Now
MAIN commitmail json YAML
Update net/socat to socat-1.7.3.2
pkgsrc changes:
- Take MAINTAINERship
Changes:
1.7.3.2
-------
corrections:
- SIGSEGV and other signals could lead to a 100% CPU loop
- Failing name resolution could lead to SIGSEGV
Thanks to Max for reporting this issue.
- Include <stddef.h> for ptrdiff_t
Thanks to Jeroen Roovers for reporting this issue.
- Building with --disable-sycls failed due to missing sslcls.h defines
Socat hung when configured with --disable-sycls.
- Some minor corrections with includes etc.
- Option so-reuseport did not work. Thanks to Some Raghavendra Prabhu
for sending a patch.
- Programs invoked with EXEC, nofork, and -u or -U had stdin and stdout
incorrectly assigned
Test: EXEC_NOFORK_UNIDIR
Thanks to David Reiss for reporting this problem.
- Socat exited with status 0 even when a program invoked with SYSTEM or
EXEC failed.
Tests: SYSTEM_RC EXEC_RC
Issue reported by Felix Winkelmann.
- AddressSanitizer reported a few buffer overflows (false positives).
Nevertheless fixed Socat source.
Issue reported by Hanno B旦ck.
- Socat did not use option ipv6-join-group.
Test: USE_IPV6_JOIN_GROUP
Thanks to Linux L�ssing for sending a patch.
- UDP-LISTEN did not honor the max-children option.
Test: UDP4MAXCHILDREN UDP6MAXCHILDREN
Thanks to Leander Berwers for reporting this issue.
- Options so-rcvtimeo and so-sndtimeo do not work with poll()/select()
and therefore were useless.
Thanks to Steve Borenstein for reporting this issue.
- Option dhparam was documented as dhparams. Added the alias name
dhparams to fix this.
Thanks to Alexander Neumann for sending a patch.
- Options shut-down and shut-close did not work.
Thanks to Stefan Schimanski for providing a patch.
- There was a bug in printing readline log message caused by a misleading
indentation.
Thanks to Paul Wouters for reporting.
- The internal vsnprintf_r function looped or crashed on size parameter
with hexadecimal output.
- Ignore exit code of child process when it was killed by master due to
EOF
- Corrected byte order on read of IPV6_TCLASS value from ancillary
message
- Fixed type of the bool element in options. This had bug caused failures
e.g. of ignoreeof on big-endian systems when bool was not based on int.
- On systems with predefined bool type whose size differs from int some
IPv6 and TCP options (per setsockopt()) failed.
- Length of integral data in ancillary messages varies (TOS: 1 byte,
TTL: 4 bytes), the old implementation failed for TTL on big-endian
hosts.
- Fixed an issue in options processing: TUN and DNS flags had failed on
big-endian systems and the NO- forms had probable never worked.
porting:
- Type conflict between int and sig_atomic_t between declaration and
definition of diag_immediate_type and diag_immediate_exit broke
compilation on FreeBSD 10.1 with clang. Thanks to Emanuel Haupt for
reporting this bug.
- Socat failed to compile on platforms with OpenSSL without
DTLSv1_client_method or DTLSv1_server_method.
Thanks to Simon Matter for sending a patch.
- NuttX OS headers do not provide struct ip, thus socat did not compile.
Made struct ip subject to configure.
Thanks to SP for reporting this issue.
- Socat failed to compile with OpenSSL version 1.0.2d where
SSLv3_server_method and SSLv3_client_method are no longer defined.
Thanks to Mischa ter Smitten for reporting this issue and providing
a patch.
- configure checked for OpenSSL EC_KEY assuming it is a define but it
is a type, thus OpenSSL ECDHE ciphers failed even on Linux.
Thanks to Andrey Arapov for reporting this bug.
- Changes to make socat compile with OpenSSL 1.1.
Thanks to Sebastian Andrzej Siewior e.a. from the Debian team for
providing the base patch.
Debian Bug#828550
- Make Socat compatible with BoringSSL.
Thanks to Matt Braithwaite for providing a patch.
- OpenSSL: Use RAND_status to determine PRNG state
Thanks to Adam Langley for providing a patch
- AIX-7 uses an extended O_ACCMODE that does not fit socat's internal
requirements. Thanks to Garrick Trowsdale for providing a patch
- LibreSSL support: check for OPENSSL_NO_COMP
Thanks to Bernard Spil for providing a patch
testing:
- socks4echo.sh and socks4a-echo.sh hung with new bash with read -n
- test.sh: stderr; option -v (verbose); FDOUT_ERROR description
- improved proxy.sh - it now also takes hostnames
- A few corrections in test.sh
- DTLS1 test hangs on some distributions. Test is now only performed
with OpenSSL 1.0.2 or higher.
- More corrections to test.sh that reveal a mistake with IPV6_TCLASS
docu:
- Corrected source of socat man page to correctly show man references
like socket(2); removed obseolete entries from See Also
- Docu and some comments mentioned addresses SSL-LISTEN and SSL-CONNECT
that do not exist (OPENSSL-LISTEN, SSL-L; and OPENNSSL-CONNECT, SSL
are correct).
Thanks to Zhigang Wang for reporting this issue.
- Fixed a couple of English spelling and grammar mistakes.
Thanks to Jakub Wild for sending the patches.
- NOEXPAND() was not resolved 2 times.
- More minor docu corrections
legal:
- Added contributors to copyright notices. Suggested by Matt Braithwaite.
pkgsrc changes:
- Take MAINTAINERship
Changes:
1.7.3.2
-------
corrections:
- SIGSEGV and other signals could lead to a 100% CPU loop
- Failing name resolution could lead to SIGSEGV
Thanks to Max for reporting this issue.
- Include <stddef.h> for ptrdiff_t
Thanks to Jeroen Roovers for reporting this issue.
- Building with --disable-sycls failed due to missing sslcls.h defines
Socat hung when configured with --disable-sycls.
- Some minor corrections with includes etc.
- Option so-reuseport did not work. Thanks to Some Raghavendra Prabhu
for sending a patch.
- Programs invoked with EXEC, nofork, and -u or -U had stdin and stdout
incorrectly assigned
Test: EXEC_NOFORK_UNIDIR
Thanks to David Reiss for reporting this problem.
- Socat exited with status 0 even when a program invoked with SYSTEM or
EXEC failed.
Tests: SYSTEM_RC EXEC_RC
Issue reported by Felix Winkelmann.
- AddressSanitizer reported a few buffer overflows (false positives).
Nevertheless fixed Socat source.
Issue reported by Hanno B旦ck.
- Socat did not use option ipv6-join-group.
Test: USE_IPV6_JOIN_GROUP
Thanks to Linux L�ssing for sending a patch.
- UDP-LISTEN did not honor the max-children option.
Test: UDP4MAXCHILDREN UDP6MAXCHILDREN
Thanks to Leander Berwers for reporting this issue.
- Options so-rcvtimeo and so-sndtimeo do not work with poll()/select()
and therefore were useless.
Thanks to Steve Borenstein for reporting this issue.
- Option dhparam was documented as dhparams. Added the alias name
dhparams to fix this.
Thanks to Alexander Neumann for sending a patch.
- Options shut-down and shut-close did not work.
Thanks to Stefan Schimanski for providing a patch.
- There was a bug in printing readline log message caused by a misleading
indentation.
Thanks to Paul Wouters for reporting.
- The internal vsnprintf_r function looped or crashed on size parameter
with hexadecimal output.
- Ignore exit code of child process when it was killed by master due to
EOF
- Corrected byte order on read of IPV6_TCLASS value from ancillary
message
- Fixed type of the bool element in options. This had bug caused failures
e.g. of ignoreeof on big-endian systems when bool was not based on int.
- On systems with predefined bool type whose size differs from int some
IPv6 and TCP options (per setsockopt()) failed.
- Length of integral data in ancillary messages varies (TOS: 1 byte,
TTL: 4 bytes), the old implementation failed for TTL on big-endian
hosts.
- Fixed an issue in options processing: TUN and DNS flags had failed on
big-endian systems and the NO- forms had probable never worked.
porting:
- Type conflict between int and sig_atomic_t between declaration and
definition of diag_immediate_type and diag_immediate_exit broke
compilation on FreeBSD 10.1 with clang. Thanks to Emanuel Haupt for
reporting this bug.
- Socat failed to compile on platforms with OpenSSL without
DTLSv1_client_method or DTLSv1_server_method.
Thanks to Simon Matter for sending a patch.
- NuttX OS headers do not provide struct ip, thus socat did not compile.
Made struct ip subject to configure.
Thanks to SP for reporting this issue.
- Socat failed to compile with OpenSSL version 1.0.2d where
SSLv3_server_method and SSLv3_client_method are no longer defined.
Thanks to Mischa ter Smitten for reporting this issue and providing
a patch.
- configure checked for OpenSSL EC_KEY assuming it is a define but it
is a type, thus OpenSSL ECDHE ciphers failed even on Linux.
Thanks to Andrey Arapov for reporting this bug.
- Changes to make socat compile with OpenSSL 1.1.
Thanks to Sebastian Andrzej Siewior e.a. from the Debian team for
providing the base patch.
Debian Bug#828550
- Make Socat compatible with BoringSSL.
Thanks to Matt Braithwaite for providing a patch.
- OpenSSL: Use RAND_status to determine PRNG state
Thanks to Adam Langley for providing a patch
- AIX-7 uses an extended O_ACCMODE that does not fit socat's internal
requirements. Thanks to Garrick Trowsdale for providing a patch
- LibreSSL support: check for OPENSSL_NO_COMP
Thanks to Bernard Spil for providing a patch
testing:
- socks4echo.sh and socks4a-echo.sh hung with new bash with read -n
- test.sh: stderr; option -v (verbose); FDOUT_ERROR description
- improved proxy.sh - it now also takes hostnames
- A few corrections in test.sh
- DTLS1 test hangs on some distributions. Test is now only performed
with OpenSSL 1.0.2 or higher.
- More corrections to test.sh that reveal a mistake with IPV6_TCLASS
docu:
- Corrected source of socat man page to correctly show man references
like socket(2); removed obseolete entries from See Also
- Docu and some comments mentioned addresses SSL-LISTEN and SSL-CONNECT
that do not exist (OPENSSL-LISTEN, SSL-L; and OPENNSSL-CONNECT, SSL
are correct).
Thanks to Zhigang Wang for reporting this issue.
- Fixed a couple of English spelling and grammar mistakes.
Thanks to Jakub Wild for sending the patches.
- NOEXPAND() was not resolved 2 times.
- More minor docu corrections
legal:
- Added contributors to copyright notices. Suggested by Matt Braithwaite.