~ubuntu-branches/ubuntu/precise/stunnel4/precise-security

Committer: Bazaar Package Importer
Author(s): Julien Lemoine
Date: 2005-04-20 21:07:50 UTC
mfrom: (1.1.1 upstream) (2.1.1 hoary)
Revision ID: james.westby@ubuntu.com-20050420210750-0vk5fj5vh75o4d00

Tags: 2:4.090-1

http://bugs.debian.org/305259

* New upstream release
* include better stunnel3 compability script from upstream, options
like -cd can now be use instead of -c -d ...
(closes: #305259)
* Added depends on perl-modules to allow use of stunnel3 compatibilty script

files added:
auto/depcomp

debian/connect-proxy_dunbar.patch

debian/stunnel4.logrotate

src/network.c

src/resolver.c

src/stunnel.exe

src/stunnel3.in

files removed:
Makefile

build-stamp

doc/Makefile

doc/stunnel4.8

libtool

src/.libs

src/.libs/libstunnel.la

src/.libs/libstunnel.lai

src/.libs/libstunnel.so

src/Makefile

src/client.o

src/env.lo

src/env.o

src/libstunnel.la

src/log.o

src/options.o

src/protocol.o

src/pty.o

src/sselect.c

src/sselect.o

src/ssl.o

src/sthreads.o

src/stunnel

src/stunnel.o

tools/Makefile

tools/stunnel.conf-sample

tools/stunnel.init

files modified:
BUGS

ChangeLog

Makefile.am

Makefile.in

TODO

aclocal.m4

auto/config.guess

auto/config.sub

auto/install-sh

auto/ltmain.sh

auto/missing

auto/mkinstalldirs

configure

configure.ac

debian/changelog

debian/control

debian/postinst

debian/rules

debian/stunnel4.0stunnel4.ppp.ip-down

debian/stunnel4.0stunnel4.ppp.ip-up

debian/stunnel4.default

debian/stunnel4.init

doc/Makefile.am

doc/Makefile.in

doc/stunnel.8

doc/stunnel.fr.8

doc/stunnel.fr.html

doc/stunnel.fr.pod

doc/stunnel.html

doc/stunnel.pl.8

doc/stunnel.pl.html

doc/stunnel.pl.pod

doc/stunnel.pod

src/Makefile.am

src/Makefile.in

src/Makefile.w32

src/client.c

src/common.h

src/env.c

src/gui.c

src/log.c

src/options.c

src/protocol.c

src/prototypes.h

src/pty.c

src/resources.rc

src/ssl.c

src/sthreads.c

src/stunnel.c

tools/Makefile.am

tools/Makefile.in

tools/script.sh

tools/stunnel.conf-sample.in

tools/stunnel.mak

tools/stunnel.spec *

Show diffs side-by-side

added added

removed removed

src/prototypes.h

* stunnel Universal SSL tunnel

* This program is free software; you can redistribute it and/or modify

#include "common.h"

/**************************************** Network data structure */

#define MAX_HOSTS 16

typedef union sockaddr_union {

struct sockaddr sa;

struct sockaddr_in in;

#if defined(USE_IPv6) || defined(USE_WIN32)

struct sockaddr_in6 in6;

#endif

} SOCKADDR_UNION;

typedef struct sockaddr_list { /* list of addresses */

SOCKADDR_UNION addr[MAX_HOSTS]; /* the list of addresses */

u16 cur; /* current address for round-robin */

u16 num; /* how many addresses are used */

} SOCKADDR_LIST;

/**************************************** Prototypes for stunnel.c */

extern int num_clients;

void main_initialize(char *, char *);

void main_execute(void);

void ioerror(char *);

void sockerror(char *);

void log_error(int, int, char *);

char *my_strerror(int);

int set_socket_options(int, int);

char *stunnel_info(void);

int alloc_fd(int);

char *safe_ntoa(char *, struct in_addr);

/**************************************** Prototypes for ssl.c */

typedef enum {

COMP_NONE, COMP_ZLIB, COMP_RLE

} COMP_TYPE;

void ssl_init(void);

void context_init(void);

void context_free(void);

void sslerror(char *);

void log_open(void);

void log_close(void);

#if defined (USE_WIN32) || defined (__vms)

/* This conflicts with the "double log (double __x)" routine from math.h */

#define log stunnel_log

#endif

void log(int, const char *, ...)

void s_log(int, const char *, ...)

#ifdef __GNUC__

__attribute__ ((format (printf, 2, 3)));

#else

;

#endif

void ioerror(const char *);

void sockerror(const char *);

void log_error(int, int, const char *);

char *my_strerror(int);

/**************************************** Prototypes for sthreads.c */

typedef enum {

CRIT_KEYGEN, CRIT_NTOA, CRIT_CLIENTS, CRIT_WIN_LOG, CRIT_SECTIONS

} section_code;

CRIT_KEYGEN, CRIT_INET, CRIT_CLIENTS, CRIT_WIN_LOG, CRIT_SESSION,

CRIT_SECTIONS

} SECTION_CODE;

void enter_critical_section(section_code);

void leave_critical_section(section_code);

void enter_critical_section(SECTION_CODE);

void leave_critical_section(SECTION_CODE);

void sthreads_init(void);

unsigned long stunnel_process_id(void);

unsigned long stunnel_thread_id(void);

111

112

typedef struct {

113

/* some data for SSL initialization in ssl.c */

114

COMP_TYPE compression; /* compression type */

115

116

#if (SSLEAY_VERSION_NUMBER >= 0x00907000L) && defined(HAVE_OSSL_ENGINE_H)

117

char *engine; /* hardware SSL engine */

118

#endif

119

char *ca_dir; /* directory for hashed certs */

120

char *ca_file; /* file containing bunches of certs */

121

char *crl_dir; /* directory for hashed CRLs */

149

171

extern GLOBAL_OPTIONS options;

150

172

151

173

typedef struct local_options {

152

struct local_options *next; /* next node in the services list */

153

154

char local_address[16]; /* Dotted-decimal address to bind */

155

156

/* name of service */

157

char *servname; /* service name for loggin & permission checking */

174

struct local_options *next; /* next node in the services list */

175

char *servname; /* service name for loggin & permission checking */

176

SSL_SESSION *session; /* Recently used session */

177

char local_address[IPLEN]; /* Dotted-decimal address to bind */

158

178

159

179

/* service-specific data for client.c */

160

180

int fd; /* file descriptor accepting connections for this service */

161

unsigned short localport, remoteport;

162

181

char *execname, **execargs; /* program name and arguments for local mode */

163

u32 *localnames, *remotenames;

164

u32 *local_ip;

182

SOCKADDR_LIST local_addr, remote_addr;

183

SOCKADDR_LIST source_addr;

165

184

char *username;

166

185

char *remote_address;

167

186

int timeout_busy; /* Maximum waiting for data time */

187

int timeout_close; /* Maximum close_notify time */

188

int timeout_connect; /* Maximum connect() time */

168

189

int timeout_idle; /* Maximum idle connection time */

169

int timeout_close; /* Maximum close_notify time */

170

190

171

191

/* protocol name for protocol.c */

172

192

char *protocol;

207

227

} SOCK_OPT;

208

228

209

229

void parse_config(char *, char *);

210

int name2nums(char *, char *, u32 **, u_short *);

211

230

212

231

/**************************************** Prototypes for client.c */

213

232

220

239

221

240

typedef struct {

222

241

LOCAL_OPTIONS *opt;

223

char accepting_address[16], connecting_address[16]; /* Dotted-decimal */

224

struct sockaddr_in addr; /* Local address */

242

char accepting_address[IPLEN], connecting_address[IPLEN]; /* text */

243

SOCKADDR_LIST peer_addr; /* Peer address */

225

244

FD local_rfd, local_wfd; /* Read and write local descriptors */

226

245

FD remote_fd; /* Remote descriptor */

227

246

SSL *ssl; /* SSL Connection */

228

int bind_ip; /* IP for explicit local bind or transparent proxy */

247

SOCKADDR_LIST bind_addr; /* IP for explicit local bind or transparent proxy */

229

248

unsigned long pid; /* PID of local process */

230

u32 *resolved_addresses; /* List of IP addresses for delayed lookup */

231

249

232

250

char sock_buff[BUFFSIZE]; /* Socket read buffer */

233

251

char ssl_buff[BUFFSIZE]; /* SSL read buffer */

242

260

extern int max_fds;

243

261

#endif

244

262

245

#define sock_rd (c->sock_rfd->rd)

246

#define sock_wr (c->sock_wfd->wr)

247

#define ssl_rd (c->ssl_rfd->rd)

248

#define ssl_wr (c->ssl_wfd->wr)

249

250

263

void *alloc_client_session(LOCAL_OPTIONS *, int, int);

251

264

void *client(void *);

252

265

254

267

255

268

int negotiate(CLI *c);

256

269

257

/**************************************** Prototypes for select.c */

258

259

int sselect(int, fd_set *, fd_set *, fd_set *, struct timeval *);

260

int waitforsocket(int, int, int);

270

/**************************************** Prototypes for network.c */

271

272

#define MAX_FD 64

273

274

typedef struct {

275

#ifdef HAVE_POLL

276

struct pollfd ufds[MAX_FD];

277

unsigned int nfds;

278

#else

279

fd_set irfds, iwfds, orfds, owfds;

280

int max;

281

#endif

282

} s_poll_set;

283

284

void s_poll_zero(s_poll_set *);

285

void s_poll_add(s_poll_set *, int, int, int);

286

int s_poll_canread(s_poll_set *, int);

287

int s_poll_canwrite(s_poll_set *, int);

288

int s_poll_wait(s_poll_set *, int);

289

261

290

#ifndef USE_WIN32

262

void sselect_init(fd_set *, int *);

291

int signal_pipe_init(void);

263

292

void exec_status(void);

264

293

#endif

294

int set_socket_options(int, int);

295

int alloc_fd(int);

296

265

297

int write_blocking(CLI *, int fd, u8 *, int);

266

298

int read_blocking(CLI *, int fd, u8 *, int);

267

299

/* descriptor versions of fprintf/fscanf */

278

310

;

279

311

#endif

280

312

313

/**************************************** Prototypes for resolver.c */

314

315

int name2addrlist(SOCKADDR_LIST *, char *, char *);

316

int hostport2addrlist(SOCKADDR_LIST *, char *, char *);

317

char *s_ntop(char *, SOCKADDR_UNION *);

318

281

319

/**************************************** Prototypes for gui.c */

282

320

283

321

#ifdef USE_WIN32

284

322

void win_log(char *);

285

323

void exit_stunnel(int);

286

324

int pem_passwd_cb(char *, int, int, void *);

325

326

typedef int (CALLBACK * GETADDRINFO) (const char *,

327

const char *, const struct addrinfo *, struct addrinfo **);

328

typedef void (CALLBACK * FREEADDRINFO) (struct addrinfo FAR *);

329

typedef int (CALLBACK * GETNAMEINFO) (const struct sockaddr *, socklen_t,

330

char *, size_t, char *, size_t, int);

331

332

extern GETADDRINFO s_getaddrinfo;

333

extern FREEADDRINFO s_freeaddrinfo;

334

extern GETNAMEINFO s_getnameinfo;

287

335

#endif

288

336

289

337

#endif /* defined PROTOTYPES_H */

Older »