1 diff -ruNp socat.master/CHANGES socat.fixes/CHANGES
2 --- socat.master/CHANGES 2015-02-19 21:04:55.791758104 +0100
3 +++ socat.fixes/CHANGES 2015-02-19 21:05:12.736668452 +0100
7 + Type conflict between int and sig_atomic_t between declaration and
8 + definition of diag_immediate_type and diag_immediate_exit broke
9 + compilation on FreeBSD 10.1 with clang. Thanks to Emanuel Haupt for
12 + configure checked for OpenSSL EC_KEY assuming it is a define but it
13 + is a type, thus OpenSSL ECDHE ciphers failed even on Linux. Thanks to
14 + Andrey Arapov for reporting this bug.
16 + Socat hung when configured with --disable-sycls.
19 + Socat failed to compile on platforms with OpenSSL without
20 + DTLSv1_client_method or DTLSv1_server_method.
21 + Thanks to Simon Matter for sending a patch.
24 + socat.yo mentioned address name SSL-LISTEN which never existed (use
25 + OPENSSL-LISTEN or SSL-L instead).
26 + Thanks to Zhigang Wang for sending a patch.
28 ####################### V 1.7.3.0:
31 diff -ruNp socat.master/Makefile.in socat.fixes/Makefile.in
32 --- socat.master/Makefile.in 2015-02-19 21:04:55.792758099 +0100
33 +++ socat.fixes/Makefile.in 2015-02-19 21:05:12.736668452 +0100
34 @@ -54,7 +54,7 @@ XIOSRCS = xioinitialize.c xiohelp.c xiop
35 xio-pty.c xio-openssl.c xio-streams.c\
36 xio-ascii.c xiolockfile.c xio-tcpwrap.c xio-ext2.c xio-tun.c
37 XIOOBJS = $(XIOSRCS:.c=.o)
38 -UTLSRCS = error.c dalan.c procan.c procan-cdefs.c hostan.c fdname.c sysutils.c utils.c nestlex.c vsnprintf_r.c snprinterr.c @FILAN@ @SYCLS@ @SSLCLS@
39 +UTLSRCS = error.c dalan.c procan.c procan-cdefs.c hostan.c fdname.c sysutils.c utils.c nestlex.c vsnprintf_r.c snprinterr.c @FILAN@ sycls.c @SSLCLS@
40 UTLOBJS = $(UTLSRCS:.c=.o)
41 CFILES = $(XIOSRCS) $(UTLSRCS) socat.c procan_main.c filan_main.c
42 OFILES = $(CFILES:.c=.o)
43 diff -ruNp socat.master/config.h.in socat.fixes/config.h.in
44 --- socat.master/config.h.in 2015-02-19 21:04:55.792758099 +0100
45 +++ socat.fixes/config.h.in 2015-02-19 21:05:12.737668447 +0100
47 #undef HAVE_DTLSv1_client_method
48 #undef HAVE_DTLSv1_server_method
50 +/* Define if you have the EC_KEY type */
51 +#undef HAVE_TYPE_EC_KEY
53 /* Define if you have the flock function */
56 diff -ruNp socat.master/configure.in socat.fixes/configure.in
57 --- socat.master/configure.in 2015-02-19 21:04:55.793758094 +0100
58 +++ socat.fixes/configure.in 2015-02-19 21:05:12.738668442 +0100
59 @@ -1451,6 +1451,18 @@ AC_CHECK_FUNC(TLSv1_2_server_method, AC_
60 AC_CHECK_FUNC(DTLSv1_client_method, AC_DEFINE(HAVE_DTLSv1_client_method), AC_CHECK_LIB(crypt, DTLSv1_client_method, [LIBS=-lcrypt $LIBS]))
61 AC_CHECK_FUNC(DTLSv1_server_method, AC_DEFINE(HAVE_DTLSv1_server_method), AC_CHECK_LIB(crypt, DTLSv1_server_method, [LIBS=-lcrypt $LIBS]))
63 +AC_MSG_CHECKING(for type EC_KEY)
64 +AC_CACHE_VAL(sc_cv_type_EC_TYPE,
65 +[AC_TRY_COMPILE([#include <openssl/ec.h>
67 +[sc_cv_type_EC_KEY=yes],
68 +[sc_cv_type_EC_KEY=no])])
69 +if test $sc_cv_type_EC_KEY = yes; then
70 + AC_DEFINE(HAVE_TYPE_EC_KEY)
72 +AC_MSG_RESULT($sc_cv_type_EC_KEY)
78 diff -ruNp socat.master/doc/socat.yo socat.fixes/doc/socat.yo
79 --- socat.master/doc/socat.yo 2015-02-19 21:04:55.797758072 +0100
80 +++ socat.fixes/doc/socat.yo 2015-02-19 21:05:12.741668426 +0100
81 @@ -2317,8 +2317,8 @@ label(OPTION_FORK)dit(bf(tt(fork)))
82 After establishing a connection, handles its channel in a child process and
83 keeps the parent process attempting to produce more connections, either by
84 listening or by connecting in a loop (link(example)(EXAMPLE_OPTION_FORK)).nl()
85 - SSL-CONNECT and SSL-LISTEN differ in when they actually fork off the child:
86 -SSL-LISTEN forks em(before) the SSL handshake, while SSL-CONNECT forks
87 + SSL-CONNECT and OPENSSL-LISTEN differ in when they actually fork off the child:
88 +OPENSSL-LISTEN forks em(before) the SSL handshake, while SSL-CONNECT forks
90 RETRY and FOREVER options are not inherited by the child process.nl()
91 On some operating systems (e.g. FreeBSD) this option does not work for
92 @@ -3186,7 +3186,7 @@ should establish connections to host www
95 label(EXAMPLE_ADDRESS_OPENSSL_CONNECT)
96 -dit(bf(tt(socat - SSL:server:4443,cafile=server.crt,cert=client.pem)))
97 +dit(bf(tt(socat - OPENSSL:server:4443,cafile=server.crt,cert=client.pem)))
99 is an OpenSSL client that tries to establish a secure connection to an SSL
100 server. Option link(cafile)(OPTION_OPENSSL_CAFILE) specifies a file that
101 @@ -3200,7 +3200,7 @@ The first address ('-') can be replaced
104 label(EXAMPLE_ADDRESS_OPENSSL_LISTEN)
105 -dit(bf(tt(socat SSL-LISTEN:4443,reuseaddr,pf=ip4,fork,cert=server.pem,cafile=client.crt PIPE)))
106 +dit(bf(tt(socat OPENSSL-LISTEN:4443,reuseaddr,pf=ip4,fork,cert=server.pem,cafile=client.crt PIPE)))
108 is an OpenSSL server that accepts TCP connections, presents the certificate
109 from the file server.pem and forces the client to present a certificate that is
110 diff -ruNp socat.master/error.h socat.fixes/error.h
111 --- socat.master/error.h 2015-02-19 21:04:55.797758072 +0100
112 +++ socat.fixes/error.h 2015-02-19 21:05:12.741668426 +0100
113 @@ -229,8 +229,8 @@ struct diag_dgram {
116 extern sig_atomic_t diag_in_handler;
117 -extern int diag_immediate_msg;
118 -extern int diag_immediate_exit;
119 +extern sig_atomic_t diag_immediate_msg;
120 +extern sig_atomic_t diag_immediate_exit;
122 extern void diag_set(char what, const char *arg);
123 extern void diag_set_int(char what, int arg);
124 diff -ruNp socat.master/sslcls.c socat.fixes/sslcls.c
125 --- socat.master/sslcls.c 2015-02-19 21:04:55.798758067 +0100
126 +++ socat.fixes/sslcls.c 2015-02-19 21:05:12.741668426 +0100
127 @@ -143,6 +143,7 @@ const SSL_METHOD *sycTLSv1_2_server_meth
131 +#if HAVE_DTLSv1_client_method
132 const SSL_METHOD *sycDTLSv1_client_method(void) {
133 const SSL_METHOD *result;
134 Debug("DTLSv1_client_method()");
135 @@ -150,7 +151,9 @@ const SSL_METHOD *sycDTLSv1_client_metho
136 Debug1("DTLSv1_client_method() -> %p", result);
141 +#if HAVE_DTLSv1_server_method
142 const SSL_METHOD *sycDTLSv1_server_method(void) {
143 const SSL_METHOD *result;
144 Debug("DTLSv1_server_method()");
145 @@ -158,6 +161,7 @@ const SSL_METHOD *sycDTLSv1_server_metho
146 Debug1("DTLSv1_server_method() -> %p", result);
151 SSL_CTX *sycSSL_CTX_new(const SSL_METHOD *method) {
153 diff -ruNp socat.master/sslcls.h socat.fixes/sslcls.h
154 --- socat.master/sslcls.h 2015-02-19 21:04:55.798758067 +0100
155 +++ socat.fixes/sslcls.h 2015-02-19 21:05:12.741668426 +0100
156 @@ -77,6 +77,12 @@ const char *sycSSL_COMP_get_name(const C
157 #define sycSSLv23_server_method() SSLv23_server_method()
158 #define sycTLSv1_client_method() TLSv1_client_method()
159 #define sycTLSv1_server_method() TLSv1_server_method()
160 +#define sycTLSv1_1_client_method() TLSv1_1_client_method()
161 +#define sycTLSv1_1_server_method() TLSv1_1_server_method()
162 +#define sycTLSv1_2_client_method() TLSv1_2_client_method()
163 +#define sycTLSv1_2_server_method() TLSv1_2_server_method()
164 +#define sycDTLSv1_client_method() DTLSv1_client_method()
165 +#define sycDTLSv1_server_method() DTLSv1_server_method()
166 #define sycSSL_CTX_new(m) SSL_CTX_new(m)
167 #define sycSSL_new(c) SSL_new(c)
168 #define sycSSL_CTX_load_verify_locations(c,f,p) SSL_CTX_load_verify_locations(c,f,p)
169 diff -ruNp socat.master/sycls.c socat.fixes/sycls.c
170 --- socat.master/sycls.c 2015-02-19 21:04:55.799758062 +0100
171 +++ socat.fixes/sycls.c 2015-02-19 21:05:12.742668421 +0100
174 #include "xioconfig.h" /* what features are enabled */
178 #include "sysincludes.h"
187 mode_t Umask(mode_t mask) {
190 @@ -34,18 +34,27 @@ mode_t Umask(mode_t mask) {
194 +#endif /* WITH_SYCLS */
197 int Open(const char *pathname, int flags, mode_t mode) {
199 if (!diag_in_handler) diag_flush();
201 Debug3("open(\"%s\", 0%o, 0%03o)", pathname, flags, mode);
202 +#endif /* WITH_SYCLS */
203 result = open(pathname, flags, mode);
205 if (!diag_in_handler) diag_flush();
207 Info4("open(\"%s\", 0%o, 0%03o) -> %d", pathname, flags, mode, result);
208 +#endif /* WITH_SYCLS */
215 int Creat(const char *pathname, mode_t mode) {
217 Debug2("creat(\"%s\", 0%03o)", pathname, mode);
218 @@ -515,15 +524,21 @@ int Pipe(int filedes[2]) {
222 +#endif /* WITH_SYCLS */
224 ssize_t Read(int fd, void *buf, size_t count) {
227 if (!diag_in_handler) diag_flush();
229 Debug3("read(%d, %p, "F_Zu")", fd, buf, count);
230 +#endif /* WITH_SYCLS */
231 result = read(fd, buf, count);
233 if (!diag_in_handler) diag_flush();
235 Debug1("read -> "F_Zd, result);
236 +#endif /* WITH_SYCLS */
240 @@ -532,11 +547,15 @@ ssize_t Write(int fd, const void *buf, s
243 if (!diag_in_handler) diag_flush();
245 Debug3("write(%d, %p, "F_Zu")", fd, buf, count);
246 +#endif /* WITH_SYCLS */
247 result = write(fd, buf, count);
249 if (!diag_in_handler) diag_flush();
251 Debug1("write -> "F_Zd, result);
252 +#endif /* WITH_SYCLS */
256 @@ -544,11 +563,15 @@ ssize_t Write(int fd, const void *buf, s
257 int Fcntl(int fd, int cmd) {
259 if (!diag_in_handler) diag_flush();
261 Debug2("fcntl(%d, %d)", fd, cmd);
262 +#endif /* WITH_SYCLS */
263 result = fcntl(fd, cmd);
264 if (!diag_in_handler) diag_flush();
267 Debug1("fcntl() -> %d", result);
268 +#endif /* WITH_SYCLS */
272 @@ -556,11 +579,15 @@ int Fcntl(int fd, int cmd) {
273 int Fcntl_l(int fd, int cmd, long arg) {
275 if (!diag_in_handler) diag_flush();
277 Debug3("fcntl(%d, %d, %ld)", fd, cmd, arg);
278 +#endif /* WITH_SYCLS */
279 result = fcntl(fd, cmd, arg);
281 if (!diag_in_handler) diag_flush();
283 Debug1("fcntl() -> %d", result);
284 +#endif /* WITH_SYCLS */
288 @@ -568,16 +595,22 @@ int Fcntl_l(int fd, int cmd, long arg) {
289 int Fcntl_lock(int fd, int cmd, struct flock *l) {
291 if (!diag_in_handler) diag_flush();
293 Debug7("fcntl(%d, %d, {type=%hd,whence=%hd,start="F_off",len="F_off",pid="F_pid"})",
294 fd, cmd, l->l_type, l->l_whence, l->l_start, l->l_len, l->l_pid);
295 +#endif /* WITH_SYCLS */
296 result = fcntl(fd, cmd, l);
298 if (!diag_in_handler) diag_flush();
300 Debug1("fcntl() -> %d", result);
301 +#endif /* WITH_SYCLS */
308 int Ftruncate(int fd, off_t length) {
310 Debug2("ftruncate(%d, "F_off")", fd, length);
311 @@ -600,15 +633,21 @@ int Ftruncate64(int fd, off64_t length)
313 #endif /* HAVE_FTRUNCATE64 */
315 +#endif /* WITH_SYCLS */
318 int Flock(int fd, int operation) {
320 if (!diag_in_handler) diag_flush();
322 Debug2("flock(%d, %d)", fd, operation);
323 +#endif /* WITH_SYCLS */
324 retval = flock(fd, operation);
326 if (!diag_in_handler) diag_flush();
328 Debug1("flock() -> %d", retval);
329 +#endif /* WITH_SYCLS */
333 @@ -617,29 +656,41 @@ int Flock(int fd, int operation) {
334 int Ioctl(int d, int request, void *argp) {
336 if (!diag_in_handler) diag_flush();
338 if (argp > (void *)0x10000) { /* fuzzy...*/
339 Debug4("ioctl(%d, 0x%x, %p{%lu})", d, request, argp, *(unsigned long *)argp);
341 Debug3("ioctl(%d, 0x%x, 0x%p)", d, request, argp);
343 +#endif /* WITH_SYCLS */
344 retval = ioctl(d, request, argp);
346 if (!diag_in_handler) diag_flush();
348 Debug1("ioctl() -> %d", retval);
349 +#endif /* WITH_SYCLS */
354 int Ioctl_int(int d, int request, int arg) {
356 + if (!diag_in_handler) diag_flush();
358 Debug3("ioctl(%d, 0x%x, %d)", d, request, arg);
359 +#endif /* WITH_SYCLS */
360 retval = ioctl(d, request, arg);
362 + if (!diag_in_handler) diag_flush();
364 Debug1("ioctl() -> %d", retval);
365 +#endif /* WITH_SYCLS */
374 Info1("close(%d)", fd);
375 @@ -720,11 +771,14 @@ int Chmod(const char *path, mode_t mode)
379 +#endif /* WITH_SYCLS */
382 /* we only show the first struct pollfd; hope this is enough for most cases. */
383 int Poll(struct pollfd *ufds, unsigned int nfds, int timeout) {
385 if (!diag_in_handler) diag_flush();
388 Debug10("poll({%d,0x%02hx,}{%d,0x%02hx,}{%d,0x%02hx,}{%d,0x%02hx,}, %u, %d)",
389 ufds[0].fd, ufds[0].events, ufds[1].fd, ufds[1].events,
390 @@ -733,15 +787,18 @@ int Poll(struct pollfd *ufds, unsigned i
392 Debug4("poll({%d,0x%02hx,}, , %u, %d)", ufds[0].fd, ufds[0].events, nfds, timeout);
394 +#endif /* WITH_SYCLS */
395 result = poll(ufds, nfds, timeout);
397 if (!diag_in_handler) diag_flush();
400 Debug5("poll(, {,,0x%02hx}{,,0x%02hx}{,,0x%02hx}{,,0x%02hx}) -> %d",
401 ufds[0].revents, ufds[1].revents, ufds[2].revents, ufds[3].revents, result);
403 Debug2("poll(, {,,0x%02hx}) -> %d", ufds[0].revents, result);
405 +#endif /* WITH_SYCLS */
409 @@ -753,6 +810,7 @@ int Select(int n, fd_set *readfds, fd_se
410 struct timeval *timeout) {
412 if (!diag_in_handler) diag_flush();
415 Debug7("select(%d, &0x%lx, &0x%lx, &0x%lx, %s%lu."F_tv_usec")",
416 n, readfds?readfds->fds_bits[0]:0, writefds?writefds->fds_bits[0]:0,
417 @@ -766,9 +824,11 @@ int Select(int n, fd_set *readfds, fd_se
418 timeout?"&":"NULL/", timeout?timeout->tv_sec:0,
419 timeout?timeout->tv_usec:0);
421 +#endif /* WITH_SYCLS */
422 result = select(n, readfds, writefds, exceptfds, timeout);
424 if (!diag_in_handler) diag_flush();
427 Debug7("select -> (, 0x%lx, 0x%lx, 0x%lx, %s%lu."F_tv_usec"), %d",
428 readfds?readfds->fds_bits[0]:0, writefds?writefds->fds_bits[0]:0,
429 @@ -782,11 +842,14 @@ int Select(int n, fd_set *readfds, fd_se
430 timeout?"&":"NULL/", timeout?timeout->tv_sec:0,
431 timeout?timeout->tv_usec:0, result);
433 +#endif /* WITH_SYCLS */
444 @@ -798,19 +861,27 @@ pid_t Fork(void) {
448 +#endif /* WITH_SYCLS */
450 pid_t Waitpid(pid_t pid, int *status, int options) {
453 if (!diag_in_handler) diag_flush();
455 Debug3("waitpid("F_pid", %p, %d)", pid, status, options);
456 +#endif /* WITH_SYCLS */
457 retval = waitpid(pid, status, options);
459 if (!diag_in_handler) diag_flush();
461 Debug2("waitpid(, {%d}, ) -> "F_pid, *status, retval);
462 +#endif /* WITH_SYCLS */
469 sighandler_t Signal(int signum, sighandler_t handler) {
472 @@ -891,18 +962,26 @@ int Execvp(const char *file, char *const
476 +#endif /* WITH_SYCLS */
478 int System(const char *string) {
481 Debug1("system(\"%s\")", string);
482 +#endif /* WITH_SYCLS */
483 diag_immediate_exit = 1;
484 result = system(string);
485 diag_immediate_exit = 0;
488 Debug1("system() -> %d", result);
489 +#endif /* WITH_SYCLS */
496 int Socketpair(int d, int type, int protocol, int sv[2]) {
498 Debug4("socketpair(%d, %d, %d, %p)", d, type, protocol, sv);
499 @@ -940,12 +1019,15 @@ int Bind(int sockfd, struct sockaddr *my
501 #endif /* _WITH_SOCKET */
503 +#endif /* WITH_SYCLS */
506 int Connect(int sockfd, const struct sockaddr *serv_addr, socklen_t addrlen) {
510 if (!diag_in_handler) diag_flush();
512 /*sockaddr_info(serv_addr, infobuff, sizeof(infobuff));
513 Debug3("connect(%d, %s, "F_Zd")", sockfd, infobuff, addrlen);*/
515 @@ -966,15 +1048,20 @@ int Connect(int sockfd, const struct soc
516 sockaddr_info(serv_addr, addrlen, infobuff, sizeof(infobuff)),
519 +#endif /* WITH_SYCLS */
520 result = connect(sockfd, serv_addr, addrlen);
522 if (!diag_in_handler) diag_flush();
524 Debug1("connect() -> %d", result);
525 +#endif /* WITH_SYCLS */
529 #endif /* _WITH_SOCKET */
534 int Listen(int s, int backlog) {
536 @@ -987,6 +1074,8 @@ int Listen(int s, int backlog) {
538 #endif /* _WITH_SOCKET */
540 +#endif /* WITH_SYCLS */
543 /* don't forget to handle EINTR when using Accept() ! */
544 int Accept(int s, struct sockaddr *addr, socklen_t *addrlen) {
545 @@ -998,10 +1087,13 @@ int Accept(int s, struct sockaddr *addr,
546 if (diag_select(s+1, &accept_s, NULL, NULL, NULL) < 0) {
550 Debug3("accept(%d, %p, %p)", s, addr, addrlen);
551 +#endif /* WITH_SYCLS */
552 result = accept(s, addr, addrlen);
554 if (!diag_in_handler) diag_flush();
558 sockaddr_info(addr, *addrlen, infobuff, sizeof(infobuff));
559 @@ -1012,11 +1104,14 @@ int Accept(int s, struct sockaddr *addr,
561 Debug1("accept(,,) -> %d", result);
563 +#endif /* WITH_SYCLS */
567 #endif /* _WITH_SOCKET */
572 int Getsockname(int s, struct sockaddr *name, socklen_t *namelen) {
574 @@ -1085,15 +1180,21 @@ int Setsockopt(int s, int level, int opt
576 #endif /* _WITH_SOCKET */
578 +#endif /* WITH_SYCLS */
581 int Recv(int s, void *buf, size_t len, int flags) {
583 if (!diag_in_handler) diag_flush();
585 Debug4("recv(%d, %p, "F_Zu", %d)", s, buf, len, flags);
586 +#endif /* WITH_SYCLS */
587 retval = recv(s, buf, len, flags);
589 if (!diag_in_handler) diag_flush();
591 Debug1("recv() -> %d", retval);
592 +#endif /* WITH_SYCLS */
596 @@ -1105,11 +1206,14 @@ int Recvfrom(int s, void *buf, size_t le
599 if (!diag_in_handler) diag_flush();
601 Debug6("recvfrom(%d, %p, "F_Zu", %d, %p, "F_socklen")",
602 s, buf, len, flags, from, *fromlen);
603 +#endif /* WITH_SYCLS */
604 retval = recvfrom(s, buf, len, flags, from, fromlen);
606 if (!diag_in_handler) diag_flush();
609 Debug4("recvfrom(,,,, {%d,%s}, "F_socklen") -> %d",
611 @@ -1118,6 +1222,7 @@ int Recvfrom(int s, void *buf, size_t le
613 Debug1("recvfrom(,,,, NULL, NULL) -> %d", retval);
615 +#endif /* WITH_SYCLS */
619 @@ -1127,6 +1232,7 @@ int Recvfrom(int s, void *buf, size_t le
620 int Recvmsg(int s, struct msghdr *msgh, int flags) {
622 if (!diag_in_handler) diag_flush();
625 #if defined(HAVE_STRUCT_MSGHDR_MSGCONTROL) && defined(HAVE_STRUCT_MSGHDR_MSGCONTROLLEN) && defined(HAVE_STRUCT_MSGHDR_MSGFLAGS)
626 Debug10("recvmsg(%d, %p{%p,%u,%p,"F_Zu",%p,"F_Zu",%d}, %d)", s, msgh,
627 @@ -1137,9 +1243,11 @@ int Recvmsg(int s, struct msghdr *msgh,
628 msgh->msg_name, msgh->msg_namelen, msgh->msg_iov, msgh->msg_iovlen,
631 +#endif /* WITH_SYCLS */
632 retval = recvmsg(s, msgh, flags);
634 if (!diag_in_handler) diag_flush();
636 #if defined(HAVE_STRUCT_MSGHDR_MSGCONTROLLEN)
637 Debug5("recvmsg(, {%s,%u,,"F_Zu",,"F_Zu",}, ) -> %d",
638 msgh->msg_name?sockaddr_info(msgh->msg_name, msgh->msg_namelen, infobuff, sizeof(infobuff)):"NULL",
639 @@ -1151,6 +1259,7 @@ int Recvmsg(int s, struct msghdr *msgh,
640 msgh->msg_namelen, msgh->msg_iovlen,
643 +#endif /* WITH_SYCLS */
647 @@ -1160,12 +1269,16 @@ int Recvmsg(int s, struct msghdr *msgh,
648 int Send(int s, const void *mesg, size_t len, int flags) {
650 if (!diag_in_handler) diag_flush();
652 Debug5("send(%d, %p[%08x...], "F_Zu", %d)",
653 s, mesg, ntohl(*(unsigned long *)mesg), len, flags);
654 +#endif /* WITH_SYCLS */
655 retval = send(s, mesg, len, flags);
657 if (!diag_in_handler) diag_flush();
659 Debug1("send() -> %d", retval);
660 +#endif /* WITH_SYCLS */
664 @@ -1178,18 +1291,24 @@ int Sendto(int s, const void *mesg, size
667 if (!diag_in_handler) diag_flush();
669 sockaddr_info(to, tolen, infobuff, sizeof(infobuff));
670 Debug7("sendto(%d, %p[%08x...], "F_Zu", %d, {%s}, %d)",
671 s, mesg, htonl(*(unsigned long *)mesg), len, flags, infobuff, tolen);
672 +#endif /* WITH_SYCLS */
673 retval = sendto(s, mesg, len, flags, to, tolen);
675 if (!diag_in_handler) diag_flush();
677 Debug1("sendto() -> %d", retval);
678 +#endif /* WITH_SYCLS */
682 #endif /* _WITH_SOCKET */
687 int Shutdown(int fd, int how) {
689 @@ -1497,13 +1616,18 @@ int Atexit(void (*func)(void)) {
693 +#endif /* WITH_SYCLS */
695 void Exit(int status) {
696 if (!diag_in_handler) diag_flush();
698 Debug1("exit(%d)", status);
699 +#endif /* WITH_SYCLS */
708 diff -ruNp socat.master/sycls.h socat.fixes/sycls.h
709 --- socat.master/sycls.h 2015-02-19 21:04:55.800758057 +0100
710 +++ socat.fixes/sycls.h 2015-02-19 21:05:12.742668421 +0100
711 @@ -12,7 +12,9 @@ struct flock;
714 mode_t Umask(mode_t mask);
715 +#endif /* WITH_SYCLS */
716 int Open(const char *pathname, int flags, mode_t mode);
718 int Creat(const char *pathname, mode_t mode);
719 off_t Lseek(int fildes, off_t offset, int whence);
721 @@ -54,18 +56,22 @@ int Lstat64(const char *file_name, struc
723 int Dup2(int oldfd, int newfd);
724 int Pipe(int filedes[2]);
725 +#endif /* WITH_SYCLS */
726 ssize_t Read(int fd, void *buf, size_t count);
727 ssize_t Write(int fd, const void *buf, size_t count);
728 int Fcntl(int fd, int cmd);
729 int Fcntl_l(int fd, int cmd, long arg);
730 int Fcntl_lock(int fd, int cmd, struct flock *l);
732 int Ftruncate(int fd, off_t length);
734 int Ftruncate64(int fd, off64_t length);
735 #endif /* HAVE_FTRUNCATE64 */
736 +#endif /* WITH_SYCLS */
737 int Flock(int fd, int operation);
738 int Ioctl(int d, int request, void *argp);
739 int Ioctl_int(int d, int request, int arg);
742 int Fchown(int fd, uid_t owner, gid_t group);
743 int Fchmod(int fd, mode_t mode);
744 @@ -74,11 +80,15 @@ int Symlink(const char *oldpath, const c
745 int Readlink(const char *path, char *buf, size_t bufsiz);
746 int Chown(const char *path, uid_t owner, gid_t group);
747 int Chmod(const char *path, mode_t mode);
748 +#endif /* WITH_SYCLS */
749 int Poll(struct pollfd *ufds, unsigned int nfds, int timeout);
750 int Select(int n, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
751 struct timeval *timeout);
754 +#endif /* WITH_SYCLS */
755 pid_t Waitpid(pid_t pid, int *status, int options);
757 #ifndef HAVE_TYPE_SIGHANDLER
758 typedef RETSIGTYPE (*sighandler_t)(int);
760 @@ -90,18 +100,27 @@ unsigned int Alarm(unsigned int seconds)
761 int Kill(pid_t pid, int sig);
762 int Link(const char *oldpath, const char *newpath);
763 int Execvp(const char *file, char *const argv[]);
764 +#endif /* WITH_SYCLS */
765 int System(const char *string);
767 int Socketpair(int d, int type, int protocol, int sv[2]);
768 +#endif /* WITH_SYCLS */
771 int Socket(int domain, int type, int protocol);
772 int Bind(int sockfd, struct sockaddr *my_addr, socklen_t addrlen);
773 +#endif /* WITH_SYCLS */
774 int Connect(int sockfd, const struct sockaddr *serv_addr, socklen_t addrlen);
776 int Listen(int s, int backlog);
777 +#endif /* WITH_SYCLS */
778 int Accept(int s, struct sockaddr *addr, socklen_t *addrlen);
780 int Getsockname(int s, struct sockaddr *name, socklen_t *namelen);
781 int Getpeername(int s, struct sockaddr *name, socklen_t *namelen);
782 int Getsockopt(int s, int level, int optname, void *optval, socklen_t *optlen);
783 int Setsockopt(int s, int level, int optname, const void *optval, int optlen);
784 +#endif /* WITH_SYCLS */
785 int Recv(int s, void *buf, size_t len, int flags);
786 int Recvfrom(int s, void *buf, size_t len, int flags, struct sockaddr *from,
788 @@ -109,8 +128,11 @@ int Recvmsg(int s, struct msghdr *msg, i
789 int Send(int s, const void *mesg, size_t len, int flags);
790 int Sendto(int s, const void *msg, size_t len, int flags,
791 const struct sockaddr *to, socklen_t tolen);
793 int Shutdown(int fd, int how);
794 +#endif /* WITH_SYCLS */
795 #endif /* _WITH_SOCKET */
797 unsigned int Sleep(unsigned int seconds);
798 void Usleep(unsigned long usec);
799 unsigned int Nanosleep(const struct timespec *req, struct timespec *rem);
800 @@ -136,7 +158,9 @@ int Unlockpt(int fd);
801 int Gethostname(char *name, size_t len);
802 int Uname(struct utsname *buf);
803 int Atexit(void (*func)(void));
804 +#endif /* WITH_SYCLS */
805 void Exit(int status);
808 int Mkstemp(char *template);
809 int Setenv(const char *name, const char *value, int overwrite);
810 @@ -153,7 +177,6 @@ void Add_history(const char *string);
811 #else /* !WITH_SYCLS */
813 #define Umask(m) umask(m)
814 -#define Open(p,f,m) open(p,f,m)
815 #define Creat(p,m) creat(p,m)
816 #define Lseek(f,o,w) lseek(f,o,w)
817 #define Lseek64(f,o,w) lseek64(f,o,w)
818 @@ -191,16 +214,8 @@ void Add_history(const char *string);
819 #define Dup(o) dup(o)
820 #define Dup2(o,n) dup2(o,n)
821 #define Pipe(f) pipe(f)
822 -#define Read(f,b,c) read(f,b,c)
823 -#define Write(f,b,c) write(f,b,c)
824 -#define Fcntl(f,c) fcntl(f,c)
825 -#define Fcntl_l(f,c,a) fcntl(f,c,a)
826 -#define Fcntl_lock(f,c,l) fcntl(f,c,l)
827 #define Ftruncate(f,l) ftruncate(f,l)
828 #define Ftruncate64(f,l) ftruncate64(f,l)
829 -#define Flock(f,o) flock(f,o)
830 -#define Ioctl(d,r,a) ioctl(d,r,a)
831 -#define Ioctl_int(d,r,a) ioctl(d,r,a)
832 #define Close(f) close(f)
833 #define Fchown(f,o,g) fchown(f,o,g)
834 #define Fchmod(f,m) fchmod(f,m)
835 @@ -209,10 +224,7 @@ void Add_history(const char *string);
836 #define Readlink(p,b,s) readlink(p,b,s)
837 #define Chown(p,o,g) chown(p,o,g)
838 #define Chmod(p,m) chmod(p,m)
839 -#define Poll(u, n, t) poll(u, n, t)
840 -#define Select(n,r,w,e,t) select(n,r,w,e,t)
841 #define Fork() fork()
842 -#define Waitpid(p,s,o) waitpid(p,s,o)
843 #define Signal(s,h) signal(s,h)
844 #define Sigaction(s,a,o) sigaction(s,a,o)
845 #define Sigprocmask(h,s,o) sigprocmask(h,s,o)
846 @@ -220,22 +232,14 @@ void Add_history(const char *string);
847 #define Kill(p,s) kill(p,s)
848 #define Link(o,n) link(o,n)
849 #define Execvp(f,a) execvp(f,a)
850 -#define System(s) system(s)
851 #define Socketpair(d,t,p,s) socketpair(d,t,p,s)
852 #define Socket(d,t,p) socket(d,t,p)
853 #define Bind(s,m,a) bind(s,m,a)
854 -#define Connect(s,a,l) connect(s,a,l)
855 #define Listen(s,b) listen(s,b)
856 -#define Accept(s,a,l) accept(s,a,l)
857 #define Getsockname(s,n,l) getsockname(s,n,l)
858 #define Getpeername(s,n,l) getpeername(s,n,l)
859 #define Getsockopt(s,d,n,v,l) getsockopt(s,d,n,v,l)
860 #define Setsockopt(s,d,n,v,l) setsockopt(s,d,n,v,l)
861 -#define Recv(s,b,l,f) recv(s,b,l,f)
862 -#define Recvfrom(s,b,bl,f,fr,fl) recvfrom(s,b,bl,f,fr,fl)
863 -#define Recvmsg(s,m,f) recvmsg(s,m,f)
864 -#define Send(s,m,l,f) send(s,m,l,f)
865 -#define Sendto(s,b,bl,f,t,tl) sendto(s,b,bl,f,t,tl)
866 #define Shutdown(f,h) shutdown(f,h)
867 #define Sleep(s) sleep(s)
868 #define Usleep(u) usleep(u)
869 @@ -259,7 +263,6 @@ void Add_history(const char *string);
870 #define Gethostname(n,l) gethostname(n,l)
871 #define Uname(b) uname(b)
872 #define Atexit(f) atexit(f)
873 -#define Exit(s) exit(s)
874 #define Abort() abort()
875 #define Mkstemp(t) mkstemp(t)
876 #define Setenv(n,v,o) setenv(n,v,o)
877 diff -ruNp socat.master/test.sh socat.fixes/test.sh
878 --- socat.master/test.sh 2015-02-19 21:04:55.805758030 +0100
879 +++ socat.fixes/test.sh 2015-02-19 21:05:12.746668400 +0100
880 @@ -2272,6 +2272,16 @@ gentestdsacert () {
881 cat $name-dsa.pem $name-dh.pem $name.key $name.crt >$name.pem
884 +# generate a test EC key and certificate
887 + if [ -s $name.key -a -s $name.crt -a -s $name.pem ]; then return; fi
888 + openssl ecparam -name secp521r1 -out $name-ec.pem >/dev/null 2>&1
889 + chmod 0400 $name-ec.pem
890 + openssl req -newkey ec:$name-ec.pem -keyout $name.key -nodes -x509 -config $TESTCERT_CONF -out $name.crt -days 3653 >/dev/null 2>&1
891 + cat $name-ec.pem $name.key $name.crt >$name.pem
896 if [ -s $name.key -a -s $name.crt -a -s $name.pem ]; then return; fi
897 @@ -12184,6 +12194,62 @@ else
898 numFAIL=$((numFAIL+1))
899 listFAIL="$listFAIL $N"
908 +# OpenSSL ECDHE ciphers were introduced in socat 1.7.3.0 but in the same release
909 +# they were broken by a porting effort. This test checks if OpenSSL ECDHE works
912 +*%$N%*|*%functions%*|*%bugs%*|*%openssl%*|*%socket%*|*%$NAME%*)
913 +TEST="$NAME: test OpenSSL ECDHE"
914 +# generate a ECDHE key, start an OpenSSL server, connect with a client and try to
916 +if ! eval $NUMCOND; then :; else
917 +tf="$td/test$N.stdout"
918 +te="$td/test$N.stderr"
919 +tdiff="$td/test$N.diff"
920 +da="test$N $(date) $RANDOM"
922 +gentesteccert $TESTSRV
923 +CMD0="$TRACE $SOCAT $opts OPENSSL-LISTEN:$PORT,reuseaddr,cert=testsrvec.crt,key=$TESTSRV.pem,verify=0 PIPE"
924 +CMD1="$TRACE $SOCAT $opts - OPENSSL-CONNECT:$LOCALHOST:$PORT,cipher=ECDHE-ECDSA-AES256-GCM-SHA384,cafile=$TESTSRV.crt"
925 +printf "test $F_n $TEST... " $N
926 +$CMD0 >/dev/null 2>"${te}0" &
928 +waittcp4port $PORT 1
929 +echo "$da" |$CMD1 >"${tf}1" 2>"${te}1"
931 +kill $pid0 2>/dev/null; wait
932 +if [ $rc1 -ne 0 ]; then
933 + $PRINTF "$FAILED\n"
934 + echo "failure symptom: client error" >&2
935 + echo "server and stderr:" >&2
938 + echo "client and stderr:" >&2
941 + numFAIL=$((numFAIL+1))
942 + listFAIL="$listFAIL $N"
943 +elif echo "$da" |diff - "${tf}1" >"$tdiff"; then
947 + $PRINTF "$FAILED\n"
948 + echo "server and stderr:" >&2
951 + echo "client and stderr:" >&2
954 + numFAIL=$((numFAIL+1))
955 + listFAIL="$listFAIL $N"
960 diff -ruNp socat.master/xio-openssl.c socat.fixes/xio-openssl.c
961 --- socat.master/xio-openssl.c 2015-02-19 21:04:55.806758025 +0100
962 +++ socat.fixes/xio-openssl.c 2015-02-19 21:05:12.747668394 +0100
963 @@ -960,7 +960,7 @@ int
967 -#if defined(EC_KEY) /* not on Openindiana 5.11 */
968 +#if HAVE_TYPE_EC_KEY /* not on Openindiana 5.11 */
970 /* see http://openssl.6102.n7.nabble.com/Problem-with-cipher-suite-ECDHE-ECDSA-AES256-SHA384-td42229.html */
972 @@ -982,7 +982,7 @@ int
974 SSL_CTX_set_tmp_ecdh(*ctx, ecdh);
976 -#endif /* !defined(EC_KEY) */
977 +#endif /* HAVE_TYPE_EC_KEY */
979 #if OPENSSL_VERSION_NUMBER >= 0x00908000L