326 lines
9.6 KiB
Diff
326 lines
9.6 KiB
Diff
diff -Paur --no-dereference -- libssl.upstream/apps/nc/netcat.c libssl/apps/nc/netcat.c
|
|
--- libssl.upstream/apps/nc/netcat.c
|
|
+++ libssl/apps/nc/netcat.c
|
|
@@ -40,7 +40,10 @@
|
|
#include <netinet/in.h>
|
|
#include <netinet/tcp.h>
|
|
#include <netinet/ip.h>
|
|
+/* PATCH: Sortix doesn't have <netinet/telnet.h> yet. */
|
|
+#if __has_include(<netinet/telnet.h>)
|
|
#include <arpa/telnet.h>
|
|
+#endif
|
|
|
|
#include <ctype.h>
|
|
#include <err.h>
|
|
@@ -468,8 +471,12 @@
|
|
} else {
|
|
strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
|
|
UNIX_DG_TMP_SOCKET_SIZE);
|
|
- if (mktemp(unix_dg_tmp_socket_buf) == NULL)
|
|
+ /* PATCH: Sortix doesn't have the obsolete mktemp(3) function. */
|
|
+ int fd = mkstemp(unix_dg_tmp_socket_buf);
|
|
+ if (fd < 0)
|
|
err(1, "mktemp");
|
|
+ unlink(unix_dg_tmp_socket_buf);
|
|
+ close(fd);
|
|
unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
|
|
}
|
|
}
|
|
@@ -1403,7 +1410,8 @@
|
|
memset(&cmsgbuf, 0, sizeof(cmsgbuf));
|
|
memset(&iov, 0, sizeof(iov));
|
|
|
|
- mh.msg_control = (caddr_t)&cmsgbuf.buf;
|
|
+ /* PATCH: Sortix doesn't have the non-standard caddr_t type. */
|
|
+ mh.msg_control = (char*)&cmsgbuf.buf;
|
|
mh.msg_controllen = sizeof(cmsgbuf.buf);
|
|
cmsg = CMSG_FIRSTHDR(&mh);
|
|
cmsg->cmsg_len = CMSG_LEN(sizeof(int));
|
|
@@ -1440,6 +1448,7 @@
|
|
void
|
|
atelnet(int nfd, unsigned char *buf, unsigned int size)
|
|
{
|
|
+#ifdef IAC
|
|
unsigned char *p, *end;
|
|
unsigned char obuf[4];
|
|
|
|
@@ -1465,6 +1474,9 @@
|
|
if (atomicio(vwrite, nfd, obuf, 3) != 3)
|
|
warn("Write Error!");
|
|
}
|
|
+#else
|
|
+ errx(1, "Telnet negotation is not supported");
|
|
+#endif
|
|
}
|
|
|
|
int
|
|
@@ -1578,16 +1590,20 @@
|
|
err(1, NULL);
|
|
}
|
|
if (Tflag != -1) {
|
|
+/* PATCH: The Sortix network stack is WIP and doesn't have IP_TOS yet and
|
|
+ likewise with other features. */
|
|
+#ifdef IP_TOS
|
|
if (af == AF_INET && setsockopt(s, IPPROTO_IP,
|
|
IP_TOS, &Tflag, sizeof(Tflag)) == -1)
|
|
err(1, "set IP ToS");
|
|
+#endif
|
|
|
|
#ifdef IPV6_TCLASS
|
|
- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
|
+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
|
IPV6_TCLASS, &Tflag, sizeof(Tflag)) == -1)
|
|
err(1, "set IPv6 traffic class");
|
|
#else
|
|
- else if (af == AF_INET6) {
|
|
+ if (af == AF_INET6) {
|
|
errno = ENOPROTOOPT;
|
|
err(1, "set IPv6 traffic class not supported");
|
|
}
|
|
@@ -1605,13 +1621,16 @@
|
|
}
|
|
|
|
if (ttl != -1) {
|
|
+#ifdef IP_TTL
|
|
if (af == AF_INET && setsockopt(s, IPPROTO_IP,
|
|
IP_TTL, &ttl, sizeof(ttl)))
|
|
err(1, "set IP TTL");
|
|
-
|
|
- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
|
+#endif
|
|
+#ifdef IPV6_UNICAST_HOPS
|
|
+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
|
IPV6_UNICAST_HOPS, &ttl, sizeof(ttl)))
|
|
err(1, "set IPv6 unicast hops");
|
|
+#endif
|
|
}
|
|
|
|
if (minttl != -1) {
|
|
@@ -1649,7 +1668,9 @@
|
|
{ "af41", IPTOS_DSCP_AF41 },
|
|
{ "af42", IPTOS_DSCP_AF42 },
|
|
{ "af43", IPTOS_DSCP_AF43 },
|
|
+#ifdef IPTOS_PREC_CRITIC_ECP
|
|
{ "critical", IPTOS_PREC_CRITIC_ECP },
|
|
+#endif
|
|
{ "cs0", IPTOS_DSCP_CS0 },
|
|
{ "cs1", IPTOS_DSCP_CS1 },
|
|
{ "cs2", IPTOS_DSCP_CS2 },
|
|
@@ -1659,11 +1680,21 @@
|
|
{ "cs6", IPTOS_DSCP_CS6 },
|
|
{ "cs7", IPTOS_DSCP_CS7 },
|
|
{ "ef", IPTOS_DSCP_EF },
|
|
+#ifdef IPTOS_PREC_INTERNETCONTROL
|
|
{ "inetcontrol", IPTOS_PREC_INTERNETCONTROL },
|
|
+#endif
|
|
+#ifdef IPTOS_LOWDELAY
|
|
{ "lowdelay", IPTOS_LOWDELAY },
|
|
+#endif
|
|
+#ifdef IPTOS_PREC_NETCONTROL
|
|
{ "netcontrol", IPTOS_PREC_NETCONTROL },
|
|
+#endif
|
|
+#ifdef IPTOS_RELIABILITY
|
|
{ "reliability", IPTOS_RELIABILITY },
|
|
+#endif
|
|
+#ifdef IPTOS_THROUGHPUT
|
|
{ "throughput", IPTOS_THROUGHPUT },
|
|
+#endif
|
|
{ NULL, -1 },
|
|
};
|
|
|
|
diff -Paur --no-dereference -- libssl.upstream/apps/openssl/apps.c libssl/apps/openssl/apps.c
|
|
--- libssl.upstream/apps/openssl/apps.c
|
|
+++ libssl/apps/openssl/apps.c
|
|
@@ -147,6 +147,11 @@
|
|
#include <openssl/x509.h>
|
|
#include <openssl/x509v3.h>
|
|
|
|
+/* PATCH: For snprintf path creation that handles too long paths. */
|
|
+#if defined(__sortix__) && !defined(PATH_MAX)
|
|
+#define PATH_MAX 4096
|
|
+#endif
|
|
+
|
|
typedef struct {
|
|
const char *name;
|
|
unsigned long flag;
|
|
diff -Paur --no-dereference -- libssl.upstream/apps/openssl/ca.c libssl/apps/openssl/ca.c
|
|
--- libssl.upstream/apps/openssl/ca.c
|
|
+++ libssl/apps/openssl/ca.c
|
|
@@ -81,6 +81,13 @@
|
|
#include <openssl/x509.h>
|
|
#include <openssl/x509v3.h>
|
|
|
|
+/* PATCH: Sortix doesn't have a PATH_MAX limit. Provide a simple value for the
|
|
+ below snprintf calls that construct paths and handle overflow if paths
|
|
+ are longer than PATH_MAX. */
|
|
+#if defined(__sortix__) && !defined(PATH_MAX)
|
|
+#define PATH_MAX 4096
|
|
+#endif
|
|
+
|
|
#define BASE_SECTION "ca"
|
|
|
|
#define ENV_DEFAULT_CA "default_ca"
|
|
diff -Paur --no-dereference -- libssl.upstream/apps/openssl/certhash.c libssl/apps/openssl/certhash.c
|
|
--- libssl.upstream/apps/openssl/certhash.c
|
|
+++ libssl/apps/openssl/certhash.c
|
|
@@ -33,6 +33,11 @@
|
|
|
|
#include "apps.h"
|
|
|
|
+/* PATCH: For readlink that handles too long paths. */
|
|
+#if defined(__sortix__) && !defined(PATH_MAX)
|
|
+#define PATH_MAX 4096
|
|
+#endif
|
|
+
|
|
static struct {
|
|
int dryrun;
|
|
int verbose;
|
|
@@ -494,6 +499,11 @@
|
|
fprintf(stderr, "symbolic link is too long %s\n", dep->d_name);
|
|
return (-1);
|
|
}
|
|
+ /* PATCH: Handle symbolic links that are too long. */
|
|
+ if (n == sizeof(target) - 1) {
|
|
+ fprintf(stderr, "symbolic link is too long %s\n", dep->d_name);
|
|
+ return (-1);
|
|
+ }
|
|
target[n] = '\0';
|
|
|
|
hi = hashinfo_from_linkname(dep->d_name, target);
|
|
diff -Paur --no-dereference -- libssl.upstream/apps/openssl/s_socket.c libssl/apps/openssl/s_socket.c
|
|
--- libssl.upstream/apps/openssl/s_socket.c
|
|
+++ libssl/apps/openssl/s_socket.c
|
|
@@ -73,6 +73,23 @@
|
|
|
|
#include "s_apps.h"
|
|
|
|
+/* PATCH: The server below only supports IPv4 and only uses the obsolete
|
|
+ gethostbyname and gethostbyaddr instead of the getaddrinfo
|
|
+ replacement. Sortix intentionally does not have gethostbyname, so
|
|
+ simply disable the feature for now. */
|
|
+#if defined(__sortix__)
|
|
+struct hostent
|
|
+{
|
|
+ char *h_name;
|
|
+ char **h_aliases;
|
|
+ int h_addrtype;
|
|
+ int h_length;
|
|
+ char **h_addr_list;
|
|
+};
|
|
+#define gethostbyname(a) ((void) a, (struct hostent*) NULL)
|
|
+#define gethostbyaddr(a, b, c) (((void) a), ((void) b), ((void) c), (struct hostent*) NULL)
|
|
+#endif
|
|
+
|
|
static int init_server(int *sock, int port, int type);
|
|
static int init_server_long(int *sock, int port, char *ip, int type);
|
|
static int do_accept(int acc_sock, int *sock);
|
|
diff -Paur --no-dereference -- libssl.upstream/crypto/bio/b_sock.c libssl/crypto/bio/b_sock.c
|
|
--- libssl.upstream/crypto/bio/b_sock.c
|
|
+++ libssl/crypto/bio/b_sock.c
|
|
@@ -34,6 +34,21 @@
|
|
#include <openssl/buffer.h>
|
|
#include <openssl/err.h>
|
|
|
|
+/* PATCH: Sortix intentionally doesn't have the obsolete gethostbyname family
|
|
+ but only the modern getaddrinfo(3) family. Actually none of my ports
|
|
+ use BIO_gethostbyname, maybe it can just be removed. */
|
|
+#if defined(__sortix__)
|
|
+struct hostent
|
|
+{
|
|
+ char *h_name;
|
|
+ char **h_aliases;
|
|
+ int h_addrtype;
|
|
+ int h_length;
|
|
+ char **h_addr_list;
|
|
+};
|
|
+#define gethostbyname(a) ((void) a, (struct hostent*) NULL)
|
|
+#endif
|
|
+
|
|
int
|
|
BIO_get_host_ip(const char *str, unsigned char *ip)
|
|
{
|
|
diff -Paur --no-dereference -- libssl.upstream/crypto/bio/bss_bio.c libssl/crypto/bio/bss_bio.c
|
|
--- libssl.upstream/crypto/bio/bss_bio.c
|
|
+++ libssl/crypto/bio/bss_bio.c
|
|
@@ -74,6 +74,11 @@
|
|
# endif
|
|
#endif
|
|
|
|
+/* PATCH: Sortix <limits.h> is buggy and doesn't define SSIZE_MAX right now. */
|
|
+#if defined(__sortix__)
|
|
+#include <sys/types.h>
|
|
+#endif
|
|
+
|
|
#include <assert.h>
|
|
#include <limits.h>
|
|
#include <stdlib.h>
|
|
diff -Paur --no-dereference -- libssl.upstream/include/compat/stdlib.h libssl/include/compat/stdlib.h
|
|
--- libssl.upstream/include/compat/stdlib.h
|
|
+++ libssl/include/compat/stdlib.h
|
|
@@ -16,7 +16,7 @@
|
|
#ifndef LIBCRYPTOCOMPAT_STDLIB_H
|
|
#define LIBCRYPTOCOMPAT_STDLIB_H
|
|
|
|
-#include <sys/types.h>
|
|
+/* PATCH: <sys/types.h> doesn't need to be included. */
|
|
#include <stdint.h>
|
|
|
|
#ifndef HAVE_ARC4RANDOM_BUF
|
|
diff -Paur --no-dereference -- libssl.upstream/include/compat/string.h libssl/include/compat/string.h
|
|
--- libssl.upstream/include/compat/string.h
|
|
+++ libssl/include/compat/string.h
|
|
@@ -16,7 +16,7 @@
|
|
#include_next <string.h>
|
|
#endif
|
|
|
|
-#include <sys/types.h>
|
|
+/* PATCH: <sys/types.h> doesn't need to be included. */
|
|
|
|
#if defined(__sun) || defined(_AIX) || defined(__hpux)
|
|
/* Some functions historically defined in string.h were placed in strings.h by
|
|
diff -Paur --no-dereference -- libssl.upstream/include/compat/sys/types.h libssl/include/compat/sys/types.h
|
|
--- libssl.upstream/include/compat/sys/types.h
|
|
+++ libssl/include/compat/sys/types.h
|
|
@@ -16,7 +16,7 @@
|
|
#ifndef LIBCRYPTOCOMPAT_SYS_TYPES_H
|
|
#define LIBCRYPTOCOMPAT_SYS_TYPES_H
|
|
|
|
-#include <stdint.h>
|
|
+/* PATCH: <stdint.h> doesn't need to be included. */
|
|
|
|
#ifdef __MINGW32__
|
|
#include <_bsd_types.h>
|
|
diff -Paur --no-dereference -- libssl.upstream/include/compat/unistd.h libssl/include/compat/unistd.h
|
|
--- libssl.upstream/include/compat/unistd.h
|
|
+++ libssl/include/compat/unistd.h
|
|
@@ -64,9 +64,10 @@
|
|
#endif
|
|
#endif
|
|
|
|
-#ifndef HAVE_GETPAGESIZE
|
|
-int getpagesize(void);
|
|
-#endif
|
|
+/* PATCH: Somehow HAVE_GETPAGESIZE doesn't get defined even though configure
|
|
+ does detect Sortix has it (with the fix). Sortix getpagesize returns
|
|
+ size_t rather than int, so remove this conflicting forward
|
|
+ declaration. */
|
|
|
|
#define pledge(request, paths) 0
|
|
#define unveil(path, permissions) 0
|
|
diff -Paur --no-dereference -- libssl.upstream/tls/tls_config.c libssl/tls/tls_config.c
|
|
--- libssl.upstream/tls/tls_config.c
|
|
+++ libssl/tls/tls_config.c
|
|
@@ -721,8 +721,11 @@
|
|
}
|
|
|
|
if (sb.st_uid != getuid()) {
|
|
+ /* PATCH: Sortix has 64-bit uid_t. */
|
|
tls_config_set_errorx(config, "session file has incorrect "
|
|
- "owner (uid %u != %u)", sb.st_uid, getuid());
|
|
+ "owner (uid %llu != %llu)",
|
|
+ (unsigned long long) sb.st_uid,
|
|
+ (unsigned long long) getuid());
|
|
return (-1);
|
|
}
|
|
mugo = sb.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO);
|