 -                               BIO_printf(bio_err,"invalid IP address\n");
 350 -                               goto err;
 351 -                               }
 352 -               ip[0]=in[0];
 353 -               ip[1]=in[1];
 354 -               ip[2]=in[2];
 355 -               ip[3]=in[3];
 356 -               }
 357 -       else
 358 -               { /* do a gethostbyname */
 359 -               struct hostent *he;
 360 -
 361 -               if (!ssl_sock_init()) return(0);
 362 -
 363 -               he=GetHostByName(str);
 364 -               if (he == NULL)
 365 -                       {
 366 -                       BIO_printf(bio_err,"gethostbyname failure\n");
 367 -                       goto err;
 368 -                       }
 369 -               /* cast to short because of win16 winsock definition */
 370 -               if ((short)he->h_addrtype != AF_INET)
 371 +       p=strchr(x,':');
 372 +       if (p == NULL)
 373                         {
 374 -                       BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
 375 -                       return(0);
 376 -                       }
 377 -               ip[0]=he->h_addr_list[0][0];
 378 -               ip[1]=he->h_addr_list[0][1];
 379 -               ip[2]=he->h_addr_list[0][2];
 380 -               ip[3]=he->h_addr_list[0][3];
 381 -               }
 382 -       return(1);
 383 -err:
 384 +               BIO_printf(bio_err,"no port defined\n");
 385         return(0);
 386         }
 387 +       *(p++)='\0';
 388
 389 -int extract_port(char *str, short *port_ptr)
 390 -       {
 391 -       int i;
 392 -       struct servent *s;
 393 +       if (host_ptr != NULL) *host_ptr=h;
 394 +       if (port_ptr != NULL) *port_ptr=p;
 395
 396 -       i=atoi(str);
 397 -       if (i != 0)
 398 -               *port_ptr=(unsigned short)i;
 399 -       else
 400 -               {
 401 -               s=getservbyname(str,"tcp");
 402 -               if (s == NULL)
 403 -                       {
 404 -                       BIO_printf(bio_err,"getservbyname failure for %s\n",str);
 405 -                       return(0);
 406 -                       }
 407 -               *port_ptr=ntohs((unsigned short)s->s_port);
 408 -               }
 409         return(1);
 410         }
 411
 412 diff -up openssl-0.9.8g/apps/s_server.c.ipv6-apps openssl-0.9.8g/apps/s_server.c
 413 --- openssl-0.9.8g/apps/s_server.c.ipv6-apps    2007-08-23 14:16:02.000000000 +0200
 414 +++ openssl-0.9.8g/apps/s_server.c      2007-12-03 13:31:14.000000000 +0100
 415 @@ -592,7 +592,7 @@ int MAIN(int argc, char *argv[])
 416         {
 417         X509_STORE *store = NULL;
 418         int vflags = 0;
 419 -       short port=PORT;
 420 +       char *port_str = PORT_STR;
 421         char *CApath=NULL,*CAfile=NULL;
 422         unsigned char *context = NULL;
 423         char *dhfile = NULL;
 424 @@ -662,8 +662,7 @@ int MAIN(int argc, char *argv[])
 425                          (strcmp(*argv,"-accept") == 0))
 426                         {
 427                         if (--argc < 1) goto bad;
 428 -                       if (!extract_port(*(++argv),&port))
 429 -                               goto bad;
 430 +                       port_str= *(++argv);
 431                         }
 432                 else if (strcmp(*argv,"-verify") == 0)
 433                         {
 434 @@ -1332,9 +1331,9 @@ bad:
 435                 }
 436         BIO_printf(bio_s_out,"ACCEPT\n");
 437         if (www)
 438 -               do_server(port,socket_type,&accept_socket,www_body, context);
 439 +               do_server(port_str,socket_type,&accept_socket,www_body, context);
 440         else
 441 -               do_server(port,socket_type,&accept_socket,sv_body, context);
 442 +               do_server(port_str,socket_type,&accept_socket,sv_body, context);
 443         print_stats(bio_s_out,ctx);
 444         ret=0;
 445  end:
 446 diff -up openssl-0.9.8g/apps/s_client.c.ipv6-apps openssl-0.9.8g/apps/s_client.c
 447 --- openssl-0.9.8g/apps/s_client.c.ipv6-apps    2007-08-23 14:20:56.000000000 +0200
 448 +++ openssl-0.9.8g/apps/s_client.c      2007-12-03 13:28:42.000000000 +0100
 449 @@ -285,7 +285,7 @@ int MAIN(int argc, char **argv)
 450         int cbuf_len,cbuf_off;
 451         int sbuf_len,sbuf_off;
 452         fd_set readfds,writefds;
 453 -       short port=PORT;
 454 +       char *port_str = PORT_STR;
 455         int full_log=1;
 456         char *host=SSL_HOST_NAME;
 457         char *cert_file=NULL,*key_file=NULL;
 458 @@ -377,13 +377,12 @@ int MAIN(int argc, char **argv)
 459                 else if (strcmp(*argv,"-port") == 0)
 460                         {
 461                         if (--argc < 1) goto bad;
 462 -                       port=atoi(*(++argv));
 463 -                       if (port == 0) goto bad;
 464 +                       port_str= *(++argv);
 465                         }
 466                 else if (strcmp(*argv,"-connect") == 0)
 467                         {
 468                         if (--argc < 1) goto bad;
 469 -                       if (!extract_host_port(*(++argv),&host,NULL,&port))
 470 +                       if (!extract_host_port(*(++argv),&host,&port_str))
 471                                 goto bad;
 472                         }
 473                 else if (strcmp(*argv,"-verify") == 0)
 474 @@ -739,7 +738,7 @@ bad:
 475
 476  re_start:
 477
 478 -       if (init_client(&s,host,port,sock_type) == 0)
 479 +       if (init_client(&s,host,port_str,sock_type) == 0)
 480                 {
 481                 BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
 482                 SHUTDOWN(s);
 483 diff -up openssl-0.9.8g/apps/s_apps.h.ipv6-apps openssl-0.9.8g/apps/s_apps.h
 484 --- openssl-0.9.8g/apps/s_apps.h.ipv6-apps      2007-12-03 13:28:42.000000000 +0100
 485 +++ openssl-0.9.8g/apps/s_apps.h        2007-12-03 13:28:42.000000000 +0100
 486 @@ -148,7 +148,7 @@ typedef fd_mask fd_set;
 487  #define PORT_STR        "4433"
 488  #define PROTOCOL        "tcp"
 489
 490 -int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
 491 +int do_server(char *port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
 492  #ifdef HEADER_X509_H
 493  int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 494  #endif
 495 @@ -156,10 +156,9 @@ int MS_CALLBACK verify_callback(int ok,
 496  int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 497  int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
 498  #endif
 499 -int init_client(int *sock, char *server, int port, int type);
 500 +int init_client(int *sock, char *server, char *port, int type);
 501  int should_retry(int i);
 502 -int extract_port(char *str, short *port_ptr);
 503 -int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
 504 +int extract_host_port(char *str,char **host_ptr,char **port_ptr);
 505
 506  long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 507         int argi, long argl, long ret);