Hello community,

here is the log from the commit of package openssl for openSUSE:Factory checked 
in at 2013-10-17 14:24:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openssl (Old)
 and      /work/SRC/openSUSE:Factory/.openssl.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "openssl"

Changes:
--------
--- /work/SRC/openSUSE:Factory/openssl/openssl.changes  2013-09-27 
19:48:22.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.openssl.new/openssl.changes     2013-10-17 
17:42:54.000000000 +0200
@@ -1,0 +2,6 @@
+Fri Oct 11 12:24:14 UTC 2013 - meiss...@suse.com
+
+- openssl-1.0.1c-ipv6-apps.patch: 
+  Support ipv6 in the openssl s_client / s_server commandline app.
+
+-------------------------------------------------------------------

New:
----
  openssl-1.0.1c-ipv6-apps.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ openssl.spec ++++++
--- /var/tmp/diff_new_pack.Nx2Drp/_old  2013-10-17 17:43:01.000000000 +0200
+++ /var/tmp/diff_new_pack.Nx2Drp/_new  2013-10-17 17:43:01.000000000 +0200
@@ -55,6 +55,8 @@
 Patch10:        openssl-pkgconfig.patch
 Patch11:        SSL_get_certificate-broken.patch
 Patch12:        openssl-1.0.1e-bnc822642.patch
+# From Fedora openssl.
+Patch13:        openssl-1.0.1c-ipv6-apps.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -143,6 +145,7 @@
 %patch10 -p1
 %patch11 -p1
 %patch12 -p1
+%patch13 -p1
 
 cp -p %{S:10} .
 echo "adding/overwriting some entries in the 'table' hash in Configure"

++++++ openssl-1.0.1c-ipv6-apps.patch ++++++
diff -up openssl-1.0.1c/apps/s_apps.h.ipv6-apps openssl-1.0.1c/apps/s_apps.h
--- openssl-1.0.1c/apps/s_apps.h.ipv6-apps      2012-07-11 22:46:02.409221206 
+0200
+++ openssl-1.0.1c/apps/s_apps.h        2012-07-11 22:46:02.451222165 +0200
@@ -148,7 +148,7 @@ typedef fd_mask fd_set;
 #define PORT_STR        "4433"
 #define PROTOCOL        "tcp"
 
-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, 
unsigned char *context), unsigned char *context);
+int do_server(char *port, int type, int *ret, int (*cb) (char *hostname, int 
s, unsigned char *context), unsigned char *context);
 #ifdef HEADER_X509_H
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 #endif
@@ -156,10 +156,9 @@ int MS_CALLBACK verify_callback(int ok,
 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
 #endif
-int init_client(int *sock, char *server, int port, int type);
+int init_client(int *sock, char *server, char *port, int type);
 int should_retry(int i);
-int extract_port(char *str, short *port_ptr);
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
+int extract_host_port(char *str,char **host_ptr,char **port_ptr);
 
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
                                   int argi, long argl, long ret);
diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
--- openssl-1.0.1c/apps/s_client.c.ipv6-apps    2012-07-11 22:46:02.433221754 
+0200
+++ openssl-1.0.1c/apps/s_client.c      2012-07-11 22:46:02.452222187 +0200
@@ -563,7 +563,7 @@ int MAIN(int argc, char **argv)
        int cbuf_len,cbuf_off;
        int sbuf_len,sbuf_off;
        fd_set readfds,writefds;
-       short port=PORT;
+       char *port_str = PORT_STR;
        int full_log=1;
        char *host=SSL_HOST_NAME;
        char *cert_file=NULL,*key_file=NULL;
@@ -664,13 +664,12 @@ int MAIN(int argc, char **argv)
                else if (strcmp(*argv,"-port") == 0)
                        {
                        if (--argc < 1) goto bad;
-                       port=atoi(*(++argv));
-                       if (port == 0) goto bad;
+                       port_str= *(++argv);
                        }
                else if (strcmp(*argv,"-connect") == 0)
                        {
                        if (--argc < 1) goto bad;
-                       if (!extract_host_port(*(++argv),&host,NULL,&port))
+                       if (!extract_host_port(*(++argv),&host,&port_str))
                                goto bad;
                        }
                else if (strcmp(*argv,"-verify") == 0)
@@ -1253,7 +1252,7 @@ bad:
 
 re_start:
 
-       if (init_client(&s,host,port,socket_type) == 0)
+       if (init_client(&s,host,port_str,socket_type) == 0)
                {
                
BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
                SHUTDOWN(s);
diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
--- openssl-1.0.1c/apps/s_server.c.ipv6-apps    2012-07-11 22:46:02.434221777 
+0200
+++ openssl-1.0.1c/apps/s_server.c      2012-07-11 22:46:02.453222210 +0200
@@ -929,7 +929,7 @@ int MAIN(int argc, char *argv[])
        {
        X509_VERIFY_PARAM *vpm = NULL;
        int badarg = 0;
-       short port=PORT;
+       char *port_str = PORT_STR;
        char *CApath=NULL,*CAfile=NULL;
        unsigned char *context = NULL;
        char *dhfile = NULL;
@@ -1000,8 +1000,7 @@ int MAIN(int argc, char *argv[])
                         (strcmp(*argv,"-accept") == 0))
                        {
                        if (--argc < 1) goto bad;
-                       if (!extract_port(*(++argv),&port))
-                               goto bad;
+                       port_str= *(++argv);
                        }
                else if (strcmp(*argv,"-verify") == 0)
                        {
@@ -1878,9 +1877,9 @@ bad:
        BIO_printf(bio_s_out,"ACCEPT\n");
        (void)BIO_flush(bio_s_out);
        if (www)
-               do_server(port,socket_type,&accept_socket,www_body, context);
+               do_server(port_str,socket_type,&accept_socket,www_body, 
context);
        else
-               do_server(port,socket_type,&accept_socket,sv_body, context);
+               do_server(port_str,socket_type,&accept_socket,sv_body, context);
        print_stats(bio_s_out,ctx);
        ret=0;
 end:
diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
--- openssl-1.0.1c/apps/s_socket.c.ipv6-apps    2011-12-02 15:39:40.000000000 
+0100
+++ openssl-1.0.1c/apps/s_socket.c      2012-07-11 22:49:05.411400450 +0200
@@ -102,9 +102,7 @@ static struct hostent *GetHostByName(cha
 static void ssl_sock_cleanup(void);
 #endif
 static int ssl_sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
-static int init_server(int *sock, int port, int type);
-static int init_server_long(int *sock, int port,char *ip, int type);
+static int init_server(int *sock, char *port, int type);
 static int do_accept(int acc_sock, int *sock, char **host);
 static int host_ip(char *str, unsigned char ip[4]);
 
@@ -234,57 +232,70 @@ static int ssl_sock_init(void)
        return(1);
        }
 
-int init_client(int *sock, char *host, int port, int type)
+int init_client(int *sock, char *host, char *port, int type)
        {
-       unsigned char ip[4];
-
-       memset(ip, '\0', sizeof ip);
-       if (!host_ip(host,&(ip[0])))
-               return 0;
-       return init_client_ip(sock,ip,port,type);
-       }
-
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
-       {
-       unsigned long addr;
-       struct sockaddr_in them;
-       int s,i;
+       struct addrinfo *res, *res0, hints;
+       char * failed_call = NULL;
+       int s;
+       int e;
 
        if (!ssl_sock_init()) return(0);
 
-       memset((char *)&them,0,sizeof(them));
-       them.sin_family=AF_INET;
-       them.sin_port=htons((unsigned short)port);
-       addr=(unsigned long)
-               ((unsigned long)ip[0]<<24L)|
-               ((unsigned long)ip[1]<<16L)|
-               ((unsigned long)ip[2]<< 8L)|
-               ((unsigned long)ip[3]);
-       them.sin_addr.s_addr=htonl(addr);
-
-       if (type == SOCK_STREAM)
-               s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-       else /* ( type == SOCK_DGRAM) */
-               s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
-                       
-       if (s == INVALID_SOCKET) { perror("socket"); return(0); }
+       memset(&hints, '\0', sizeof(hints));
+       hints.ai_socktype = type;
+       hints.ai_flags = AI_ADDRCONFIG;
+
+       e = getaddrinfo(host, port, &hints, &res);
+       if (e)
+       {
+               fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
+               if (e == EAI_SYSTEM)
+                       perror("getaddrinfo");
+               return (0);
+               }
 
+       res0 = res;
+       while (res)
+               {
+               s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
+               if (s == INVALID_SOCKET)
+                       {
+                       failed_call = "socket";
+                       goto nextres;
+                       }
 #if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
        if (type == SOCK_STREAM)
                {
-               i=0;
-               i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-               if (i < 0) { perror("keepalive"); return(0); }
+                       int i=0;
+                       i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
+                               (char *)&i,sizeof(i));
+                       if (i < 0) {
+                               failed_call = "keepalive";
+                               goto nextres;
+                               }
                }
 #endif
-
-       if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
-               { closesocket(s); perror("connect"); return(0); }
+               if (connect(s,(struct sockaddr *)res->ai_addr,
+                       res->ai_addrlen) == 0)
+                       {
+                       freeaddrinfo(res0);
        *sock=s;
        return(1);
        }
 
-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, 
unsigned char *context), unsigned char *context)
+               failed_call = "socket";
+nextres:
+               if (s != INVALID_SOCKET)
+                       close(s);
+               res = res->ai_next;
+               }
+       freeaddrinfo(res0);
+
+       perror(failed_call);
+       return(0);
+       }
+
+int do_server(char *port, int type, int *ret, int (*cb)(char *hostname, int s, 
unsigned char *context), unsigned char *context)
        {
        int sock;
        char *name = NULL;
@@ -322,33 +333,50 @@ int do_server(int port, int type, int *r
                }
        }
 
-static int init_server_long(int *sock, int port, char *ip, int type)
+static int init_server(int *sock, char *port, int type)
        {
-       int ret=0;
-       struct sockaddr_in server;
-       int s= -1;
+       struct addrinfo *res, *res0 = NULL, hints;
+       char * failed_call = NULL;
+       int s = INVALID_SOCKET;
+       int e;
 
        if (!ssl_sock_init()) return(0);
 
-       memset((char *)&server,0,sizeof(server));
-       server.sin_family=AF_INET;
-       server.sin_port=htons((unsigned short)port);
-       if (ip == NULL)
-               server.sin_addr.s_addr=INADDR_ANY;
-       else
-/* Added for T3E, address-of fails on bit field (beck...@acl.lanl.gov) */
-#ifndef BIT_FIELD_LIMITS
-               memcpy(&server.sin_addr.s_addr,ip,4);
-#else
-               memcpy(&server.sin_addr,ip,4);
-#endif
+       memset(&hints, '\0', sizeof(hints));
+       hints.ai_family = AF_INET6;
+tryipv4:
+       hints.ai_socktype = type;
+       hints.ai_flags = AI_PASSIVE;
        
-               if (type == SOCK_STREAM)
-                       s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-               else /* type == SOCK_DGRAM */
-                       s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
+       e = getaddrinfo(NULL, port, &hints, &res);
+       if (e)
+               {
+               if (hints.ai_family == AF_INET)
+                       {
+                       fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
+                       if (e == EAI_SYSTEM)
+                               perror("getaddrinfo");
+                       return (0);
+                       }
+                       else
+                               res = NULL;
+               }
 
-       if (s == INVALID_SOCKET) goto err;
+       res0 = res;
+       while (res)
+               {
+               s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
+               if (s == INVALID_SOCKET)
+                       {
+                       failed_call = "socket";
+                       goto nextres;
+                       }
+               if (hints.ai_family == AF_INET6)
+                       {
+                       int j = 0;
+                       setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
+                                  (void *) &j, sizeof j);
+                       }
 #if defined SOL_SOCKET && defined SO_REUSEADDR
                {
                int j = 1;
@@ -356,35 +384,49 @@ static int init_server_long(int *sock, i
                           (void *) &j, sizeof j);
                }
 #endif
-       if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+
+               if (bind(s,(struct sockaddr *)res->ai_addr, res->ai_addrlen) == 
-1)
                {
-#ifndef OPENSSL_SYS_WINDOWS
-               perror("bind");
-#endif
-               goto err;
+                       failed_call = "bind";
+                       goto nextres;
                }
-       /* Make it 128 for linux */
-       if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
-       *sock=s;
-       ret=1;
-err:
-       if ((ret == 0) && (s != -1))
+               if (type==SOCK_STREAM && listen(s,128) == -1)
                {
-               SHUTDOWN(s);
+                       failed_call = "listen";
+                       goto nextres;
                }
-       return(ret);
+
+               *sock=s;
+               return(1);
+
+nextres:
+               if (s != INVALID_SOCKET)
+                       close(s);
+               res = res->ai_next;
        }
+       if (res0)
+               freeaddrinfo(res0);
 
-static int init_server(int *sock, int port, int type)
+       if (s == INVALID_SOCKET)
        {
-       return(init_server_long(sock, port, NULL, type));
+               if (hints.ai_family == AF_INET6)
+               {
+                       hints.ai_family = AF_INET;
+                       goto tryipv4;
+               }
+               perror("socket");
+               return(0);
+       }
+
+       perror(failed_call);
+       return(0);
        }
 
 static int do_accept(int acc_sock, int *sock, char **host)
        {
+       static struct sockaddr_storage from;
+       char buffer[NI_MAXHOST];
        int ret;
-       struct hostent *h1,*h2;
-       static struct sockaddr_in from;
        int len;
 /*     struct linger ling; */
 
@@ -431,135 +473,58 @@ redoit:
 */
 
        if (host == NULL) goto end;
-#ifndef BIT_FIELD_LIMITS
-       /* I should use WSAAsyncGetHostByName() under windows */
-       h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
-               sizeof(from.sin_addr.s_addr),AF_INET);
-#else
-       h1=gethostbyaddr((char *)&from.sin_addr,
-               sizeof(struct in_addr),AF_INET);
-#endif
-       if (h1 == NULL)
+
+       if (getnameinfo((struct sockaddr *)&from, sizeof(from),
+               buffer, sizeof(buffer),
+               NULL, 0, 0))
                {
-               BIO_printf(bio_err,"bad gethostbyaddr\n");
+               BIO_printf(bio_err,"getnameinfo failed\n");
                *host=NULL;
                /* return(0); */
                }
        else
                {
-               if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == 
NULL)
+               if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
                        {
                        perror("OPENSSL_malloc");
                        return(0);
                        }
-               BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
-
-               h2=GetHostByName(*host);
-               if (h2 == NULL)
-                       {
-                       BIO_printf(bio_err,"gethostbyname failure\n");
-                       return(0);
-                       }
-               if (h2->h_addrtype != AF_INET)
-                       {
-                       BIO_printf(bio_err,"gethostbyname addr is not 
AF_INET\n");
-                       return(0);
-                       }
+               strcpy(*host, buffer);
                }
 end:
        *sock=ret;
        return(1);
        }
 
-int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
-            short *port_ptr)
+int extract_host_port(char *str, char **host_ptr, 
+            char **port_ptr)
        {
-       char *h,*p;
+       char *h,*p,*x;
 
-       h=str;
-       p=strchr(str,':');
+       x=h=str;
+       if (*h == '[')
+               {
+               h++;
+               p=strchr(h,']');
        if (p == NULL)
                {
-               BIO_printf(bio_err,"no port defined\n");
+                       BIO_printf(bio_err,"no ending bracket for IPv6 
address\n");
                return(0);
                }
        *(p++)='\0';
-
-       if ((ip != NULL) && !host_ip(str,ip))
-               goto err;
-       if (host_ptr != NULL) *host_ptr=h;
-
-       if (!extract_port(p,port_ptr))
-               goto err;
-       return(1);
-err:
-       return(0);
+               x = p;
        }
-
-static int host_ip(char *str, unsigned char ip[4])
-       {
-       unsigned int in[4]; 
-       int i;
-
-       if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
-               {
-               for (i=0; i<4; i++)
-                       if (in[i] > 255)
-                               {
-                               BIO_printf(bio_err,"invalid IP address\n");
-                               goto err;
-                               }
-               ip[0]=in[0];
-               ip[1]=in[1];
-               ip[2]=in[2];
-               ip[3]=in[3];
-               }
-       else
-               { /* do a gethostbyname */
-               struct hostent *he;
-
-               if (!ssl_sock_init()) return(0);
-
-               he=GetHostByName(str);
-               if (he == NULL)
-                       {
-                       BIO_printf(bio_err,"gethostbyname failure\n");
-                       goto err;
-                       }
-               /* cast to short because of win16 winsock definition */
-               if ((short)he->h_addrtype != AF_INET)
+       p=strchr(x,':');
+       if (p == NULL)
                        {
-                       BIO_printf(bio_err,"gethostbyname addr is not 
AF_INET\n");
-                       return(0);
-                       }
-               ip[0]=he->h_addr_list[0][0];
-               ip[1]=he->h_addr_list[0][1];
-               ip[2]=he->h_addr_list[0][2];
-               ip[3]=he->h_addr_list[0][3];
-               }
-       return(1);
-err:
+               BIO_printf(bio_err,"no port defined\n");
        return(0);
        }
+       *(p++)='\0';
 
-int extract_port(char *str, short *port_ptr)
-       {
-       int i;
-       struct servent *s;
+       if (host_ptr != NULL) *host_ptr=h;
+       if (port_ptr != NULL) *port_ptr=p;
 
-       i=atoi(str);
-       if (i != 0)
-               *port_ptr=(unsigned short)i;
-       else
-               {
-               s=getservbyname(str,"tcp");
-               if (s == NULL)
-                       {
-                       BIO_printf(bio_err,"getservbyname failure for 
%s\n",str);
-                       return(0);
-                       }
-               *port_ptr=ntohs((unsigned short)s->s_port);
-               }
        return(1);
        }
 

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to