| |
| Corrections: |
| On connect() failure and in some other situations Socat tries to get |
| detailled information about the error with recvmsg(). Error return of |
| this function is now logged as Info instead of Warn. |
| |
| Tests of the correction of the "IP_ADD_SOURCE_MEMBERSHIP but not struct |
| ip_mreq_source" issue left an #undef in xiosysincludes.h that disabled |
| the ip-add-source-membership option. |
| Thanks to Benjamin Poirier for sending a patch. |
| |
| Fixed a bug in dalan module that caused SIGSEGV in, e.g., |
| SOCKET-LISTEN:1:1:'"/tmp/sock"' |
| Test: DALAN_NO_SIGSEGV |
| |
| The retry option with some address types (TCP) did not close() the |
| sockets after failed attempts, resulting in an FD leak. |
| |
| Filan: Corrected some syntax error messages |
| |
| Filan: Fixed a bug introduced in 1.7.4.4 that broke displaying |
| TCP/UDP on options -s, -S |
| Test: FILAN_SHORT_TCP |
| |
| Filan: If IP protocol type cannot be retrieved, display at least the |
| socket type |
| |
| Filan: Fixed diag_set() call in filan_main.c, bug popped up with C23. |
| Thanks to Cristian Rodríguez from openSUSE for reporting this issue. |
| |
| Querying the vsock Context Identifier (CID) requires an FD from opening |
| /dev/vsock. |
| Thanks to Volker Simonis for sending a patch. |
| |
| Fixed an internal FD leak in the EXEC,SYSTEM addresses. |
| |
| The FDs of the socketpair that queues messages from signal handlers |
| lacked FD_CLOEXEC and thus leaked into EXEC and SYSTEM child processes. |
| |
| Option stderr on addresses EXEC and SYSTEM uses a temporary FD. It |
| lacked the FD_CLOEXEC setting and thus leakt into child processes. |
| |
| Restoring of STDIO tty settings failed on Solaris type operating |
| systems. |
| Thanks to Gordon W.Ross for reporting and fixing this issue. |
| Test: RESTORE_TTY |
| |
| The OpenSSL client SNI parameter, when not explicitely specified, is |
| derived from option commonname or rom target server name. This is not |
| useful with IP addresses, which Socat now checks and avoids. |
| |
| Socat options -L and -W create lock files using mkstemp(), so they had |
| permissions 600. There does not seem to be a good reason for this |
| restrictive mode. Furthermore Silla Rizzoli experienced that Minicom |
| ignores lock files with mode 600, so it is set to 644 now. |
| |
| Features: |
| VSOCK, VSOCK-L support options pf, socktype, prototype (currently |
| useless) |
| |
| Coding: |
| New Environment variable SOCAT_TRANSFER_WAIT that Socat sleep before |
| starting the data transfer loop. Useful, e.g., to accumulate multiple |
| packets in a receiving datagram socket before starting to process them. |
| |
| "//" comments were used for disabling experimental code. These lines |
| have now been removed or disabled in other ways to make Socat compile |
| with C89/C90 standard again. |
| |
| Porting: |
| Small correction in configure.ac makes Socat C99 able. |
| Thanks to Florian Weimer from Red Hat for provinding a patch. |
| |
| Testing: |
| Idea: EXEC,SYSTEM addresses can keep packet boundaries when option |
| socktype=<val-of-SOCK_DGRAM> |
| Tests: EXECSOCKETPAIRPACKETS SYSTEMSOCKETPAIRPACKETS |
| |
| Cosmetic corrections of EXEC,SYSTEM tests. |
| |
| test.sh: Added option --expect-fail to specify comma separated list of |
| test numbers whose failure shall not cause a failure of the whole |
| script. |
| |
| test.sh: Added help text |
| |
| ####################### V 1.7.4.4: |
| |
| Corrections: |
| In error.c msg2() there was a stack overflow on long messages: The |
| terminating \0 Byte was written behind the last position. |
| Thanks to Martin Liška for sending the address sanitizer report. |
| |
| UDP-RECVFROM with fork sometimes terminated when multiple packets |
| arrived. This issue was introduced with a bug fix in version 1.7.4.0. |
| Reason was not handling EAGAIN on recvmsg(). |
| Thanks to Jamie McQuillan for reporting this issue. |
| |
| Address TCP with options connect-timeout and retry terminated |
| immediately when a connection attempt failed on network error or |
| connection refused. |
| Test: TCP_TIMEOUT_RETRY |
| Thanks to Kamil Holubicki for reporting this issue. |
| |
| There were a couple of weaknesses and errors when accessing invalid or |
| incompatible file system entries with UNIX domain, file, and generic |
| addresses. |
| For example, UNIX-CONNECT, when using a non matching socktype, failed |
| with -1 and did not print an error message, instead of printing an |
| error message and exiting with rc=1. |
| Thanks to Paul Wise for reporting and analyzing the case of accessing |
| a left over socket entry with GOPEN. |
| |
| The rawer option failed because it tried to clear CREAD. |
| Test: RAWER |
| |
| UDP-SEND and UPD-SENDTO with option lowport always bound to port 1 |
| instead of a free port in range 640..1023 |
| Test: UDP_LOWPORT |
| |
| Fixed bad parser error message on "socat /tmp/x\"x/x -" |
| |
| Tightened syntax checks to detect numerical arguments that are missing |
| or have trailing garbage. |
| Test: INTEGER_GARBAGE |
| |
| ctype(3) functions need there arguments to be unsigned char. |
| Thanks to Taylor R Campbell for sending a patch. |
| |
| Filan library uses Socats diag/error message system and therefore had |
| always the signal handler messages socket pair open. This fix avoids |
| this socketpair in standalone Filan. |
| |
| Corrected printf format for type socklen_t in two places. |
| |
| Porting: |
| OpenSSL, at least 1.1 on Ubuntu, crashed with SIGSEGV under certain |
| conditions: client connection to server with certificate with empty |
| subject, and pressing ^C after successful connect. |
| This crash is now prevented by setting OPENSSL_INIT_NO_ATEXIT. |
| Thanks to Martin Dorey for reporting and analyzing this issue, and for |
| providing an environment for reproduction. |
| |
| Socat failed to compile on platforms that have |
| IP_ADD_SOURCE_MEMBERSHIP but not struct ip_mreq_source |
| Thanks to Justin Yackoski for sending a patch. |
| |
| configure.ac's detection of getprotobynumber_r() variant did not |
| recognize if this function does not exist, e.g. on Musl libc. |
| Thanks to Alexander Kanavin and Baruch Siach for sending patches. |
| |
| Corrected message format when no strftime() is available; improved |
| handling of very long host or program names |
| |
| Solaris requires that termios options are always applied to the slave |
| side of PTY. |
| |
| Fixed ancillary messages on Solaris. |
| |
| Filan: Solaris has the open file path infos in /proc/<pid>/path/ |
| Thanks to Andy Fiddaman to directing me to the patch. |
| |
| Filan now recognizes and prints Solaris doors and event ports. |
| |
| Solaris derivatives no longer need librt for clock_gettime() |
| Thanks to Andy Fiddaman to directing me to the patch. |
| |
| LibreSSL does not have OPENSSL_INIT_new(). This function is now |
| guarded. Socat might build with LibreSSL. |
| Thanks to Orbea for reporting and helping. |
| |
| Building: |
| Failure during building documentation, e.g. due to missing Yodl |
| packages, now does not let the build process fail. |
| Feature requested by Seyhun. |
| |
| Features: |
| Filan prints target of symlink when appropriate |
| Test: FILANSYMLINK |
| |
| VSOCK-LISTEN now generates environment variables SOCAT_PEERADDR, |
| SOCAT_PEERPORT, SOCAT_SOCKADDR, SOCAT_SOCKPORT |
| New address aliases VSOCK, VSOCK-L |
| |
| Documentation: |
| Fixed typo in doc/socat-tun.html and link in README. |
| Thanks to William Suthers for reporting. |
| |
| Fixed hard coded path in docu examples. |
| Thanks to Jakub Wilk for sending a patch. |
| |
| Updated doc/socat-openssltunnel.html: 2048 bits, commonname |
| |
| Testing: |
| Unset SOCAT_MAIN_WAIT on informational Socat calls |
| |
| SOCAT=socat used ./socat instead of the version derived by $PATH |
| |
| Do not try VSOCK_ECHO test when feature is not compiled in. |
| |
| Fixed logging of test 220 TUNINTERFACE |
| |
| Musl libc refuses to execve() shell scripts, 2 tests needed to be |
| adapted. |
| |
| Musl libc has FOPEN_MAX=1000 which made bash dumping core on test |
| EXCEED_FOPEN_MAX. |
| |
| Added tests for failures of UNIX socket and GOPEN accesses to non |
| matching file system entries. |
| Tests: |
| CONNECT_TO_MISSING CONNECT_TO_DENIED CONNECT_TO_DIRECTORY |
| CONNECT_TO_ORPHANED CONNECT_TO_FILE CONNECT_TO_DGRAM |
| CONNECT_TO_SEQPACKET SEND_TO_MISSING SEND_TO_DENIED SEND_TO_DIRECTORY |
| SEND_TO_ORPHANED SEND_TO_FILE SEND_TO_STREAM SEND_TO_SEQPACKET |
| SENDTO_TO_MISSING SENDTO_TO_DENIED SENDTO_TO_DIRECTORY |
| SENDTO_TO_ORPHANED SENDTO_TO_FILE SENDTO_TO_STREAM SENDTO_TO_SEQPACKET |
| SEQPACKET_TO_MISSING SEQPACKET_TO_DENIED SEQPACKET_TO_DIRECTORY |
| SEQPACKET_TO_ORPHANED SEQPACKET_TO_FILE SEQPACKET_TO_STREAM |
| SEQPACKET_TO_DGRAM UNIX_TO_MISSING UNIX_TO_DENIED UNIX_TO_DIRECTORY |
| UNIX_TO_FILE UNIX_TO_ORPHANED GOPEN_TO_DENIED GOPEN_TO_DIRECTORY |
| GOPEN_TO_ORPHANED |
| |
| On RHEL-9 SCTP support requires installation of package |
| kernel-modules-extra. test.sh now detects when SCTP is missing in |
| kernel and reacts with warnings instead of errors. |
| |
| VSOCK loopback still does not seem to work even in kernel 5.13, so just |
| issue warning on "No such device". |
| |
| ####################### V 1.7.4.3: |
| |
| Corrections: |
| Socat crashed with SIGSEGV when peer presented a certificate without |
| (or empty?) subject. |
| Thanks to Martin Dorey for reporting this issue and sending a patch. |
| |
| Socat 1.7.4.2 did not compile on OmniOS (and probably other OpenSolaris |
| distributions) |
| Thanks to Andy Fiddaman for sending a patch. |
| |
| Socat since 1.7.4.0 did not compile on Solaris and its derivatives |
| because the getprotobynumber_r() function prototype differ from the |
| Linux version. |
| configure now checks for the variant. |
| Thanks to Robert Zybeck for reporting this issue. |
| |
| The variable for the no-sni option was not initialized and could thus |
| break OpenSSL certificate verification. E.g., test OPENSSL_SNI on some |
| platform succeeded with -g but failed with -O compiler option. |
| Thanks to valgrind for quickly finding the cause. |
| |
| Porting: |
| Again porting Socat to AIX (7.1) - Fixed configure and compile issues: |
| Adapted include requirements for IPv6 |
| Guarded MSG_DONTWAIT |
| |
| Continued porting Socat to AIX-7.1 - Fixed some runtime errors: |
| UNIX domain sockets of type SEQPACKET are not available. |
| Connecting to UNIX datagram socket fails with EPROTONOSUPPORT (vs. |
| EPROTOTYPE on most other OSes). |
| Streams: Must not push ldterm when it is already active (hangs). |
| |
| Building: |
| Socats build date and time may now be set externally with environment |
| variable SOURCE_DATE_EPOCH. |
| Thanks to Viktor Kleinik for sending a patch. |
| |
| Building Socat in a sub directory failed. |
| Now the following works even for the docu parts: |
| mkdir -p myos; cd myos; ../configure && make; cd .. |
| Thanks to Jon Ringle for sending a patch. |
| |
| Testing: |
| test.sh: many corrections for AIX's older shell utilities, e.g.sleep(1) |
| does not allow fractions of seconds, grep does not understand '\<'; |
| OpenIndiana/SunOS netstat format; |
| many more functional and cosmetic code corrections. |
| |
| Documentation: |
| The socktype option was documented unspecifically as type option. |
| Thanks to Jonas Metzger for the hint. |
| |
| ####################### V 1.7.4.2: |
| |
| Corrections: |
| The per address parameters for OpenSSL overlapped in memory with socket |
| parameters. Magically this did not seem to cause problems except on |
| MacOS Catalina that reported errors like: |
| socat[3458] E Select(7, &0x80, NULL, NULL, {140392884396544.000000}): |
| Invalid argument |
| Test: OPENSSL_PARA_OVERLAP |
| Thanks to Ryo Ota for reporting this bug. |
| |
| Fixed a few minor coding issues |
| |
| A VSOCK warning message was generated with all listening addresses |
| instead of only with VSOCK-LISTEN |
| |
| When an OPENSSL-CONNECT client presented a certificate with IPv6 |
| subject alternate name and the OPENSSL-LISTEN server had no commonname |
| option, the server crashed with SIGSEGV in xioip6_pton(). |
| Test: OPENSSL_CLIENT_IP6_CN |
| Red Hat bug 1981308 |
| Thanks to Vlad Slepukhin for reporting this issue and providing a patch |
| |
| Corrected a typo in configure.ac that broke option --enable-openssl-base |
| Thanks to john1doe for reporting this issue. |
| |
| Socat looped endlessly, not responding to SIGTERM, when a service name |
| (for port) could not be resolved. |
| Test: BAD_SERVICE |
| |
| Using options of NAMED group, e.g.chown, with abstract UNIX domain |
| sockets, produced errors because the function was applied with a normal |
| file system related call, e.g.chown(), using file "" (empty name). Instead of |
| chown(), Socat now uses fchown() on the file descriptor. However, such |
| a call usually has no real effect. |
| Test: ABSTRACT_USER |
| Thanks to Andreas Fink for reporting this issue. |
| |
| Option -R did not only dump ("sniff") right-to-left, but also |
| left-to-right traffic to the given file. |
| Test: SNIFF_RIGHT_TO_LEFT |
| Thanks to 1314 gsf for reporting this bug and sending a patch. |
| |
| Options -r and -R, when opening a named pipe that has no actual reader, |
| failed with "No such device or address". To solve this problem, Socat |
| now opens the pipe in rw-Mode. |
| Thanks to Cody J.Soultz for sending a patch. |
| |
| The call "socat -r - PIPE" traced to file ./- instead of issuing a |
| syntax error. |
| |
| Print a message when readbytes option causes EOF |
| |
| The ip-recverr option had no effect. Corrected and improved its |
| handling of ancilliary messages, so it is able to analyze ICMP error |
| packets (Linux only?) |
| |
| Setgui(), Setuid() calls in xio-progcall.c were useless. |
| |
| Testing: |
| Prevent the TIMESTAMP tests from sporadically failing due do seconds |
| overflow |
| |
| Fixed in test.sh a few issues reported by shellcheck |
| |
| Documentation: |
| Added missing docu of OpenSSL options min-proto-version, |
| max-proto-version. |
| |
| Added missing closing parenthesis in socat.yo. |
| Thanks to Emanuele Torre for reporting this issue. |
| |
| Corrected more typos and added missing bug info to CHANGES, performed |
| some non functional corrections. |
| |
| Porting: |
| Corrected building when clock_gettime() not available, with or without |
| gettimeofday(). |
| |
| ####################### V 1.7.4.1: |
| |
| Corrections: |
| Socat 1.7.4.0 failed to compile especially on 32 bit systems. |
| Thanks to Wang Mingyu and others for sending a patch or reporting this |
| issue. |
| |
| Under certain conditions OpenSSL stream connections, in particular bulk |
| data transfer in unidirectional mode, failed during transfer or near |
| its with Connection reset by peer on receiver side. |
| This happened with Socat versions 1.7.3.3 to 1.7.4.0. Reasons were |
| lazy SSL shutdown handling on the sender side in combination with |
| SSL_MODE_AUTO_RETRY turned off. |
| Fix: After SSH_shutdown but before socket shutdown call SSL_read() |
| Test: OPENSSL_STREAM_TO_SERVER |
| Fixes Red Hat issue 1870279. |
| |
| ####################### V 1.7.4.0: |
| |
| Security: |
| Buffer size option (-b) is internally doubled for CR-CRLF conversion, |
| but not checked for integer overflow. This could lead to heap based |
| buffer overflow, assuming the attacker could provide this parameter. |
| Test: BLKSIZE_INT_OVERFL |
| Thanks to Lê Hiếu Bùi for reporting this issue and sending an |
| example exploit. |
| |
| Corrections: |
| Socats address parser read over end of string when there were unbalanced |
| quotes |
| Test: UNBALANCED_QUOTE |
| |
| Removed unused usleep() call from sycls.c |
| |
| Unsetenv() was conditional in sysutils.c but not in xio-openssl.c thus |
| building failed on Solaris 9. |
| Thanks to Greg Earle for reporting this issue and providing a patch. |
| |
| Mitigated race condition of quickly terminating SYSTEM or EXEC child |
| processes. |
| |
| Option o-direct might require alignment of read/write buffer to, e.g., |
| 512 bytes, Socat now takes care of this when allocating the buffer. |
| With this fix read() succeeds, however, write() still might fail when |
| not writing complete pages. |
| Test: O_DIRECT |
| |
| There was a race condition in the way Socat UDP-RECVFROM and similar |
| addresses with option fork prevents one packet from triggering |
| multiple processes. The symptom was that Socat master process seemed to |
| hang and did not process further packets. The fix makes use of |
| pselect() system call. |
| Thanks to Fulvio Scapin for reporting this issue. |
| |
| UNIX domain client addresses applied file system entry options (group |
| NAMED) to the server socket instead of the client (bind) socket entry. |
| Tests: UNIX_SENDTO_UNLINK UNIX_CONNECT_UNLINK |
| Thanks to Nico Williams for reporting this major issue. |
| |
| Length of single address options was limited to 511 bytes. This value |
| is now increased to 2047 bytes. |
| Change suggested by Mario Camou. |
| |
| Addresses of type RECVFROM with option fork looped with an error |
| message in case that the second address failed before consuming the |
| packet. The fix makes RECVFROM drop the packet when the second address |
| failed before reading it. Use retry or forever option with the second |
| address if you want to avoid data loss. |
| Fixes Red Hat bug 1907718 |
| Thanks to Chunmei Xu for reporting this issue and proving the patch. |
| |
| Socats DTLS implementation has been reworked and appears to work now |
| reasonably over UDP. |
| New addresses: OPENSSL-DTLS-SERVER (DTLS-L), |
| OPENSSL-DTLS-CLIENT (DTLS) |
| Tests: OPENSSL_DTLS_CLIENT OPENSSL_DTLS_SERVER |
| OPENSSL_METHOD_DTLS1 OPENSSL_METHOD_DTLS1.2 |
| Thanks to Brandon Carpenter, Qing Wan, and Pavel Nakonechnyi for |
| sending patches. |
| |
| filan did not output the socket protocol. |
| filan -s assumed each stream socket to be TCP and each datagram socket |
| to be UDP. Now it uses SO_PROTOCOL and getprotoent() for correct output. |
| |
| Help text showed two parameters for UDP4-RECVFROM address, but only |
| <port> is allowed. |
| Thanks to John the Scott for reporting this issue. |
| |
| Error messages from SSL_read() and SSL_write() sometimes stated |
| SSL_connect instead of originating function name. |
| |
| Fixed some more non functional minor issues. |
| |
| Porting: |
| In gcc version 10 the default changed from -fcommon to -fno-common. |
| Consequently, linking filan and procan failed with error |
| "multiple definition of `deny_severity'" and `allow_severity' |
| Fixed by removing definitions in filan.c and procan.c |
| Debian issue 957823 |
| Thanks to László Böszörményi and others for reporting this issue. |
| |
| Solaris 9 does not provide strndup(); added substitute code. |
| Thanks to Greg Earle for providing a patch. |
| |
| Added configure option --enable-openssl-base to specify the location of |
| a non-OS OpenSSL installation |
| |
| There are systems whose kernel understands SCTP but getaddrinfo does |
| not. As workaround after EIA_SOCKTYPE on name and service resolution |
| fall back to ai_socktype=0; if it fails with EAI_SERVICE, set |
| ai_protocol=0 and try again |
| Test: SCTP_SERVICENAME |
| |
| Per file filesystem options were still named ext2-* and depended on |
| <linux/ext2_fs.h>. Now they are called fs-* and depend on <linux/fs.h>. |
| These fs-* options are also available on old systems with ext2_fs.h |
| |
| New options openssl-min-proto-version (min-version) and |
| openssl-max-proto-version (max-version) give access to the related |
| OpenSSL set-macros and substitute deprecated version-specific methods. |
| Test: OPENSSL_MIN_VERSION |
| |
| With OpenSSL use OPENSSL_init_SSL when available, instead of deprecated |
| SSL_library_init. |
| |
| With OPENSSL_API_COMPAT=0x10000000L the files openssl/dh.h, openssl/bn.h |
| must explicitely be included. |
| Thanks to Rosen Penev for reporting and sending a patch. |
| |
| Testing: |
| test.sh now produces a list of tests that could not be performed for |
| any reason. This helps to analyse these cases. |
| |
| OpenSSL s_server appearently started to neglect TCPs half close feature. |
| Test OPENSSL_TCP4 has been changed to tolerate this. |
| |
| OpenSSL changed its behaviour when connection is rejected. Tests |
| OPENSSLCERTSERVER, OPENSSL_CN_CLIENT_SECURITY, and |
| OPENSSL_CN_SERVER_SECURITY now tolerate this. |
| |
| OpenSSL no longer allows explicit renegotiation with TLSv1.3, thus the |
| appropriate tests failed. |
| Fix: use TLSv1.2 for renegotiation tests |
| Tests: OPENSSLRENEG1 OPENSSLRENEG2 |
| |
| Ubuntu 20.04 requires 2048 bit certificates with OpenSSL |
| |
| Archlinux 2020 has not which command; its ip,ss commands have modified |
| version strings |
| |
| More testing issues solved: |
| * ss to pipe might omit column separator |
| * UDP6MULTICAST_UNIDIR fails on newer Linux kernels |
| * do not use sort -V |
| * renamed testaddrs() to testfeats(), and introduced new testaddrs() |
| |
| New features: |
| GOPEN and UNIX-CLIENT addresses now support sockets of type SEQPACKET. |
| Test: GOPENUNIXSEQPACKET |
| Feature suggested by vi0oss. |
| |
| The generic setsockopt-int and related options are, in case of |
| listening/accepting addresses, applied to the connected socket(s). To enable |
| setting options on the listening socket, a new option setsockopt-listen |
| has been implemented. See the documentation for info on data types. |
| Tests: SETSOCKOPT SETSOCKOPT_LISTEN |
| Thanks to Steven Danna and Korian Edeline for reporting this issue. |
| |
| Filan option -S gives short description like -s but with improved |
| format |
| |
| Socat OpenSSL client, when server was specified using IP address, did |
| not verify connection on certificates SubjectAltName IP entries. |
| Tests: OPENSSL_SERVERALTAUTH OPENSSL_SERVERALTIP4AUTH OPENSSL_SERVERALTIP6AUTH |
| Fixes Red Hat bug 1805132 |
| |
| Added options -r and -R for raw dump of transferred data to files. |
| Test: OPTION_RAW_DUMP |
| |
| Added option ip-transparent (socket option IP_TRANSPARENT) |
| Thanks to Wang Shanker for sending a patch. |
| |
| OPENSSL-CONNECT now automatically uses the SNI feature, option |
| openssl-no-sni turns it off. Option openssl-snihost overrides the value |
| of option openssl-commonname or the server name. |
| Tests: OPENSSL_SNI OPENSSL_NO_SNI |
| Thanks to Travis Burtrum for providing the initial patch |
| |
| New option accept-timeout (listen-timeout) |
| Test: ACCEPTTIMEOUT |
| Proposed by Roland |
| |
| New option ip-add-source-membership |
| Feature inspired by Brian (b f31415) |
| |
| INCOMPATIBLE CHANGE: Address UDP-DATAGRAM now does not check peerport |
| of replies, as it did up to version 1.7.3.4. Use option sourceport when |
| you need the old behaviour. |
| Test: UDP_DATAGRAM_SOURCEPORT |
| Feature inspired by Hans Bueckler for SSDP inquiry (for UPnP) |
| |
| New option proxy-authorization-file reads PROXY-CONNECT credentials |
| from file and makes it possible to hide this data from the process |
| table. |
| Test: PROXYAUTHFILE |
| Thanks to Charles Stephens for sending an initial patch. |
| |
| Added AF_VSOCK support with VSOCK-CONNECT and VSOCK-LISTEN addresses. |
| Developed by Stefano Garzarella. |
| |
| Coding: |
| Added printf formats for uint16_t etc. |
| |
| Documentation: |
| Address UDP-RECV does not support option fork. |
| Thanks to Fulvio Scapin for reporting that mistake in docu. |
| |
| TUN address documentation showed TCP for backend which may merge |
| consecutive packets which causes data loss. |
| Thanks to Tomasz Lakota for reporting this issue. |
| |
| ####################### V 1.7.3.4: |
| |
| Corrections: |
| Header of xiotermios_speed() declared parameter unsigned int instead of |
| speed_t, thus compiling failed on MacOS |
| Thanks to Joe Strout and others for reporting this bug. |
| Thanks to Andrew Childs and others for sending a patch. |
| |
| Under certain circumstances, termios options of the first address were |
| applied to the second address, resulting in error |
| "Inappropriate ioctl for device" |
| This affected version 1.7.3.3 only. |
| Test: TERMIOS_PH_ALL |
| Thanks to Ivan J. for reporting this issue. |
| |
| Socat failed to compile when no poll() system call was found by |
| configure. |
| Thanks to Jason White for sending a patch. |
| |
| Due to use of SSL_CTX_clear_mode() Socat failed to compile on old |
| systems with, e.g., OpenSSL-0.9.8. Thanks to Simon Matter and Moritz B. |
| for reporting this problem and sending initial patches. |
| |
| getaddrinfo() in IP4-SENDTO and IP6-SENDTO addresses failed with |
| "ai_socktype not supported" when protocol 6 was addressed. |
| The fix removes the possibility to use service names with SCTP. |
| Test: IP_SENDTO_6 |
| Thanks to Sören for sending an initial patch. |
| |
| Under certain circumstances, Socat printed the "socket ... is at EOF" |
| multiple times. |
| Test: MULTIPLE_EOF |
| |
| Newer parts of test.sh used substitutions ${x,,*} or ${x^^*} that are |
| not implemented in older bash versions. |
| |
| ####################### V 1.7.3.3: |
| |
| Corrections: |
| Makefile.in did not specify dependencies of filan on vsnprintf_r.o |
| and snprinterr.o |
| Added definition of FILAN_OBJS |
| Thanks to Craig Leres, Clayton Shotwell, and Chris Packham for |
| providing patches. |
| |
| configure option --enable-msglevel did not work with numbers |
| |
| The autoconf mechanism for determining SHIFT_OFFSET did not work when |
| cross compiling. |
| Thanks to Max Freisinger from Gentoo for sending a patch. |
| |
| Socat still depended on obsolete gethostbyname() function, thus |
| compiling with MUSL libc failed. |
| Problem reported by Kennedy33. |
| |
| The async signal safe diagnostic system used FDs 3 and 4 internally, so |
| use of appropriate fdin or fdout led to failures. |
| Test: DIAG_FDIN |
| Problem reported by Onur Sentürk. |
| |
| The socket based mechanism for passing messages and signal information |
| from signal handler to process could reach and kill the wrong process. |
| Introduces functions diag_sock_pair(), diag_fork() |
| Thanks to Darren Zhao for analysing and reporting this problem. |
| |
| Option ipv6-join-group did not work because it was applied in the wrong |
| phase |
| Test: UDP6MULTICAST_UNIDIR |
| Thanks to Angus Gratton for sending a patch. |
| |
| Setting ispeed and ospeed failed for some serial devices because the |
| two settings were applied with two different get/set cycles, Thanks to |
| Alexandre Fenyo for providing an initial patch. |
| However, the actual fix is part of a conceptual change of the termios |
| module that aims for applying all changes in a single tcsetattr call. |
| Fixes FreeBSD Bug 198441 |
| |
| Termios options TAB0,TAB1,TAB2,TAB3, and XTABS did not have an effect. |
| Thanks to Alan Walters for reporting this bug. |
| |
| Substituted cumbersom ISPEED_OFFSET mechanism for cfsetispeed() calls |
| |
| With TCP6-LISTEN and the other passive IPv6 addresses the range option |
| just failed: due to a bug in the syntax parser and two more bugs in |
| the xiocheckrange_ip6() function. |
| The syntax has now been changed from "[::1/128]" to "[::1]/128"! |
| Thanks Leah Neukirchen for sending an initial fix. |
| |
| For name resolution Socat only checked the first character of the host |
| name to decide if it is an IPv4 address. This was not RFC conform. This |
| fix removes the possibility for use of IPv4 addresses with IPv6, e.g. |
| TCP6:127.0.0.1:80 |
| Debian issue 695885 |
| Thanks to Nicolas Fournil for reporting this issue. |
| |
| Print a useful error message when single character options appear to be |
| merged in Socat invocation |
| Test: SOCAT_OPT_HINT |
| |
| Fixed some docu typos. |
| Thanks to Travis Wellman, Thomas <tjps636>, Dan Kenigsberg, |
| Julian Zinn, and Simon Matter |
| |
| Porting: |
| OpenSSL functions TLS1_client_method() and similar are |
| deprecated. Socat now uses recommended TLS_client_method(). The old |
| functions and dependend option openssl-method can still be |
| used when configuring socat with --enable-openssl-method |
| |
| Shell scripts in socat distribution are now headed with: |
| #! /usr/bin/env bash |
| to make them better portable to systems without /bin/bash |
| Thanks to Maya Rashish for sending a patch |
| |
| RES_AAONLY, RES_PRIMARY are deprecated. You can still enable them with |
| configure option --enable-res-deprecated. |
| |
| New versions of OpenSSL preset SSL_MODE_AUTO_RETRY which may hang socat. |
| Solution: clear SSL_MODE_AUTO_RETRY when it is set. |
| |
| Renamed configure.in to configure.ac and set an appropriate symlink for |
| older environments. |
| Related Gentoo bug 426262: Warning on configure.in |
| Thanks to Francesco Turco for reporting that warning. |
| |
| Fixed new IPv6 range code for platforms without s6_addr32 component. |
| |
| Testing: |
| test.sh: Show a warning when phase-1 (insecure phase) of a security |
| test fails |
| |
| OpenSSL tests failed on actual Linux distributions. Measures: |
| Increased key lengths from 768 to 1024 bits |
| Added test.sh option -C to delete temp certs from prevsious runs |
| Provide DH-parameter in certificate in PEM |
| OpenSSL s_server option -verify 0 must be omitted |
| OpenSSL authentication method aNULL no longer works |
| Failure of cipher aNULL is not a failure |
| Failure of methods SSL3 and SSL23 is desired |
| |
| test.sh depended on ifconfig and netstat utilities which are no longer |
| availabie in some distributions. test.sh now checks for and prefers |
| ip and ss. |
| Thanks to Ruediger Meier for reporting this problem. |
| |
| More corrections to test.sh: |
| Language settings could still influence test results |
| netstat was still required |
| Suppress usleep deprecated messag |
| Force use of IPv4 with some certificates |
| Set timeout for UDPxMAXCHILDREN tests |
| |
| Git: |
| Added missing Config/Makefile.DragonFly-2-8-2, |
| Config/config.DragonFly-2-8-2.h |
| Removed testcert.conf (to be generated by test.sh) |
| |
| Cosmetics: |
| Simplified handling of missing termios defines. |
| |
| New features: |
| Permit combined -d options as -dd etc. |
| |
| porting: |
| ext2 options are now fs options. |
| |
| ####################### V 1.7.3.2: |
| |
| corrections: |
| SIGSEGV and other signals could lead to a 100% CPU loop |
| |
| Failing name resolution could lead to SIGSEGV |
| Thanks to Max for reporting this issue. |
| |
| Include <stddef.h> for ptrdiff_t |
| Thanks to Jeroen Roovers for reporting this issue. |
| |
| Building with --disable-sycls failed due to missing sslcls.h defines |
| |
| Socat hung when configured with --disable-sycls. |
| |
| Some minor corrections with includes etc. |
| |
| Option so-reuseport did not work. Thanks to Some Raghavendra Prabhu |
| for sending a patch. |
| |
| Programs invoked with EXEC, nofork, and -u or -U had stdin and stdout |
| incorrectly assigned |
| Test: EXEC_NOFORK_UNIDIR |
| Thanks to David Reiss for reporting this problem. |
| |
| Socat exited with status 0 even when a program invoked with SYSTEM or |
| EXEC failed. |
| Tests: SYSTEM_RC EXEC_RC |
| Issue reported by Felix Winkelmann. |
| |
| AddressSanitizer reported a few buffer overflows (false positives). |
| Nevertheless fixed Socat source. |
| Issue reported by Hanno Böck. |
| |
| Socat did not use option ipv6-join-group. |
| Test: USE_IPV6_JOIN_GROUP |
| Thanks to Linus Lüssing for sending a patch. |
| |
| UDP-LISTEN did not honor the max-children option. |
| Test: UDP4MAXCHILDREN UDP6MAXCHILDREN |
| Thanks to Leander Berwers for reporting this issue. |
| |
| Options so-rcvtimeo and so-sndtimeo do not work with poll()/select() |
| and therefore were useless. |
| Thanks to Steve Borenstein for reporting this issue. |
| |
| Option dhparam was documented as dhparams. Added the alias name |
| dhparams to fix this. |
| Thanks to Alexander Neumann for sending a patch. |
| |
| Options shut-down and shut-close did not work. |
| Thanks to Stefan Schimanski for providing a patch. |
| |
| There was a bug in printing readline log message caused by a misleading |
| indentation. |
| Thanks to Paul Wouters for reporting. |
| |
| The internal vsnprintf_r function looped or crashed on size parameter |
| with hexadecimal output. |
| |
| Ignore exit code of child process when it was killed by master due to |
| EOF |
| |
| Corrected byte order on read of IPV6_TCLASS value from ancillary |
| message |
| |
| Fixed type of the bool element in options. This had bug caused failures |
| e.g. of ignoreeof on big-endian systems when bool was not based on int. |
| |
| On systems with predefined bool type whose size differs from int some |
| IPv6 and TCP options (per setsockopt()) failed. |
| |
| Length of integral data in ancillary messages varies (TOS: 1 byte, |
| TTL: 4 bytes), the old implementation failed for TTL on big-endian |
| hosts. |
| |
| Fixed an issue in options processing: TUN and DNS flags had failed on |
| big-endian systems and the NO- forms had probable never worked. |
| |
| porting: |
| Type conflict between int and sig_atomic_t between declaration and |
| definition of diag_immediate_type and diag_immediate_exit broke |
| compilation on FreeBSD 10.1 with clang. Thanks to Emanuel Haupt for |
| reporting this bug. |
| |
| Socat failed to compile on platforms with OpenSSL without |
| DTLSv1_client_method or DTLSv1_server_method. |
| Thanks to Simon Matter for sending a patch. |
| |
| NuttX OS headers do not provide struct ip, thus socat did not compile. |
| Made struct ip subject to configure. |
| Thanks to SP for reporting this issue. |
| |
| Socat failed to compile with OpenSSL version 1.0.2d where |
| SSLv3_server_method and SSLv3_client_method are no longer defined. |
| Thanks to Mischa ter Smitten for reporting this issue and providing |
| a patch. |
| |
| configure checked for OpenSSL EC_KEY assuming it is a define but it |
| is a type, thus OpenSSL ECDHE ciphers failed even on Linux. |
| Thanks to Andrey Arapov for reporting this bug. |
| |
| Changes to make socat compile with OpenSSL 1.1. |
| Thanks to Sebastian Andrzej Siewior e.a. from the Debian team for |
| providing the base patch. |
| Debian Bug#828550 |
| |
| Make Socat compatible with BoringSSL. |
| Thanks to Matt Braithwaite for providing a patch. |
| |
| OpenSSL: Use RAND_status to determine PRNG state |
| Thanks to Adam Langley for providing a patch |
| |
| AIX-7 uses an extended O_ACCMODE that does not fit socat's internal |
| requirements. Thanks to Garrick Trowsdale for providing a patch |
| |
| LibreSSL support: check for OPENSSL_NO_COMP |
| Thanks to Bernard Spil for providing a patch |
| |
| testing: |
| socks4echo.sh and socks4a-echo.sh hung with new bash with read -n |
| |
| test.sh: stderr; option -v (verbose); FDOUT_ERROR description |
| |
| improved proxy.sh - it now also takes hostnames |
| |
| A few corrections in test.sh |
| |
| DTLS1 test hangs on some distributions. Test is now only performed |
| with OpenSSL 1.0.2 or higher. |
| |
| More corrections to test.sh that reveal a mistake with IPV6_TCLASS |
| |
| docu: |
| Corrected source of socat man page to correctly show man references |
| like socket(2); removed obseolete entries from See Also |
| |
| Docu and some comments mentioned addresses SSL-LISTEN and SSL-CONNECT |
| that do not exist (OPENSSL-LISTEN, SSL-L; and OPENNSSL-CONNECT, SSL |
| are correct). |
| Thanks to Zhigang Wang for reporting this issue. |
| |
| Fixed a couple of English spelling and grammar mistakes. |
| Thanks to Jakub Wild for sending the patches. |
| |
| NOEXPAND() was not resolved 2 times. |
| |
| More minor docu corrections |
| |
| legal: |
| Added contributors to copyright notices. Suggested by Matt Braithwaite. |
| |
| ####################### V 1.7.3.1: |
| |
| security: |
| Socat security advisory 8 |
| A stack overflow in vulnerability was found that can be triggered when |
| command line arguments (complete address specifications, host names, |
| file names) are longer than 512 bytes. |
| Successful exploitation might allow an attacker to execute arbitrary |
| code with the privileges of the socat process. |
| This vulnerability can only be exploited when an attacker is able to |
| inject data into socat's command line. |
| A vulnerable scenario would be a CGI script that reads data from clients |
| and uses (parts of) this data as hostname for a Socat invocation. |
| Test: NESTEDOVFL |
| Credits to Takumi Akiyama for finding and reporting this issue. |
| |
| Socat security advisory 7 |
| MSVR-1499 |
| In the OpenSSL address implementation the hard coded 1024 bit DH p |
| parameter was not prime. The effective cryptographic strength of a key |
| exchange using these parameters was weaker than the one one could get by |
| using a prime p. Moreover, since there is no indication of how these |
| parameters were chosen, the existence of a trapdoor that makes possible |
| for an eavesdropper to recover the shared secret from a key exchange |
| that uses them cannot be ruled out. |
| Futhermore, 1024bit is not considered sufficiently secure. |
| Fix: generated a new 2048bit prime. |
| Thanks to Santiago Zanella-Beguelin and Microsoft Vulnerability |
| Research (MSVR) for finding and reporting this issue. |
| |
| ####################### V 1.7.3.0: |
| |
| security: |
| Socat security advisory 6 |
| CVE-2015-1379: Possible DoS with fork |
| Fixed problems with signal handling caused by use of not async signal |
| safe functions in signal handlers that could freeze socat, allowing |
| denial of service attacks. |
| Many changes in signal handling and the diagnostic messages system were |
| applied to make the code async signal safe but still provide detailled |
| logging from signal handlers: |
| Coded function vsnprintf_r() as async signal safe incomplete substitute |
| of libc vsnprintf() |
| Coded function snprinterr() to replace %m in strings with a system error |
| message |
| Instead of gettimeofday() use clock_gettime() when available |
| Pass Diagnostic messages from signal handler per unix socket to the main |
| program flow |
| Use sigaction() instead of signal() for better control |
| Turn off nested signal handler invocations |
| Thanks to Peter Lobsinger for reporting and explaining this issue. |
| |
| Red Hat issue 1019975: add TLS host name checks |
| OpenSSL client checks if the server certificates names in |
| extensions/subjectAltName/DNS or in subject/commonName match the name |
| used to connect or the value of the openssl-commonname option. |
| Test: OPENSSL_CN_CLIENT_SECURITY |
| |
| OpenSSL server checks if the client certificates names in |
| extensions/subjectAltNames/DNS or subject/commonName match the value of |
| the openssl-commonname option when it is used. |
| Test: OPENSSL_CN_SERVER_SECURITY |
| |
| Red Hat issue 1019964: socat now uses the system certificate store with |
| OPENSSL when neither options cafile nor capath are used |
| |
| Red Hat issue 1019972: needs to specify OpenSSL cipher suites |
| Default cipherlist is now "HIGH:-NULL:-PSK:-aNULL" instead of empty to |
| prevent downgrade attacks |
| |
| new features: |
| OpenSSL addresses set couple of environment variables from values in |
| peer certificate, e.g.: |
| SOCAT_OPENSSL_X509_SUBJECT, SOCAT_OPENSSL_X509_ISSUER, |
| SOCAT_OPENSSL_X509_COMMONNAME, |
| SOCAT_OPENSSL_X509V3_SUBJECTALTNAME_DNS |
| Tests: ENV_OPENSSL_{CLIENT,SERVER}_X509_* |
| |
| Added support for methods TLSv1, TLSv1.1, TLSv1.2, and DTLS1 |
| Tests: OPENSSL_METHOD_* |
| |
| Enabled OpenSSL server side use of ECDHE ciphers. Feature suggested |
| by Andrey Arapov. |
| |
| Added a new option termios-rawer for ptys. |
| Thanks to Christian Vogelgsang for pointing me to this requirement |
| |
| corrections: |
| Bind with ABSTRACT commands used non-abstract namespace (Linux). |
| Test: ABSTRACT_BIND |
| Thanks to Denis Shatov for reporting this bug. |
| |
| Fixed return value of nestlex() |
| |
| Option ignoreeof on the right address hung. |
| Test: IGNOREEOF_REV |
| Thanks to Franz Fasching for reporting this bug. |
| |
| Address SYSTEM, when terminating, shut down its parent addresses, |
| e.g. an SSL connection which the parent assumed to still be active. |
| Test: SYSTEM_SHUTDOWN |
| |
| Passive (listening or receiving) addresses with empty port field bound |
| to a random port instead of terminating with error. |
| Test: TCP4_NOPORT |
| |
| configure with some combination of disable options produced config |
| files that failed to compile due to missing IPPROTO_TCP. |
| Thanks to Thierry Fournier for report and patch. |
| |
| fixed a few minor bugs with OpenSSL in configure and with messages |
| |
| Socat did not work in FIPS mode because 1024 instead of 512 bit DH prime |
| is required. Thanks to Zhigang Wang for reporting and sending a patch. |
| |
| Christophe Leroy provided a patch that fixes memory leaks reported by |
| valgrind |
| |
| Help for filan -L was bad, is now corrected to: |
| "follow symbolic links instead of showing their properties" |
| |
| Address options fdin and fdout were silently ignored when not applicable |
| due to -u or -U option. Now these combinations are caught as errors. |
| Test: FDOUT_ERROR |
| Issue reported by Hendrik. |
| |
| Added option termios-cfmakeraw that calls cfmakeraw() and is preferred |
| over option raw which is now obsolote. On SysV systems this call is |
| simulated by appropriate setting. |
| Thanks to Youfu Zhang for reporting issue with option raw. |
| |
| porting: |
| Socat included <sys/poll.h> instead of POSIX <poll.h> |
| Thanks to John Spencer for reporting this issue. |
| |
| Version 1.7.2.4 changed the check for gcc in configure.ac; this |
| broke cross compiling. The particular check gets reverted. |
| Thanks to Ross Burton and Danomi Manchego for reporting this issue. |
| |
| Debian Bug#764251: Set the build timestamp to a deterministic time: |
| support external BUILD_DATE env var to allow to build reproducable |
| binaries |
| |
| Joachim Fenkes provided an new adapted spec file. |
| |
| Type bool and macros Min and Max are defined by socat which led to |
| compile errors when they were already provided by build framework. |
| Thanks to Liyu Liu for providing a patch. |
| |
| David Arnstein contributed a patch for NetBSD 5.1 including stdbool.h |
| support and appropriate files in Config/ |
| |
| Lauri Tirkkonen contributed a patch regarding netinet/if_ether.h |
| on Illumos |
| |
| Changes for Openindiana: define _XPG4_2, __EXTENSIONS__, |
| _POSIX_PTHREAD_SEMANTICS; and minor changes |
| |
| Red Hat issue 1182005: socat 1.7.2.4 build failure missing |
| linux/errqueue.h |
| Socat failed to compile on on PPC due to new requirements for |
| including <linux/errqueue.h> and a weakness in the conditional code. |
| Thanks to Michel Normand for reporting this issue. |
| |
| doc: |
| In the man page the PTY example was badly formatted. Thanks to |
| J.F.Sebastian for sending a patch. |
| |
| Added missing CVE ids to security issues in CHANGES |
| |
| testing: |
| Do not distribute testcert.conf with socat source but generate it |
| (and new testcert6.conf) during test.sh run. |
| |
| ####################### V 1.7.2.4: |
| |
| corrections: |
| LISTEN based addresses applied some address options, e.g. so-keepalive, |
| to the listening file descriptor instead of the connected file |
| descriptor |
| Thanks to Ulises Alonso for reporting this bug |
| |
| make failed after configure with non gcc compiler due to missing |
| include. Thanks to Horacio Mijail for reporting this problem |
| |
| configure checked for --disable-rawsocket but printed |
| --disable-genericsocket in the help text. Thanks to Ben Gardiner for |
| reporting and patching this bug |
| |
| In xioshutdown() a wrong branch was chosen after RECVFROM type addresses. |
| Probably no impact. |
| Thanks to David Binderman for reporting this issue. |
| |
| procan could not cleanly format ulimit values longer than 16 decimal |
| digits. Thanks to Frank Dana for providing a patch that increases field |
| width to 24 digits. |
| |
| OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with |
| "Invalid argument" |
| Thanks to Emile den Tex for reporting this bug. |
| |
| Changed some variable definitions to make gcc -O2 aliasing checker happy |
| Thanks to Ilya Gordeev for reporting these warnings |
| |
| On big endian platforms with type long >32bit the range option applied a |
| bad base address. Thanks to hejia hejia for reporting and fixing this bug. |
| |
| Red Hat issue 1022070: missing length check in xiolog_ancillary_socket() |
| |
| Red Hat issue 1022063: out-of-range shifts on net mask bits |
| |
| Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4() |
| |
| Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy() |
| uses |
| |
| Red Hat issue 1021958: fixed a bug with faulty buffer/data length |
| calculation in xio-ascii.c:_xiodump() |
| |
| Red Hat issue 1021972: fixed a missing NUL termination in return string |
| of sysutils.c:sockaddr_info() for the AF_UNIX case |
| |
| fixed some typos and minor issues, including: |
| Red Hat issue 1021967: formatting error in manual page |
| |
| UNIX-LISTEN with fork option did not remove the socket file system entry |
| when exiting. Other file system based passive address types had similar |
| issues or failed to apply options umask, user e.a. |
| Thanks to Lorenzo Monti for pointing me to this issue |
| |
| porting: |
| Red Hat issue 1020203: configure checks fail with some compilers. |
| Use case: clang |
| |
| Performed changes for Fedora release 19 |
| |
| Adapted, improved test.sh script |
| |
| Red Hat issue 1021429: getgroupent fails with large number of groups; |
| use getgrouplist() when available instead of sequence of calls to |
| getgrent() |
| |
| Red Hat issue 1021948: snprintf API change; |
| Implemented xio_snprintf() function as wrapper that tries to emulate C99 |
| behaviour on old glibc systems, and adapted all affected calls |
| appropriately |
| |
| Mike Frysinger provided a patch that supports long long for time_t, |
| socklen_t and a few other libc types. |
| |
| Artem Mygaiev extended Cedril Priscals Android build script with pty code |
| |
| The check for fips.h required stddef.h |
| Thanks to Matt Hilt for reporting this issue and sending a patch |
| |
| Check for linux/errqueue.h failed on some systems due to lack of |
| linux/types.h inclusion. Thanks to Michael Vastola for sending a patch. |
| |
| autoconf now prefers configure.ac over configure.in |
| Thanks to Michael Vastola for sending a patch. |
| |
| type of struct cmsghdr.cmsg is system dependend, determine it with |
| configure; some more print format corrections |
| |
| docu: |
| libwrap always logs to syslog |
| |
| added actual text version of GPLv2 |
| |
| ####################### V 1.7.2.3: |
| |
| security: |
| Socat security advisory 5 |
| CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer |
| overflow with data from command line (see socat-secadv5.txt) |
| Credits to Florian Weimer of the Red Hat Product Security Team |
| |
| ####################### V 1.7.2.2: |
| |
| security: |
| Socat security advisory 4 |
| CVE-2013-3571: |
| after refusing a client connection due to bad source address or source |
| port socat shutdown() the socket but did not close() it, resulting in |
| a file descriptor leak in the listening process, visible with lsof and |
| possibly resulting in EMFILE Too many open files. This issue could be |
| misused for a denial of service attack. |
| Full credits to Catalin Mitrofan for finding and reporting this issue. |
| |
| ####################### V 1.7.2.1: |
| |
| security: |
| Socat security advisory 3 |
| CVE-2012-0219: |
| fixed a possible heap buffer overflow in the readline address. This bug |
| could be exploited when all of the following conditions were met: |
| 1) one of the addresses is READLINE without the noprompt and without the |
| prompt options. |
| 2) the other (almost arbitrary address) reads malicious data (which is |
| then transferred by socat to READLINE). |
| Workaround: when using the READLINE address apply option prompt or |
| noprompt. |
| Full credits to Johan Thillemann for finding and reporting this issue. |
| |
| ####################### V 1.7.2.0: |
| |
| corrections: |
| when UNIX-LISTEN was applied to an existing file it failed as expected |
| but removed the file. Thanks to Bjoern Bosselmann for reporting this |
| problem |
| |
| fixed a bug where socat might crash when connecting to a unix domain |
| socket using address GOPEN. Thanks to Martin Forssen for bug report and |
| patch. |
| |
| UDP-LISTEN would alway set SO_REUSEADDR even without fork option and |
| when user set it to 0. Thanks to Michal Svoboda for reporting this bug. |
| |
| UNIX-CONNECT did not support half-close. Thanks to Greg Hughes who |
| pointed me to that bug |
| |
| TCP-CONNECT with option nonblock reported successful connect even when |
| it was still pending |
| |
| address option ioctl-intp failed with "unimplemented type 26". Thanks |
| to Jeremy W. Sherman for reporting and fixing that bug |
| |
| socat option -x did not print packet direction, timestamp etc; thanks |
| to Anthony Sharobaiko for sending a patch |
| |
| address PTY does not take any parameters but did not report an error |
| when some were given |
| |
| Marcus Meissner provided a patch that fixes invalid output and possible |
| process crash when socat prints info about an unnamed unix domain |
| socket |
| |
| Michal Soltys reported the following problem and provided an initial |
| patch: when socat was interrupted, e.g. by SIGSTOP, and resumed during |
| data transfer only parts of the data might have been written. |
| |
| Option o-nonblock in combination with large transfer block sizes |
| may result in partial writes and/or EAGAIN errors that were not handled |
| properly but resulted in data loss or process termination. |
| |
| Fixed a bug that could freeze socat when during assembly of a log |
| message a signal was handled that also printed a log message. socat |
| development had been aware that localtime() is not thread safe but had |
| only expected broken messages, not corrupted stack (glibc 2.11.1, |
| Ubuntu 10.4) |
| |
| an internal store for child pids was susceptible to pid reuse which |
| could lead to sporadic data loss when both fork option and exec address |
| were used. Thanks to Tetsuya Sodo for reporting this problem and |
| sending a patch |
| |
| OpenSSL server failed with "no shared cipher" when using cipher aNULL. |
| Fixed by providing temporary DH parameters. Thanks to Philip Rowlands |
| for drawing my attention to this issue. |
| |
| UDP-LISTEN slept 1s after accepting a connection. This is not required. |
| Thanks to Peter Valdemar Morch for reporting this issue |
| |
| fixed a bug that could lead to error or socat crash after a client |
| connection with option retry had been established |
| |
| fixed configure.in bug on net/if.h check that caused IF_NAMESIZE to be |
| undefined |
| |
| improved dev_t print format definition |
| |
| porting: |
| Cedril Priscal ported socat to Android (using Googles cross compiler). |
| The port includes the socat_buildscript_for_android.sh script |
| |
| added check for component ipi_spec_dst in struct in_pktinfo so |
| compilation does not fail on Cygwin (thanks to Peter Wagemans for |
| reporting this problem) |
| |
| build failed on RHEL6 due to presence of fips.h; configure now checks |
| for fipsld too. Thanks to Andreas Gruenbacher for reporting this |
| problem |
| |
| check for netinet6/in6.h only when IPv6 is available and enabled |
| |
| don't fail to compile when the following defines are missing: |
| IPV6_PKTINFO IPV6_RTHDR IPV6_DSTOPTS IPV6_HOPOPTS IPV6_HOPLIMIT |
| Thanks to Jerry Jacobs for reporting this problem (Mac OS X Lion 10.7) |
| |
| check if define __APPLE_USE_RFC_2292 helps to enable IPV6_* (MacOSX |
| Lion 7.1); thanks to Jerry Jacobs to reporting this problem and |
| proposing a solution |
| |
| fixed compiler warnings on Mac OS X 64bit. Thanks to Guy Harris for |
| providing the patch. |
| |
| corrections for OpenEmbedded, especially termios SHIFT values and |
| ISPEED/OSPEED. Thanks to John Faith for providing the patch |
| |
| minor corrections to docu and test.sh resulting from local compilation |
| on Openmoko SHR |
| |
| fixed sa_family_t compile error on DragonFly. Thanks to Tony Young for |
| reporting this issue and sending a patch. |
| |
| Ubuntu Oneiric: OpenSSL no longer provides SSLv2 functions; libutil.sh |
| is now bsd/libutil.h; compiler warns on vars that is only written to |
| |
| new features: |
| added option max-children that limits the number of concurrent child |
| processes. Thanks to Sam Liddicott for providing the patch. |
| |
| Till Maas added support for tun/tap addresses without IP address |
| |
| added an option openssl-compress that allows to disable the compression |
| feature of newer OpenSSL versions. Thanks to Michael Hanselmann for |
| providing this contribution (sponsored by Google Inc.) |
| |
| docu: |
| minor corrections in docu (thanks to Paggas) |
| |
| client process -> child process |
| |
| ####################### V 1.7.1.3: |
| |
| security: |
| Socat security advisory 2 |
| CVE-2010-2799: |
| fixed a stack overflow vulnerability that occurred when command |
| line arguments (whole addresses, host names, file names) were longer |
| than 512 bytes. |
| Note that this could only be exploited when an attacker was able to |
| inject data into socat's command line. |
| Full credits to Felix Gröbert, Google Security Team, for finding and |
| reporting this issue |
| |
| ####################### V 1.7.1.2: |
| |
| corrections: |
| user-late and group-late, when applied to a pty, affected the system |
| device /dev/ptmx instead of the pty (thanks to Matthew Cloke for |
| pointing me to this bug) |
| |
| socats openssl addresses failed with "nonblocking operation did not |
| complete" when the peer performed a renegotiation. Thanks to Benjamin |
| Delpy for reporting this bug. |
| |
| info message during socks connect showed bad port number on little |
| endian systems due to wrong byte order (thanks to Peter M. Galbavy for |
| bug report and patch) |
| |
| Debian bug 531078: socat execs children with SIGCHLD ignored; corrected |
| to default. Thanks to Martin Dorey for reporting this bug. |
| |
| porting: |
| building socat on systems that predefined the CFLAGS environment to |
| contain -Wall failed (esp.RedHat). Thanks to Paul Wouters for reporting |
| this problem and to Simon Matter for providing the patch |
| |
| support for Solaris 8 and Sun Studio support (thanks to Sebastian |
| Kayser for providing the patches) |
| |
| on some 64bit systems a compiler warning "cast from pointer to integer |
| of different size" was issued on some option definitions |
| |
| added struct sockaddr_ll to union sockaddr_union to avoid "strict |
| aliasing" warnings (problem reported by Paul Wouters) |
| |
| docu: |
| minor corrections in docu |
| |
| ####################### V 1.7.1.1: |
| |
| corrections: |
| corrected the "fixed possible SIGSEGV" fix because SIGSEGV still might |
| occur under those conditions. Thanks to Toni Mattila for first |
| reporting this problem. |
| |
| ftruncate64 cut its argument to 32 bits on systems with 32 bit long type |
| |
| socat crashed on systems without setenv() (esp. SunOS up to Solaris 9); |
| thanks to Todd Stansell for reporting this bug |
| |
| with unidirectional EXEC and SYSTEM a close() operation was performed |
| on a random number which could result in hanging e.a. |
| |
| fixed a compile problem caused by size_t/socklen_t mismatch on 64bit |
| systems |
| |
| docu mentioned option so-bindtodev but correct name is so-bindtodevice. |
| Thanks to Jim Zimmerman for reporting. |
| |
| docu changes: |
| added environment variables example to doc/socat-multicast.html |
| |
| ####################### V 1.7.1.0: |
| |
| new features: |
| address options shut-none, shut-down, and shut-close allow to control |
| socat's half close behaviour |
| |
| with address option shut-null socat sends an empty packet to the peer |
| to indicate EOF |
| |
| option null-eof changes the behaviour of sockets that receive an empty |
| packet to see EOF instead of ignoring it |
| |
| introduced option names substuser-early and su-e, currently equivalent |
| to option substuser (thanks to Mike Perry for providing the patch) |
| |
| corrections: |
| fixed some typos and improved some comments |
| |
| ####################### V 1.7.0.1: |
| |
| corrections: |
| fixed possible SIGSEGV in listening addresses when a new connection was |
| reset by peer before the socket addresses could be retrieved. Thanks to |
| Mike Perry for sending a patch. |
| |
| fixed a bug, introduced with version 1.7.0.0, that let client |
| connections with option connect-timeout fail when the connections |
| succeeded. Thanks to Bruno De Fraine for reporting this bug. |
| |
| option end-close "did not apply" to addresses PTY, SOCKET-CONNECT, |
| and most UNIX-* and ABSTRACT-* |
| |
| half close of EXEC and SYSTEM addresses did not work for pipes and |
| sometimes socketpair |
| |
| help displayed for some option a wrong type |
| |
| under some circumstances shutdown was called multiple times for the |
| same fd |
| |
| ####################### V 1.7.0.0: |
| |
| new features: |
| new address types SCTP-CONNECT and SCTP-LISTEN implement SCTP stream |
| mode for IPv4 and IPv6; new address options sctp-maxseg and |
| sctp-nodelay (suggested by David A. Madore; thanks to Jonathan Brannan |
| for providing an initial patch) |
| |
| new address "INTERFACE" for transparent network interface handling |
| (suggested by Stuart Nicholson) |
| |
| added generic socket addresses: SOCKET-CONNECT, SOCKET-LISTEN, |
| SOCKET-SENDTO, SOCKET-RECVFROM, SOCKET-RECV, SOCKET-DATAGRAM allow |
| protocol independent socket handling; all parameters are explicitely |
| specified as numbers or hex data |
| |
| added address options ioctl-void, ioctl-int, ioctl-intp, ioctl-string, |
| ioctl-bin for generic ioctl() calls. |
| |
| added address options setsockopt-int, setsockopt-bin, and |
| setsockopt-string for generic setsockopt() calls |
| |
| option so-type now only affects the socket() and socketpair() calls, |
| not the name resolution. so-type and so-prototype can now be applied to |
| all socket based addresses. |
| |
| new address option "escape" allows to break a socat instance even when |
| raw terminal mode prevents ^C etc. (feature suggested by Guido Trotter) |
| |
| socat sets environment variables SOCAT_VERSION, SOCAT_PID, SOCAT_PPID |
| for use in executed scripts |
| |
| socat sets environment variables SOCAT_SOCKADDR, SOCAT_SOCKPORT, |
| SOCAT_PEERADDR, SOCAT_PEERPORT in LISTEN type addresses (feature |
| suggested by Ed Sawicki) |
| |
| socat receives all ancillary messages with each received packet on |
| datagram related addresses. The messages are logged in raw form with |
| debug level, and broken down with info level. note: each type of |
| ancillary message must be enabled by appropriate address options. |
| |
| socat provides the contents of ancillary messages received on RECVFROM |
| addresses in appropriate environment variables: |
| SOCAT_TIMESTAMP, SOCAT_IP_DSTADDR, SOCAT_IP_IF, SOCAT_IP_LOCADDR, |
| SOCAT_IP_OPTIONS, SOCAT_IP_TOS, SOCAT_IP_TTL, SOCAT_IPV6_DSTADDR, |
| SOCAT_IPV6_HOPLIMIT, SOCAT_IPV6_TCLASS |
| |
| the following address options were added to enable ancillary messages: |
| so-timestamp, ip-pktinfo (not BSD), ip-recvdstaddr (BSD), ip-recverr, |
| ip-recvif (BSD), ip-recvopts, ip-recvtos, ip-recvttl, ipv6-recvdstopts, |
| ipv6-recverr, ipv6-recvhoplimit, ipv6-recvhopopts, ipv6-recvpathmtu, |
| ipv6-recvpktinfo, ipv6-recvrthdr, ipv6-recvtclass |
| |
| new address options ipv6-tclass and ipv6-unicast-hops set the related |
| socket options. |
| |
| STREAMS (UNIX System V STREAMS) can be configured with the new address |
| options i-pop-all and i-push (thanks to Michal Rysavy for providing a |
| patch) |
| |
| corrections: |
| some raw IP and UNIX datagram modes failed on BSD systems |
| |
| when UDP-LISTEN continued to listen after packet dropped by, e.g., |
| range option, the old listen socket would not be closed but a new one |
| created. open sockets could accumulate. |
| |
| there was a bug in ip*-recv with bind option: it did not bind, and |
| with the first received packet an error occurred: |
| socket_init(): unknown address family 0 |
| test: RAWIP4RECVBIND |
| |
| RECVFROM addresses with FORK option hung after processing the first |
| packet. test: UDP4RECVFROM_FORK |
| |
| corrected a few mistakes that caused compiler warnings on 64bit hosts |
| (thanks to Jonathan Brannan e.a. for providing a patch) |
| |
| EXEC and SYSTEM with stderr injected socat messages into the data |
| stream. test: EXECSTDERRLOG |
| |
| when the EXEC address got a string with consecutive spaces it created |
| additional empty arguments (thanks to Olivier Hervieu for reporting |
| this bug). test: EXECSPACES |
| |
| in ignoreeof polling mode socat also blocked data transfer in the other |
| direction during the 1s wait intervalls (thanks to Jorgen Cederlof for |
| reporting this bug) |
| |
| corrected alphabetical order of options (proxy-auth) |
| |
| some minor corrections |
| |
| improved test.sh script: more stable timing, corrections for BSD |
| |
| replaced the select() calls by poll() to cleanly fix the problems with |
| many file descriptors already open |
| |
| socat option -lf did not log to file but to stderr |
| |
| socat did not compile on Solaris when configured without termios |
| feature (thanks to Pavan Gadi for reporting this bug) |
| |
| porting: |
| socat compiles and runs on AIX with gcc (thanks to Andi Mather for his |
| help) |
| |
| socat compiles and runs on Cygwin (thanks to Jan Just Keijser for his |
| help) |
| |
| socat compiles and runs on HP-UX with gcc (thanks to Michal Rysavy for |
| his help) |
| |
| socat compiles and runs on MacOS X (thanks to Camillo Lugaresi for his |
| help) |
| |
| further changes: |
| filan -s prefixes output with FD number if more than one FD |
| |
| Makefile now supports datarootdir (thanks to Camillo Lugaresi for |
| providing the patch) |
| |
| cleanup in xio-unix.c |
| |
| ####################### V 1.6.0.1: |
| |
| new features: |
| new make target "gitclean" |
| |
| docu source doc/socat.yo released |
| |
| corrections: |
| exec:...,pty did not kill child process under some circumstances; fixed |
| by correcting typo in xio-progcall.c (thanks to Ralph Forsythe for |
| reporting this problem) |
| |
| service name resolution failed due to byte order mistake |
| (thanks to James Sainsbury for reporting this problem) |
| |
| socat would hang when invoked with many file descriptors already opened |
| fix: replaced FOPEN_MAX with FD_SETSIZE |
| thanks to Daniel Lucq for reporting this problem. |
| |
| fixed bugs where sub processes would become zombies because the master |
| process did not catch SIGCHLD. this affected addresses UDP-LISTEN, |
| UDP-CONNECT, TCP-CONNECT, OPENSSL, PROXY, UNIX-CONNECT, UNIX-CLIENT, |
| ABSTRACT-CONNECT, ABSTRACT-CLIENT, SOCKSA, SOCKS4A |
| (thanks to Fernanda G Weiden for reporting this problem) |
| |
| fixed a bug where sub processes would become zombies because the master |
| process caught SIGCHLD but did not wait(). this affected addresses |
| UDP-RECVFROM, IP-RECVFROM, UNIX-RECVFROM, ABSTRACT-RECVFROM |
| (thanks to Evan Borgstrom for reporting this problem) |
| |
| corrected option handling with STDIO; usecase: cool-write |
| |
| configure --disable-pty also disabled option waitlock |
| |
| fixed small bugs on systems with struct ip_mreq without struct ip_mreqn |
| (thanks to Roland Illig for sending a patch) |
| |
| corrected name of option intervall to interval (old form still valid |
| for us German speaking guys) |
| |
| corrected some print statements and variable names |
| |
| make uninstall did not uninstall procan |
| |
| fixed lots of weaknesses in test.sh |
| |
| corrected some bugs and typos in doc/socat.yo, EXAMPLES, C comments |
| |
| further changes: |
| procan -c prints C defines important for socat |
| |
| added test OPENSSLEOF for OpenSSL half close |
| |
| ####################### V 1.6.0.0: |
| |
| new features: |
| new addresses IP-DATAGRAM and UDP-DATAGRAM allow versatile broadcast |
| and multicast modes |
| |
| new option ip-add-membership for control of multicast group membership |
| |
| new address TUN for generation of Linux TUN/TAP pseudo network |
| interfaces (suggested by Mat Caughron); associated options tun-device, |
| tun-name, tun-type; iff-up, iff-promisc, iff-noarp, iff-no-pi etc. |
| |
| new addresses ABSTRACT-CONNECT, ABSTRACT-LISTEN, ABSTRACT-SENDTO, |
| ABSTRACT-RECV, and ABSTRACT-RECVFROM for abstract UNIX domain addresses |
| on Linux (requested by Zeeshan Ali); option unix-tightsocklen controls |
| socklen parameter on system calls. |
| |
| option end-close for control of connection closing allows FD sharing |
| by sub processes |
| |
| range option supports form address:mask with IPv4 |
| |
| changed behaviour of OPENSSL-LISTEN to require and verify client |
| certificate per default |
| |
| options f-setlkw-rd, f-setlkw-wr, f-setlk-rd, f-setlk-wr allow finer |
| grained locking on regular files |
| |
| uninstall target in Makefile (lack reported by Zeeshan Ali) |
| |
| corrections: |
| fixed bug where only first tcpwrap option was applied; fixed bug where |
| tcpwrap IPv6 check always failed (thanks to Rudolf Cejka for reporting |
| and fixing this bug) |
| |
| filan (and socat -D) could hang when a socket was involved |
| |
| corrected PTYs on HP-UX (and maybe others) using STREAMS (inspired by |
| Roberto Mackun) |
| |
| correct bind with udp6-listen (thanks to Jan Horak for reporting this |
| bug) |
| |
| corrected filan.c peekbuff[0] which did not compile with Sun Studio Pro |
| (thanks to Leo Zhadanovsky for reporting this problem) |
| |
| corrected problem with read data buffered in OpenSSL layer (thanks to |
| Jon Nelson for reporting this bug) |
| |
| corrected problem with option readbytes when input stream stayed idle |
| after so many bytes |
| |
| fixed a bug where a datagram receiver with option fork could fork two |
| sub processes per packet |
| |
| further changes: |
| moved documentation to new doc/ subdir |
| |
| new documents (kind of mini tutorials) are provided in doc/ |
| |
| ####################### V 1.5.0.0: |
| |
| new features: |
| new datagram modes for udp, rawip, unix domain sockets |
| |
| socat option -T specifies inactivity timeout |
| |
| rewrote lexical analysis to allow nested socat calls |
| |
| addresses tcp, udp, tcp-l, udp-l, and rawip now support IPv4 and IPv6 |
| |
| socat options -4, -6 and environment variables SOCAT_DEFAULT_LISTEN_IP, |
| SOCAT_PREFERRED_RESOLVE_IP for control of protocol selection |
| |
| addresses ssl, ssl-l, socks, proxy now support IPv4 and IPv6 |
| |
| option protocol-family (pf), esp. for openssl-listen |
| |
| range option supports IPv6 - syntax: range=[::1/128] |
| |
| option ipv6-v6only (ipv6only) |
| |
| new tcp-wrappers options allow-table, deny-table, tcpwrap-etc |
| |
| FIPS version of OpenSSL can be integrated - initial patch provided by |
| David Acker. See README.FIPS |
| |
| support for resolver options res-debug, aaonly, usevc, primary, igntc, |
| recurse, defnames, stayopen, dnsrch |
| |
| options for file attributes on advanced filesystems (ext2, ext3, |
| reiser): secrm, unrm, compr, ext2-sync, immutable, ext2-append, nodump, |
| ext2-noatime, journal-data etc. |
| |
| option cool-write controls severeness of write failure (EPIPE, |
| ECONNRESET) |
| |
| option o-noatime |
| |
| socat option -lh for hostname in log output |
| |
| traffic dumping provides packet headers |
| |
| configure.in became part of distribution |
| |
| socats unpack directory now has full version, e.g. socat-1.5.0.0/ |
| |
| corrected docu of option verify |
| |
| corrections: |
| fixed tcpwrappers integration - initial fix provided by Rudolf Cejka |
| |
| exec with pipes,stderr produced error |
| |
| setuid-early was ignored with many address types |
| |
| some minor corrections |
| |
| ####################### V 1.4.3.1: |
| |
| corrections: |
| PROBLEM: UNIX socket listen accepted only one (or a few) connections. |
| FIX: do not remove listening UNIX socket in child process |
| |
| PROBLEM: SIGSEGV when TCP part of SSL connect failed |
| FIX: check ssl pointer before calling SSL_shutdown |
| |
| In debug mode, show connect client port even when connect fails |
| |
| ####################### V 1.4.3.0: |
| |
| new features: |
| socat options -L, -W for application level locking |
| |
| options "lockfile", "waitlock" for address level locking |
| (Stefan Luethje) |
| |
| option "readbytes" limits read length (Adam Osuchowski) |
| |
| option "retry" for unix-connect, unix-listen, tcp6-listen (Dale Dude) |
| |
| pty symlink, unix listen socket, and named pipe are per default removed |
| after use; option unlink-close overrides this new behaviour and also |
| controls removal of other socat generated files (Stefan Luethje) |
| |
| corrections: |
| option "retry" did not work with tcp-listen |
| |
| EPIPE condition could result in a 100% CPU loop |
| |
| further changes: |
| support systems without SHUT_RD etc. |
| handle more size_t types |
| try to find makedepend options with gcc 3 (richard/OpenMacNews) |
| |
| ####################### V 1.4.2.0: |
| |
| new features: |
| option "connect-timeout" limits wait time for connect operations |
| (requested by Giulio Orsero) |
| |
| option "dhparam" for explicit Diffie-Hellman parameter file |
| |
| corrections: |
| support for OpenSSL DSA certificates (Miika Komu) |
| |
| create install directories before copying files (Miika Komu) |
| |
| when exiting on signal, return status 128+signum instead of 1 |
| |
| on EPIPE and ECONNRESET, only issue a warning (Santiago Garcia |
| Mantinan) |
| |
| -lu could cause a core dump on long messages |
| |
| further changes: |
| modifications to simplify using socats features in applications |
| |
| ####################### V 1.4.1.0: |
| |
| new features: |
| option "wait-slave" blocks open of pty master side until a client |
| connects, "pty-intervall" controls polling |
| |
| option -h as synonym to -? for help (contributed by Christian |
| Lademann) |
| |
| filan prints formatted time stamps and rdev (disable with -r) |
| |
| redirect filan's output, so stdout is not affected (contributed by |
| Luigi Iotti) |
| |
| filan option -L to follow symbolic links |
| |
| filan shows termios control characters |
| |
| corrections: |
| proxy address no longer performs unsolicited retries |
| |
| filan -f no longer needs read permission to analyze a file (but still |
| needs access permission to directory, of course) |
| |
| porting: |
| Option dsusp |
| FreeBSD options noopt, nopush, md5sig |
| OpenBSD options sack-disable, signature-enable |
| HP-UX, Solaris options abort-threshold, conn-abort-threshold |
| HP-UX options b900, b3600, b7200 |
| Tru64/OSF1 options keepinit, paws, sackena, tsoptena |
| |
| further corrections: |
| address pty now uses ptmx as default if openpty is also available |
| |
| ####################### V 1.4.0.3: |
| |
| security: |
| Socat security advisory 1 |
| CVE-2004-1484: |
| fix to a syslog() based format string vulnerability that can lead to |
| remote code execution. See advisory socat-adv-1.txt |
| |
| ####################### V 1.4.0.2: |
| |
| corrections: |
| exec'd write-only addresses get a chance to flush before being killed |
| |
| error handler: print notice on error-exit |
| |
| filan printed wrong file type information |
| |
| ####################### V 1.4.0.1: |
| |
| corrections: |
| socks4a constructed invalid header. Problem found, reported, and fixed |
| by Thomas Themel, by Peter Palfrader, and by rik |
| |
| with nofork, don't forget to apply some process related options |
| (chroot, setsid, setpgid, ...) |
| |
| ####################### V 1.4.0.0: |
| |
| new features: |
| simple openssl server (ssl-l), experimental openssl trust |
| |
| new options "cafile", "capath", "key", "cert", "egd", and "pseudo" for |
| openssl |
| |
| new options "retry", "forever", and "intervall" |
| |
| option "fork" for address TCP improves `gender changer´ |
| |
| options "sigint", "sigquit", and "sighup" control passing of signals to |
| sub process (thanks to David Shea who contributed to this issue) |
| |
| readline takes respect to the prompt issued by the peer address |
| |
| options "prompt" and "noprompt" allow to override readline's new |
| default behaviour |
| |
| readline supports invisible password with option "noecho" |
| |
| socat option -lp allows to set hostname in log output |
| |
| socat option -lu turns on microsecond resolution in log output |
| |
| |
| corrections: |
| before reading available data, check if writing on other channel is |
| possible |
| |
| tcp6, udp6: support hostname specification (not only IP address), and |
| map IP4 names to IP6 addresses |
| |
| openssl client checks server certificate per default |
| |
| support unidirectional communication with exec/system subprocess |
| |
| try to restore original terminal settings when terminating |
| |
| test.sh uses tmp dir /tmp/$USER/$$ instead of /tmp/$$ |
| |
| socks4 failed on platforms where long does not have 32 bits |
| (thanks to Peter Palfrader and Thomas Seyrat) |
| |
| hstrerror substitute wrote wrong messages (HP-UX, Solaris) |
| |
| proxy error message was truncated when answer contained multiple spaces |
| |
| |
| porting: |
| compiles with AIX xlc, HP-UX cc, Tru64 cc (but might not link) |
| |
| ####################### V 1.3.2.2: |
| |
| corrections: |
| PROXY CONNECT failed when the status reply from the proxy server |
| contained more than one consecutive spaces. Problem reported by |
| Alexandre Bezroutchko |
| |
| do not SIGSEGV when proxy address fails to resolve server name |
| |
| udp-listen failed on systems where AF_INET != SOCK_DGRAM (e.g. SunOS). |
| Problem reported by Christoph Schittel |
| |
| test.sh only tests available features |
| |
| added missing IP and TCP options in filan analyzer |
| |
| do not apply stdio address options to both directions when in |
| unidirectional mode |
| |
| on systems lacking /dev/*random and egd, provide (weak) entropy from |
| libc random() |
| |
| |
| porting: |
| changes for HP-UX (VREPRINT, h_NETDB_INTERNAL) |
| |
| compiles on True64, FreeBSD (again), NetBSD, OpenBSD |
| |
| support for long long as st_ino type (Cygwin 1.5) |
| |
| compile on systems where pty can not be featured |
| |
| ####################### V 1.3.2.1: |
| |
| corrections: |
| "final" solution for the ENOCHLD problem |
| |
| corrected "make strip" |
| |
| default gcc debug/opt is "-O" again |
| |
| check for /proc at runtime, even if configure found it |
| |
| src.rpm accidently supported SuSE instead of RedHat |
| |
| ####################### V 1.3.2.0: |
| |
| new features: |
| option "nofork" connects an exec'd script or program directly |
| to the file descriptors of the other address, circumventing the socat |
| transfer engine |
| |
| support for files >2GB, using ftruncate64(), lseek64(), stat64() |
| |
| filan has new "simple" output style (filan -s) |
| |
| |
| porting: |
| options "binary" and "text" for controlling line termination on Cygwin |
| file system access (hint from Yang Wu-Zhou) |
| |
| fix by Yang Wu-Zhou for the Cygwin "No Children" problem |
| |
| improved support for OSR: _SVID3; no IS_SOCK, no F_GETOWN (thanks to |
| John DuBois) |
| |
| minor corrections to avoid warnings with gcc 3 |
| |
| |
| further corrections and minor improvements: |
| configure script is generated with autoconf 2.57 (no longer 2.52) |
| |
| configure passes CFLAGS to Makefile |
| |
| option -??? for complete list of address options and their short forms |
| |
| program name in syslog messages is derived from argv[0] |
| |
| SIGHUP now prints notice instead of error |
| |
| EIO during read of pty now gives Notice instead of Error, and |
| triggers EOF |
| |
| use of hstrerror() for printing resolver error messages |
| |
| setgrent() got required endgrent() |
| |
| ####################### V 1.3.1.0: |
| |
| new features: |
| integration of Wietse Venema's tcpwrapper library (libwrap) |
| |
| with "proxy" address, option "resolve" controls if hostname or IP |
| address is sent in request |
| |
| option "lowport" establishes limited authorization for TCP and UDP |
| connections |
| |
| improvement of .spec file for RPM creation (thanks to Gerd v. Egidy) |
| An accompanying change in the numbering scheme results in an |
| incompatibility with earlier socat RPMs! |
| |
| |
| solved problems and bugs: |
| PROBLEM: socat daemon terminated when the address of a connecting |
| client did not match range option value instead of continue listening |
| SOLVED: in this case, print warning instead of error to keep daemon |
| active |
| |
| PROBLEM: tcp-listen with fork sometimes left excessive number of zombie |
| processes |
| SOLVED: dont assume that each exiting child process generates SIGCHLD |
| |
| when converting CRNL to CR, socat converted to NL |
| |
| |
| further corrections: |
| configure script now disables features that depend on missing files |
| making it more robust in "unsupported" environments |
| |
| server.pem permissions corrected to 600 |
| |
| "make install" now does not strip; use "make strip; make install" |
| if you like strip (suggested by Peter Bray) |
| |
| ####################### V 1.3.0.1: |
| |
| solved problems and bugs: |
| PROBLEM: OPENSSL did not apply tcp, ip, and socket options |
| SOLVED: OPENSSL now correctly handles the options list |
| |
| PROBLEM: CRNL to NL and CRNL to CR conversions failed when CRNL crossed |
| block boundary |
| SOLVED: these conversions now simply strip all CR's or NL's from input |
| stream |
| |
| |
| porting: |
| SunOS ptys now work on x86, too (thanks to Peter Bray) |
| |
| configure looks for freeware libs in /pkgs/lib/ (thanks to Peter Bray) |
| |
| |
| further corrections: |
| added WITH_PROXY value to -V output |
| |
| added compile dependencies of WITH_PTY and WITH_PROXY |
| |
| -?? did not print option group of proxy options |
| |
| corrected syntax for bind option in docu |
| |
| corrected an issue with stdio in unidirectional mode |
| |
| options socksport and proxyport support service names |
| |
| ftp.sh script supports proxy address |
| |
| man page no longer installed with execute permissions (thanks to Peter |
| Bray) |
| |
| fixed a malloc call bug that could cause SIGSEGV or false "out of |
| memory" errors on EXEC and SYSTEM, depending on program name length and |
| libc. |
| |
| ####################### V 1.3.0.0: |
| |
| new features: |
| proxy connect with optional proxy authentication |
| |
| combined hex and text dump mode, credits to Gregory Margo |
| |
| address pty applies options user, group, and perm to device |
| |
| |
| solved problems and bugs: |
| PROBLEM: option reuseport was not applied (BSD, AIX) |
| SOLVED: option reuseport now in phase PASTSOCKET instead of PREBIND, |
| credits to Jean-Baptiste Marchand |
| |
| PROBLEM: ignoreeof with stdio was ignored |
| SOLVED: ignoreeof now works correctly with address stdio |
| |
| PROBLEM: ftp.sh did not use user supplied password |
| SOLVED: ftp.sh now correctly passes password from command line |
| |
| PROBLEM: server.pem had expired |
| SOLVED: new server.pem valid for ten years |
| |
| PROBLEM: socks notice printed wrong port on some platforms |
| SOLVED: socks now uses correct byte-order for port number in notice |
| |
| |
| further corrections: |
| option name o_trunc corrected to o-trunc |
| |
| combined use of -u and -U is now detected and prevented |
| |
| made message system a little more robust against format string attacks |
| |
| |
| ####################### V 1.2.0.0: |
| |
| new features: |
| address pty for putting socat behind a new pseudo terminal that may |
| fake a serial line, modem etc. |
| |
| experimental openssl integration |
| (it does not provide any trust between the peers because is does not |
| check certificates!) |
| |
| options flock-ex, flock-ex-nb, flock-sh, flock-sh-nb to control all |
| locking mechanism provided by flock() |
| |
| options setsid and setpgid now available with all address types |
| |
| option ctty (controlling terminal) now available for all TERMIOS |
| addresses |
| |
| option truncate (a hybrid of open(.., O_TRUNC) and ftruncate()) is |
| replaced by options o-trunc and ftruncate=offset |
| |
| option sourceport now available with TCP and UDP listen addresses to |
| restrict incoming client connections |
| |
| unidirectional mode right-to-left (-U) |
| |
| |
| solved problems and bugs: |
| PROBLEM: addresses without required parameters but an option containing |
| a '/' were incorrectly interpreted as implicit GOPEN address |
| SOLVED: if an address does not have ':' separator but contains '/', |
| check if the slash is before the first ',' before assuming |
| implicit GOPEN. |
| |
| |
| porting: |
| ptys under SunOS work now due to use of stream options |
| |
| |
| further corrections: |
| with -d -d -d -d -D, don't print debug info during file analysis |
| |
| |
| ####################### V 1.1.0.1: |
| |
| new features: |
| .spec file for RPM generation |
| |
| |
| solved problems and bugs: |
| PROBLEM: GOPEN on socket did not apply option unlink-late |
| SOLUTION: GOPEN for socket now applies group NAMED, phase PASTOPEN |
| options |
| |
| PROBLEM: with unidirectional mode, an unnecessary close timeout was |
| applied |
| SOLUTION: in unidirectional mode, terminate without wait time |
| |
| PROBLEM: using GOPEN on a unix domain socket failed for datagram |
| sockets |
| SOLUTION: when connect() fails with EPROTOTYPE, use a datagram socket |
| |
| |
| further corrections: |
| |
| open() flag options had names starting with "o_", now corrected to "o-" |
| |
| in docu, *-listen addresses were called *_listen |
| |
| address unix now called unix-connect because it does not handle unix |
| datagram sockets |
| |
| in test.sh, apply global command line options with all tests |
| |
| |
| ####################### V 1.1.0.0: |
| |
| new features: |
| regular man page and html doc - thanks to kromJx for prototype |
| |
| new address type "readline", utilizing GNU readline and history libs |
| |
| address option "history-file" for readline |
| |
| new option "dash" to "exec" address that allows to start login shells |
| |
| syslog facility can be set per command line option |
| |
| new address option "tcp-quickack", found in Linux 2.4 |
| |
| option -g prevents option group checking |
| |
| filan and procan can print usage |
| |
| procan prints rlimit infos |
| |
| |
| solved problems and bugs: |
| PROBLEM: raw IP socket SIGSEGV'ed when it had been shut down. |
| SOLVED: set eof flag of channel on shutdown. |
| |
| PROBLEM: if channel 2 uses a single non-socket FD in bidirectional mode |
| and has data available while channel 1 reaches EOF, the data is |
| lost. |
| SOLVED: during one loop run, first handle all data transfers and |
| _afterwards_ handle EOF. |
| |
| PROBLEM: despite to option NONBLOCK, the connect() call blocked |
| SOLVED: option NONBLOCK is now applied in phase FD instead of LATE |
| |
| PROBLEM: UNLINK options issued error when file did not exist, |
| terminating socat |
| SOLVED: failure of unlink() is only warning if errno==ENOENT |
| |
| PROBLEM: TCP6-LISTEN required numeric port specification |
| SOLVED: now uses common TCP service resolver |
| |
| PROBLEM: with PIPE, wrong FDs were shown for data transfer loop |
| SOLVED: retrieval of FDs now pays respect to PIPE pecularities |
| |
| PROBLEM: using address EXEC against an address with IGNOREEOF, socat |
| never terminated |
| SOLVED: corrected EOF handling of sigchld |
| |
| |
| porting: |
| MacOS and old AIX versions now have pty |
| |
| flock() now available on Linux (configure check was wrong) |
| |
| named pipe were generated using mknod(), which requires root under BSD |
| now they are generated using mkfifo |
| |
| |
| further corrections: |
| lots of address options that were "forgotten" at runtime are now |
| available |
| |
| option BINDTODEVICE now also called SO-BINDTODEVICE, IF |
| |
| "make install" now installs binaries with ownership 0:0 |
| |
| |
| ####################### V 1.0.4.2: |
| |
| solved problems and bugs: |
| PROBLEM: EOF of one stream caused close of other stream, giving it no |
| chance to go down regularly |
| SOLVED: EOF of one stream now causes shutdown of write part of other |
| stream |
| |
| PROBLEM: sending mail via socks address to qmail showed that crlf |
| option does not work |
| SOLVED: socks address applies PH_LATE options |
| |
| PROBLEM: in debug mode, no info about socat and platform was issued |
| SOLVED: print socat version and uname output in debug mode |
| |
| PROBLEM: invoking socat with -t and no following parameters caused |
| SIGSEGV |
| SOLVED: -t and -b now check next argv entry |
| |
| PROBLEM: when opening of logfile (-lf) failed, no error was reported |
| and no further messages were printed |
| SOLVED: check result of fopen and print error message if it failed |
| |
| new features: |
| address type UDP-LISTEN now supports option fork: it internally applies |
| socket option SO_REUSEADDR so a new UDP socket can bind to port after |
| `accepting´ a connection (child processes might live forever though) |
| (suggestion from Damjan Lango) |
| |
| |
| ####################### V 1.0.4.1: |
| |
| solved problems and bugs: |
| PROB: assert in libc caused an endless recursion |
| SOLVED: no longer catch SIGABRT |
| |
| PROB: socat printed wrong verbose prefix for "right to left" packets |
| SOLVED: new parameter for xiotransfer() passes correct prefix |
| |
| new features: |
| in debug mode, socat prints its command line arguments |
| in verbose mode, escape special characters and replace unprintables |
| with '.'. Patch from Adrian Thurston. |
| |
| |
| ####################### V 1.0.4.0: |
| |
| solved problems and bugs: |
| Debug output for lstat and fstat said "stat" |
| |
| further corrections: |
| FreeBSD now includes libutil.h |
| |
| new features: |
| option setsid with exec/pty |
| option setpgid with exec/pty |
| option ctty with exec/pty |
| TCP V6 connect test |
| gettimeofday in sycls.c (no use yet) |
| |
| porting: |
| before Gethostbyname, invoke inet_aton for MacOSX |
| |
| |
| ####################### V 1.0.3.0: |
| |
| solved problems and bugs: |
| |
| PROB: test 9 of test.sh (echo via file) failed on some platforms, |
| socat exited without error message |
| SOLVED: _xioopen_named_early(): preset statbuf.st_mode with 0 |
| |
| PROB: test 17 hung forever |
| REASON: child death before select loop did not result in EOF |
| SOLVED: check of existence of children before starting select loop |
| |
| PROB: test 17 failed |
| REASON: child dead triggered EOF before last data was read |
| SOLVED: after child death, read last data before setting EOF |
| |
| PROB: filan showed that exec processes incorrectly had fd3 open |
| REASON: inherited open fd3 from main process |
| SOLVED: set CLOEXEC flag on pty fd in main process |
| |
| PROB: help printed "undef" instead of group "FORK" |
| SOLVED: added "FORK" to group name array |
| |
| PROB: fatal messages did not include severity classifier |
| SOLVED: added "F" to severity classifier array |
| |
| PROB: IP6 addresses where printed incorrectly |
| SOLVED: removed type casts to unsigned short * |
| |
| further corrections: |
| socat catches illegal -l modes |
| corrected error message on setsockopt(linger) |
| option tabdly is of type uint |
| correction for UDP over IP6 |
| more cpp conditionals, esp. for IP6 situations |
| better handling of group NAMED options with listening UNIX sockets |
| applyopts2 now includes last given phase |
| corrected option group handling for most address types |
| introduce dropping of unappliable options (dropopts, dropopts2) |
| gopen now accepts socket and unix-socket options |
| exec and system now accept all socket and termios options |
| child process for exec and system addresses with option pty |
| improved descriptions and options for EXAMPLES |
| printf format for file mode changed to "0%03o" with length spec. |
| added va_end() in branch of msg() |
| changed phase of lock options from PASTOPEN to FD |
| support up to four early dying processes |
| |
| structural changes: |
| xiosysincludes now includes sysincludes.h for non xio files |
| |
| new features: |
| option umask |
| CHANGES file |
| TYPE_DOUBLE, u_double |
| OFUNC_OFFSET |
| added getsid(), setsid(), send() to sycls |
| procan prints sid (session id) |
| mail.sh gets -f (from) option |
| new EXAMPLEs for file creation |
| gatherinfo.sh now tells about failures |
| test.sh can check for much more address/option combinations |
| |
| porting: |
| ispeed, ospeed for termios on FreeBSD |
| getpgid() conditional for MacOS 10 |
| added ranlib in Makefile.in for MacOS 10 |
| disable pty option if no pty mechanism is available (MacOS 10) |
| now compiles and runs on MacOS 10 (still some tests fail) |
| setgroups() conditional for cygwin |
| sighandler_t defined conditionally |
| use gcc option -D_GNU_SOURCE |