bd2d3975d9
- create debug packages OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=44
111 lines
3.7 KiB
Diff
111 lines
3.7 KiB
Diff
--- src/stunnel.c 2011/06/18 04:05:08 1.1
|
|
+++ src/stunnel.c 2011/06/18 04:09:42
|
|
@@ -496,11 +496,9 @@
|
|
#endif
|
|
|
|
static int setup_fd(int fd, int nonblock, char *msg) {
|
|
-#ifdef USE_WIN32
|
|
- unsigned long l;
|
|
-#else /* USE_WIN32 */
|
|
- int err, flags;
|
|
-#endif /* USE_WIN32 */
|
|
+#ifdef FD_CLOEXEC
|
|
+ int err;
|
|
+#endif /* FD_CLOEXEC */
|
|
|
|
if(fd<0) {
|
|
sockerror(msg);
|
|
@@ -512,11 +510,33 @@
|
|
closesocket(fd);
|
|
return -1;
|
|
}
|
|
+
|
|
#ifndef USE_NEW_LINUX_API
|
|
-#if defined F_GETFL && defined F_SETFL && defined O_NONBLOCK && !defined __INNOTEK_LIBC__
|
|
+ set_nonblock(fd, nonblock);
|
|
+#ifdef FD_CLOEXEC
|
|
+ do {
|
|
+ err=fcntl(fd, F_SETFD, FD_CLOEXEC);
|
|
+ } while(err<0 && get_last_socket_error()==EINTR);
|
|
+ if(err<0)
|
|
+ sockerror("fcntl SETFD"); /* non-critical */
|
|
+#endif /* FD_CLOEXEC */
|
|
+#endif /* USE_NEW_LINUX_API */
|
|
+ s_log(LOG_DEBUG, "%s: FD=%d allocated (%sblocking mode)",
|
|
+ msg, fd, nonblock?"non-":"");
|
|
+ return fd;
|
|
+}
|
|
+
|
|
+void set_nonblock(int fd, unsigned long nonblock) {
|
|
+#if defined F_GETFL && defined F_SETFL && defined O_NONBLOCK && !defined __INNOTEK_LIBC__
|
|
+ int err, flags;
|
|
+
|
|
do {
|
|
flags=fcntl(fd, F_GETFL, 0);
|
|
} while(flags<0 && get_last_socket_error()==EINTR);
|
|
+ if(flags<0) {
|
|
+ sockerror("fcntl GETFL"); /* non-critical */
|
|
+ return;
|
|
+ }
|
|
if(nonblock)
|
|
flags|=O_NONBLOCK;
|
|
else
|
|
--- src/prototypes.h 2011-06-18 12:14:22.883741503 +0200
|
|
+++ src/prototypes.h 2011-06-17 15:14:24.000000000 +0200
|
|
@@ -154,6 +154,7 @@
|
|
SOCKADDR_LIST local_addr, remote_addr, source_addr;
|
|
char *username;
|
|
char *remote_address;
|
|
+ char *host_name;
|
|
int timeout_busy; /* maximum waiting for data time */
|
|
int timeout_close; /* maximum close_notify time */
|
|
int timeout_connect; /* maximum connect() time */
|
|
@@ -322,7 +323,6 @@
|
|
void child_status(void); /* dead libwrap or 'exec' process detected */
|
|
#endif
|
|
int set_socket_options(int, int);
|
|
-void set_nonblock(int, unsigned long);
|
|
int get_socket_error(const int);
|
|
|
|
/**************************************** prototypes for client.c */
|
|
@@ -333,24 +333,26 @@
|
|
} FD;
|
|
|
|
typedef struct {
|
|
+ SSL *ssl; /* SSL connnection */
|
|
SERVICE_OPTIONS *opt;
|
|
- char accepted_address[IPLEN]; /* text */
|
|
+ jmp_buf err; /* exception handler */
|
|
+
|
|
+ char accepted_address[IPLEN]; /* IP address as text for logging */
|
|
SOCKADDR_LIST peer_addr; /* peer address */
|
|
FD local_rfd, local_wfd; /* read and write local descriptors */
|
|
FD remote_fd; /* remote file descriptor */
|
|
- SSL *ssl; /* SSL Connection */
|
|
SOCKADDR_LIST bind_addr;
|
|
/* IP for explicit local bind or transparent proxy */
|
|
- unsigned long pid; /* PID of local process */
|
|
+ unsigned long pid; /* PID of the local process */
|
|
int fd; /* temporary file descriptor */
|
|
- jmp_buf err;
|
|
|
|
+ /* data for transfer() function */
|
|
char sock_buff[BUFFSIZE]; /* socket read buffer */
|
|
char ssl_buff[BUFFSIZE]; /* SSL read buffer */
|
|
int sock_ptr, ssl_ptr; /* index of first unused byte in buffer */
|
|
FD *sock_rfd, *sock_wfd; /* read and write socket descriptors */
|
|
FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
|
|
- int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
|
|
+ int sock_bytes, ssl_bytes; /* bytes written to socket and SSL */
|
|
s_poll_set fds; /* file descriptors */
|
|
} CLI;
|
|
|
|
@@ -408,6 +410,7 @@
|
|
int ready; /* number of ready file descriptors */
|
|
time_t finish; /* when to finish poll() for this context */
|
|
struct CONTEXT_STRUCTURE *next; /* next context on a list */
|
|
+ void *tls; /* thread local storage for str.c */
|
|
} CONTEXT;
|
|
extern CONTEXT *ready_head, *ready_tail;
|
|
extern CONTEXT *waiting_head, *waiting_tail;
|