Mon Feb 23 22:27:37 2015 UTC ()

One more fix for assumption about POSIX accept(). PKGREVISION++


(fhajny)

diff -r1.4 -r1.5 pkgsrc/security/stud/Makefile
diff -r1.2 -r1.3 pkgsrc/security/stud/distinfo
diff -r1.2 -r1.3 pkgsrc/security/stud/patches/patch-stud.c

--- pkgsrc/security/stud/Attic/Makefile 2015/02/20 09:32:07 1.4
+++ pkgsrc/security/stud/Attic/Makefile 2015/02/23 22:27:37 1.5

 @@ -1,18 +1,18 @@
-# $NetBSD: Makefile,v 1.4 2015/02/20 09:32:07 fhajny Exp $
+# $NetBSD: Makefile,v 1.5 2015/02/23 22:27:37 fhajny Exp $
+#
 PKGNAME=	stud-0.3p53
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	security
 MAINTAINER=	jym@NetBSD.org
 HOMEPAGE=	http://github.com/bumptech/stud
 COMMENT=	Scalable TLS Unwrapping Daemon
 LICENSE=	2-clause-bsd
 MASTER_SITES=	http://rohara.fedorapeople.org/stud/
 DISTNAME=	bumptech-stud-0.3-51-g0b88039
 WRKSRC=		${WRKDIR}/bumptech-stud-0b88039
 USE_TOOLS+=		gmake nroff pax:run
 BUILD_DEFS+=		STUD_USER STUD_GROUP VARBASE

--- pkgsrc/security/stud/Attic/distinfo 2015/02/20 09:32:07 1.2
+++ pkgsrc/security/stud/Attic/distinfo 2015/02/23 22:27:37 1.3

 @@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.2 2015/02/20 09:32:07 fhajny Exp $
+$NetBSD: distinfo,v 1.3 2015/02/23 22:27:37 fhajny Exp $
 SHA1 (bumptech-stud-0.3-51-g0b88039.tar.gz) = fad22d9cf008b7db8f30d8d7ca0a6fcc177714de
 RMD160 (bumptech-stud-0.3-51-g0b88039.tar.gz) = 66a186e1095fd127945802ab681f5948ee1d4011
 Size (bumptech-stud-0.3-51-g0b88039.tar.gz) = 41000 bytes
 SHA1 (patch-Makefile) = c0794c6ebb3bdc3d55b473acec674a9f98b03ffb
 SHA1 (patch-configuration.c) = 886226a104f84bac6902bb8a8593d37a25653563
 SHA1 (patch-stud.8) = a6b36ab6ac8c65cbc70172a9c230b22965cbdc3d
-SHA1 (patch-stud.c) = aae56a212de51dfec4c31a9f4318818a79a51dfd
+SHA1 (patch-stud.c) = a33ccb6adc85ea545db3372201b8f50733d79222

--- pkgsrc/security/stud/patches/Attic/patch-stud.c 2015/02/20 09:32:07 1.2
+++ pkgsrc/security/stud/patches/Attic/patch-stud.c 2015/02/23 22:27:37 1.3

 @@ -1,17 +1,18 @@
-$NetBSD: patch-stud.c,v 1.2 2015/02/20 09:32:07 fhajny Exp $
+$NetBSD: patch-stud.c,v 1.3 2015/02/23 22:27:37 fhajny Exp $
 SunOS fixes as per https://github.com/bumptech/stud/pull/71.
 SSL fixes as per https://github.com/bumptech/stud/pull/130.
 Fix for POSIX accept() that can also return ECONNABORTED.
 --- stud.c.orig	2012-08-10 23:40:19.000000000 +0000
 +++ stud.c
 @@ -189,9 +189,17 @@ typedef struct proxystate {
  /* Set a file descriptor (socket) to non-blocking mode */
  static void setnonblocking(int fd) {
 -    int flag = 1;
+-
 -    assert(ioctl(fd, FIONBIO, &flag) == 0);
 +    int flag;
 +#if defined(O_NONBLOCK)
 +    /* O_NONBLOCK is more portable and POSIX-standard */
 @@ -58,26 +59,35 @@ SSL fixes as per https://github.com/bump
 -            LOG("{%s} Unexpected SSL error (in handshake): %d\n", w->fd == ps->fd_up ? "client" : "backend", err);
++
 +            // Try and get more detail on the error from the SSL
 +            // error queue. ERR_error_string requires a char buffer
 +            // of 120 bytes.
 +            unsigned long err_detail = ERR_get_error();
 +            char err_msg[120];
 +            ERR_error_string(err_detail, err_msg);
++
 +            LOG("{client} Unexpected SSL error (in handshake): %d, %s\n", err, err_msg);
              shutdown_proxy(ps, SHUTDOWN_SSL);
+         }
+     }
@@ -1312,7 +1335,7 @@ static void handle_accept(struct ev_loop
              break;
          default:
 -            assert(errno == EINTR || errno == EWOULDBLOCK || errno == EAGAIN);
 +            assert(errno == EINTR || errno == EWOULDBLOCK || errno == EAGAIN || errno == ECONNABORTED);
              break;
+         }
          return;
 @@ -1751,24 +1774,16 @@ void daemonize () {
          exit(0);
+     }
 -    /* close standard streams */
 -    fclose(stdin);
 -    fclose(stdout);
 -    fclose(stderr);
+-
      /* reopen standard streams to null device */
 -    stdin = fopen(NULL_DEV, "r");
 -    if (stdin == NULL) {
 +    if (freopen(NULL_DEV, "r", stdin) == NULL) {