Attachment 152365 Details for Bug 197192 – svn diff of net/socat

[patch] svn diff of net/socat

patch-socat-libressl (text/plain), 16.98 KB, created by Bernard Spil on 2015-01-30 08:26:21 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Bernard Spil

Created: 2015-01-30 08:26:21 UTC

Size: 16.98 KB

patch

obsolete

>Index: socat/Makefile
>===================================================================
>--- socat/Makefile	(revision 378139)
>+++ socat/Makefile	(working copy)
>@@ -12,7 +12,7 @@
> 
> LICENSE=	GPLv2
> 
>-USES=		compiler tar:bzip2
>+USES=		compiler tar:bzip2 cpe
> GNU_CONFIGURE=	yes
> USE_RC_SUBR=	socat
> USE_OPENSSL=	yes
>Index: socat/files/patch-doc_socat.1
>===================================================================
>--- socat/files/patch-doc_socat.1	(revision 0)
>+++ socat/files/patch-doc_socat.1	(working copy)
>@@ -0,0 +1,42 @@
>+--- doc/socat.1.orig	2015-01-24 16:30:52 UTC
>++++ doc/socat.1
>+@@ -2904,10 +2904,6 @@ in this file\&.
>+ Specifies the directory with the trusted (root) certificates\&. The directory
>+ must contain certificates in PEM format and their hashes (see OpenSSL
>+ documentation) 
>+-.IP "\fB\f(CWegd=<filename>\fP\fP"
>+-On some systems, openssl requires an explicit source of random data\&. Specify
>+-the socket name where an entropy gathering daemon like egd provides random
>+-data, e\&.g\&. /dev/egd\-pool\&.
>+ .IP "\fB\f(CWpseudo\fP\fP"
>+ On systems where openssl cannot find an entropy source and where no entropy
>+ gathering daemon can be utilized, this option activates a mechanism for
>+@@ -3397,11 +3393,11 @@ connection, invokes a shell\&. This shel
>+ connected to the TCP socket (nofork)\&. The shell starts filan and lets it print the socket addresses to
>+ stderr (your terminal window)\&.
>+ .IP 
>+-.IP "\fB\f(CWecho \-e \(dq\&\e0\e14\e0\e0\ec\(dq\& |socat \-u \- file:/usr/bin/squid\&.exe,seek=0x00074420\fP\fP"
>++.IP "\fB\f(CWecho \-e \(dq\&\e0\e14\e0\e0\ec\(dq\& |socat \-u \- file:${LOCALBASE}/bin/squid\&.exe,seek=0x00074420\fP\fP"
>+ 
>+ .IP 
>+ functions as primitive binary editor: it writes the 4 bytes 000 014 000 000 to
>+-the executable /usr/bin/squid at offset 0x00074420 (this is a real world patch
>++the executable ${LOCALBASE}/bin/squid at offset 0x00074420 (this is a real world patch
>+ to make the squid executable from Cygwin run under Windows, actual per May 2004)\&.
>+ .IP 
>+ .IP "\fB\f(CWsocat \- tcp:www\&.blackhat\&.org:31337,readbytes=1000\fP\fP"
>+@@ -3524,11 +3520,11 @@ error\&. 
>+ .SH "FILES"
>+ 
>+ .PP 
>+-/usr/bin/socat 
>++${LOCALBASE}/bin/socat 
>+ .br 
>+-/usr/bin/filan 
>++${LOCALBASE}/bin/filan 
>+ .br 
>+-/usr/bin/procan
>++${LOCALBASE}/bin/procan
>+ .PP 
>+ .SH "ENVIRONMENT VARIABLES"
>+ 
>
>Property changes on: socat/files/patch-doc_socat.1
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Index: socat/files/patch-doc_socat.html
>===================================================================
>--- socat/files/patch-doc_socat.html	(revision 0)
>+++ socat/files/patch-doc_socat.html	(working copy)
>@@ -0,0 +1,39 @@
>+--- doc/socat.html.orig	2015-01-24 16:31:04 UTC
>++++ doc/socat.html
>+@@ -2781,10 +2781,6 @@ These options apply to the <a href="soca
>+ Specifies the directory with the trusted (root) certificates. The directory
>+ must contain certificates in PEM format and their hashes (see OpenSSL
>+ documentation) 
>+-<a name="OPTION_OPENSSL_EGD"></a><dt><code>egd=&lt;filename&gt;</code><dd>
>+- On some systems, openssl requires an explicit source of random data. Specify
>+- the socket name where an entropy gathering daemon like egd provides random
>+- data, e.g. /dev/egd-pool.
>+ <a name="OPTION_OPENSSL_PSEUDO"></a><dt><code>pseudo</code><dd>
>+ On systems where openssl cannot find an entropy source and where no entropy
>+ gathering daemon can be utilized, this option activates a mechanism for
>+@@ -3309,10 +3305,10 @@ connection, invokes a shell. This shell 
>+ connected to the TCP socket (<a href="socat.html#OPTION_NOFORK">nofork</a>). The shell starts filan and lets it print the socket addresses to
>+ stderr (your terminal window).
>+ 
>+-<dt><code>echo -e "\0\14\0\0\c" |socat -u - file:/usr/bin/squid.exe,seek=0x00074420</code><dd>
>++<dt><code>echo -e "\0\14\0\0\c" |socat -u - file:${LOCALBASE}/bin/squid.exe,seek=0x00074420</code><dd>
>+ 
>+ functions as primitive binary editor: it writes the 4 bytes 000 014 000 000 to
>+-the executable /usr/bin/squid at offset 0x00074420 (this is a real world patch
>++the executable ${LOCALBASE}/bin/squid at offset 0x00074420 (this is a real world patch
>+ to make the squid executable from Cygwin run under Windows, actual per May 2004).
>+ 
>+ <dt><code>socat - tcp:www.blackhat.org:31337,readbytes=1000</code><dd>
>+@@ -3430,9 +3426,9 @@ error. 
>+ <a name="FILES"></a>
>+ <h2>FILES</h2>
>+ 
>+-/usr/bin/socat 
>+-/usr/bin/filan 
>+-/usr/bin/procan
>++${LOCALBASE}/bin/socat 
>++${LOCALBASE}/bin/filan 
>++${LOCALBASE}/bin/procan
>+ 
>+ <a name="ENVIRONMENT_VARIABLES"></a>
>+ <h2>ENVIRONMENT VARIABLES</h2>
>
>Property changes on: socat/files/patch-doc_socat.html
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Index: socat/files/patch-doc_xio.help
>===================================================================
>--- socat/files/patch-doc_xio.help	(revision 0)
>+++ socat/files/patch-doc_xio.help	(working copy)
>@@ -0,0 +1,22 @@
>+--- doc/xio.help.orig	2013-06-23 06:16:48 UTC
>++++ doc/xio.help
>+@@ -4566,19 +4566,6 @@ must contain certificates in PEM format 
>+ documentation) 
>+ 
>+ 
>+-Option: openssl-egd=file
>+-Aliases: egd
>+-
>+-Type: FILENAME
>+-Option group: OPENSSL
>+-Phase: SPEC
>+-Platforms: (depends on openssl installation)
>+-
>+-On some systems, openssl requires an explicit source of random data. Specify
>+-the socket name where an entropy gathering daemon like egd provides random
>+-data, e.g. /dev/egd-pool.
>+-
>+-
>+ Option: openssl-pseudo
>+ Aliases: pseudo
>+ 
>
>Property changes on: socat/files/patch-doc_xio.help
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Index: socat/files/patch-error.h
>===================================================================
>--- socat/files/patch-error.h	(revision 378139)
>+++ socat/files/patch-error.h	(working copy)
>@@ -1,4 +1,4 @@
>---- error.h.orig	2015-01-26 09:59:47 UTC
>+--- error.h.orig	2015-01-24 10:15:22 UTC
> +++ error.h
> @@ -229,8 +229,8 @@ struct diag_dgram {
> } ;
>Index: socat/files/patch-sslcls.c
>===================================================================
>--- socat/files/patch-sslcls.c	(revision 0)
>+++ socat/files/patch-sslcls.c	(working copy)
>@@ -0,0 +1,26 @@
>+--- sslcls.c.orig	2015-01-24 10:15:22 UTC
>++++ sslcls.c
>+@@ -331,14 +331,6 @@ void sycSSL_free(SSL *ssl) {
>+ return;
>+ }
>+ 
>+-int sycRAND_egd(const char *path) {
>+- int result;
>+- Debug1("RAND_egd(\"%s\")", path);
>+- result = RAND_egd(path);
>+- Debug1("RAND_egd() -> %d", result);
>+- return result;
>+-}
>+-
>+ DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) {
>+ DH *result;
>+ Debug4("PEM_read_bio_DHparams(%p, %p, %p, %p)",
>+@@ -375,7 +367,7 @@ int sycFIPS_mode_set(int onoff) {
>+ }
>+ #endif /* WITH_FIPS */
>+ 
>+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
>++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
>+ const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl) {
>+ const COMP_METHOD *result;
>+ Debug1("SSL_get_current_compression(%p)", ssl);
>
>Property changes on: socat/files/patch-sslcls.c
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Index: socat/files/patch-sslcls.h
>===================================================================
>--- socat/files/patch-sslcls.h	(revision 0)
>+++ socat/files/patch-sslcls.h	(working copy)
>@@ -0,0 +1,27 @@
>+--- sslcls.h.orig	2015-01-24 10:15:22 UTC
>++++ sslcls.h
>+@@ -47,7 +47,6 @@ X509 *sycSSL_get_peer_certificate(SSL *s
>+ int sycSSL_shutdown(SSL *ssl);
>+ void sycSSL_CTX_free(SSL_CTX *ctx);
>+ void sycSSL_free(SSL *ssl);
>+-int sycRAND_egd(const char *path);
>+ 
>+ DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
>+ 
>+@@ -55,7 +54,7 @@ BIO *sycBIO_new_file(const char *filenam
>+ 
>+ int sycFIPS_mode_set(int onoff);
>+ 
>+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
>++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
>+ const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl);
>+ const COMP_METHOD *sycSSL_get_current_expansion(SSL *ssl);
>+ const char *sycSSL_COMP_get_name(const COMP_METHOD *comp);
>+@@ -98,7 +97,6 @@ const char *sycSSL_COMP_get_name(const C
>+ #define sycSSL_shutdown(s) SSL_shutdown(s)
>+ #define sycSSL_CTX_free(c) SSL_CTX_free(c)
>+ #define sycSSL_free(s) SSL_free(s)
>+-#define sycRAND_egd(p) RAND_egd(p)
>+ 
>+ #define sycPEM_read_bio_DHparams(b,x,p,u) PEM_read_bio_DHparams(b,x,p,u)
>+ 
>
>Property changes on: socat/files/patch-sslcls.h
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Index: socat/files/patch-test.sh
>===================================================================
>--- socat/files/patch-test.sh	(revision 0)
>+++ socat/files/patch-test.sh	(working copy)
>@@ -0,0 +1,12 @@
>+--- test.sh.orig	2015-01-24 10:15:22 UTC
>++++ test.sh
>+@@ -576,9 +576,6 @@ filloptionvalues() {
>+ *,dh,*) OPTS=$(echo "$OPTS" |sed "s/,dh,/,dh=/tmp/hugo,/g");;
>+ esac
>+ case "$OPTS" in
>+- *,egd,*) OPTS=$(echo "$OPTS" |sed "s/,egd,/,egd=/tmp/hugo,/g");;
>+- esac
>+- case "$OPTS" in
>+ *,compress,*) OPTS=$(echo "$OPTS" |sed "s/,compress,/,compress=none,/g");;
>+ esac
>+ # PROXY
>
>Property changes on: socat/files/patch-test.sh
>___________________________________________________________________
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Index: socat/files/patch-xio-openssl.c
>===================================================================
>--- socat/files/patch-xio-openssl.c	(revision 0)
>+++ socat/files/patch-xio-openssl.c	(working copy)
>@@ -0,0 +1,55 @@
>+--- xio-openssl.c.orig	2015-01-24 14:33:42 UTC
>++++ xio-openssl.c
>+@@ -108,7 +108,6 @@ const struct optdesc opt_openssl_key 
>+ const struct optdesc opt_openssl_dhparam = { "openssl-dhparam", "dh", OPT_OPENSSL_DHPARAM, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
>+ const struct optdesc opt_openssl_cafile = { "openssl-cafile", "cafile", OPT_OPENSSL_CAFILE, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
>+ const struct optdesc opt_openssl_capath = { "openssl-capath", "capath", OPT_OPENSSL_CAPATH, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
>+-const struct optdesc opt_openssl_egd = { "openssl-egd", "egd", OPT_OPENSSL_EGD, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
>+ const struct optdesc opt_openssl_pseudo = { "openssl-pseudo", "pseudo", OPT_OPENSSL_PSEUDO, GROUP_OPENSSL, PH_SPEC, TYPE_BOOL, OFUNC_SPEC };
>+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
>+ const struct optdesc opt_openssl_compress = { "openssl-compress", "compress", OPT_OPENSSL_COMPRESS, GROUP_OPENSSL, PH_SPEC, TYPE_STRING, OFUNC_SPEC };
>+@@ -147,7 +146,7 @@ int xio_reset_fips_mode(void) {
>+ static void openssl_conn_loginfo(SSL *ssl) {
>+ Notice1("SSL connection using %s", SSL_get_cipher(ssl));
>+ 
>+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
>++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
>+ {
>+ const COMP_METHOD *comp, *expansion;
>+ 
>+@@ -722,7 +721,6 @@ int
>+ char *opt_dhparam = NULL;	/* file name of DH params */
>+ char *opt_cafile = NULL;	/* certificate authority file */
>+ char *opt_capath = NULL;	/* certificate authority directory */
>+- char *opt_egd = NULL;	/* entropy gathering daemon socket path */
>+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
>+ char *opt_compress = NULL;	/* compression method */
>+ #endif
>+@@ -741,7 +739,6 @@ int
>+ retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath);
>+ retropt_string(opts, OPT_OPENSSL_KEY, &opt_key);
>+ retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam);
>+- retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd);
>+ retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo);
>+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
>+ retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress);
>+@@ -877,10 +874,6 @@ int
>+ }
>+ }
>+ 
>+- if (opt_egd) {
>+- sycRAND_egd(opt_egd);
>+- }
>+-
>+ if (opt_pseudo) {
>+ long int randdata;
>+ /* initialize libc random from actual microseconds */
>+@@ -1098,7 +1091,7 @@ static int openssl_SSL_ERROR_SSL(int lev
>+ if (e == ((ERR_LIB_RAND<<24)|
>+ 		(RAND_F_SSLEAY_RAND_BYTES<<12)|
>+ 		(RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) {
>+-	 Error("too few entropy; use options \"egd\" or \"pseudo\"");
>++	 Error("too few entropy; use options \"pseudo\"");
>+ 	 stat = STAT_NORETRY;
>+ } else {
>+ 	 Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf));
>
>Property changes on: socat/files/patch-xio-openssl.c
>___________________________________________________________________
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Index: socat/files/patch-xio-openssl.h
>===================================================================
>--- socat/files/patch-xio-openssl.h	(revision 0)
>+++ socat/files/patch-xio-openssl.h	(working copy)
>@@ -0,0 +1,10 @@
>+--- xio-openssl.h.orig	2015-01-24 10:15:22 UTC
>++++ xio-openssl.h
>+@@ -21,7 +21,6 @@ extern const struct optdesc opt_openssl_
>+ extern const struct optdesc opt_openssl_dhparam;
>+ extern const struct optdesc opt_openssl_cafile;
>+ extern const struct optdesc opt_openssl_capath;
>+-extern const struct optdesc opt_openssl_egd;
>+ extern const struct optdesc opt_openssl_pseudo;
>+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
>+ extern const struct optdesc opt_openssl_compress;
>
>Property changes on: socat/files/patch-xio-openssl.h
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Index: socat/files/patch-xioopts.c
>===================================================================
>--- socat/files/patch-xioopts.c	(revision 0)
>+++ socat/files/patch-xioopts.c	(working copy)
>@@ -0,0 +1,18 @@
>+--- xioopts.c.orig	2015-01-24 10:15:22 UTC
>++++ xioopts.c
>+@@ -412,7 +412,6 @@ const struct optname optionnames[] = {
>+ #ifdef ECHOPRT
>+ 	IF_TERMIOS("echoprt",	&opt_echoprt)
>+ #endif
>+-	IF_OPENSSL("egd",	&opt_openssl_egd)
>+ 	IF_ANY ("end-close",	&opt_end_close)
>+ 	IF_TERMIOS("eof",	&opt_veof)
>+ 	IF_TERMIOS("eol",	&opt_veol)
>+@@ -1102,7 +1101,6 @@ const struct optname optionnames[] = {
>+ 	IF_OPENSSL("openssl-compress",	&opt_openssl_compress)
>+ #endif
>+ 	IF_OPENSSL("openssl-dhparam",	&opt_openssl_dhparam)
>+-	IF_OPENSSL("openssl-egd",	&opt_openssl_egd)
>+ #if WITH_FIPS
>+ 	IF_OPENSSL("openssl-fips",	&opt_openssl_fips)
>+ #endif
>
>Property changes on: socat/files/patch-xioopts.c
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
>Index: socat/files/patch-xioopts.h
>===================================================================
>--- socat/files/patch-xioopts.h	(revision 0)
>+++ socat/files/patch-xioopts.h	(working copy)
>@@ -0,0 +1,10 @@
>+--- xioopts.h.orig	2015-01-24 10:15:22 UTC
>++++ xioopts.h
>+@@ -478,7 +478,6 @@ enum e_optcode {
>+ OPT_OPENSSL_COMPRESS,
>+ #endif
>+ OPT_OPENSSL_DHPARAM,
>+- OPT_OPENSSL_EGD,
>+ OPT_OPENSSL_FIPS,
>+ OPT_OPENSSL_KEY,
>+ OPT_OPENSSL_METHOD,
>
>Property changes on: socat/files/patch-xioopts.h
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property

Actions: View | Diff

Attachments on bug 197192: 152365 | 152366