| |
| ####################### V 2.0.0-b3: |
| |
| new features: |
| added inter addresses for execution of external programs or scripts: |
| EXEC2 and SYSTEM2 are bidirectional, EXEC1 and SYSTEM1 are |
| unidirectional |
| |
| option commtype replaces the now obsolete "socketpair" and "pipes" |
| options and selects the communication mechanism on the left side of |
| EXEC and SYSTEM addresses |
| |
| options leftfd, leftinfd, leftoutfd; and rightfd, rightinfd, |
| rightoutfd override the default file descriptor numbers provided to |
| exec'd programs |
| |
| ####################### V 2.0.0-b2: |
| |
| new features: |
| address chains consisting of inter and endpoint addresses, linked with |
| '|' (pipe character) |
| |
| reverse inter addresses |
| |
| dual type inter addresses |
| |
| changed form of dual addresses from in!!out to out%in |
| |
| address overloading per parameter number, inter/endpoint type, and |
| supported transfer directions |
| |
| derived new inter addresses OPENSSL-CLIENT, OPENSSL-SERVER, |
| PROXY-CLIENT, SOCKS4-CLIENT, SOCKS4A-CLIENT from related old addresses |
| |
| new inter address SOCKS5-CLIENT |
| |
| new inter address NOP |
| |
| new inter address TEST, TESTUNI, TESTREV |
| |
| new form of PTY address with symlink paramater |
| |
| new form of FD address with output/input fd numbers |
| |
| ####################### V 1.7.1.0: |
| |
| new features: |
| address options shut-none, shut-down, and shut-close allow to control |
| socat's half close behaviour |
| |
| with address option shut-null socat sends an empty packet to the peer |
| to indicate EOF |
| |
| option null-eof changes the behaviour of sockets that receive an empty |
| packet to see EOF instead of ignoring it |
| |
| introduced option names substuser-early and su-e, currently equivalent |
| to option substuser (thanks to Mike Perry for providing the patch) |
| |
| corrections: |
| fixed some typos and improved some comments |
| |
| ####################### V 1.7.0.1: |
| |
| corrections: |
| fixed possible SIGSEGV in listening addresses when a new connection was |
| reset by peer before the socket addresses could be retrieved. Thanks to |
| Mike Perry for sending a patch. |
| |
| fixed a bug, introduced with version 1.7.0.0, that let client |
| connections with option connect-timeout fail when the connections |
| succeeded. Thanks to Bruno De Fraine for reporting this bug. |
| |
| option end-close "did not apply" to addresses PTY, SOCKET-CONNECT, |
| and most UNIX-* and ABSTRACT-* |
| |
| half close of EXEC and SYSTEM addresses did not work for pipes and |
| sometimes socketpair |
| |
| help displayed for some option a wrong type |
| |
| under some circumstances shutdown was called multiple times for the |
| same fd |
| |
| ####################### V 1.7.0.0: |
| |
| new features: |
| new address types SCTP-CONNECT and SCTP-LISTEN implement SCTP stream |
| mode for IPv4 and IPv6; new address options sctp-maxseg and |
| sctp-nodelay (suggested by David A. Madore; thanks to Jonathan Brannan |
| for providing an initial patch) |
| |
| new address "INTERFACE" for transparent network interface handling |
| (suggested by Stuart Nicholson) |
| |
| added generic socket addresses: SOCKET-CONNECT, SOCKET-LISTEN, |
| SOCKET-SENDTO, SOCKET-RECVFROM, SOCKET-RECV, SOCKET-DATAGRAM allow |
| protocol independent socket handling; all parameters are explicitely |
| specified as numbers or hex data |
| |
| added address options ioctl-void, ioctl-int, ioctl-intp, ioctl-string, |
| ioctl-bin for generic ioctl() calls. |
| |
| added address options setsockopt-int, setsockopt-bin, and |
| setsockopt-string for generic setsockopt() calls |
| |
| option so-type now only affects the socket() and socketpair() calls, |
| not the name resolution. so-type and so-prototype can now be applied to |
| all socket based addresses. |
| |
| new address option "escape" allows to break a socat instance even when |
| raw terminal mode prevents ^C etc. (feature suggested by Guido Trotter) |
| |
| socat sets environment variables SOCAT_VERSION, SOCAT_PID, SOCAT_PPID |
| for use in executed scripts |
| |
| socat sets environment variables SOCAT_SOCKADDR, SOCAT_SOCKPORT, |
| SOCAT_PEERADDR, SOCAT_PEERPORT in LISTEN type addresses (feature |
| suggested by Ed Sawicki) |
| |
| socat receives all ancillary messages with each received packet on |
| datagram related addresses. The messages are logged in raw form with |
| debug level, and broken down with info level. note: each type of |
| ancillary message must be enabled by appropriate address options. |
| |
| socat provides the contents of ancillary messages received on RECVFROM |
| addresses in appropriate environment variables: |
| SOCAT_TIMESTAMP, SOCAT_IP_DSTADDR, SOCAT_IP_IF, SOCAT_IP_LOCADDR, |
| SOCAT_IP_OPTIONS, SOCAT_IP_TOS, SOCAT_IP_TTL, SOCAT_IPV6_DSTADDR, |
| SOCAT_IPV6_HOPLIMIT, SOCAT_IPV6_TCLASS |
| |
| the following address options were added to enable ancillary messages: |
| so-timestamp, ip-pktinfo (not BSD), ip-recvdstaddr (BSD), ip-recverr, |
| ip-recvif (BSD), ip-recvopts, ip-recvtos, ip-recvttl, ipv6-recvdstopts, |
| ipv6-recverr, ipv6-recvhoplimit, ipv6-recvhopopts, ipv6-recvpathmtu, |
| ipv6-recvpktinfo, ipv6-recvrthdr, ipv6-recvtclass |
| |
| new address options ipv6-tclass and ipv6-unicast-hops set the related |
| socket options. |
| |
| STREAMS (UNIX System V STREAMS) can be configured with the new address |
| options i-pop-all and i-push (thanks to Michal Rysavy for providing a |
| patch) |
| |
| corrections: |
| some raw IP and UNIX datagram modes failed on BSD systems |
| |
| when UDP-LISTEN continued to listen after packet dropped by, e.g., |
| range option, the old listen socket would not be closed but a new one |
| created. open sockets could accumulate. |
| |
| there was a bug in ip*-recv with bind option: it did not bind, and |
| with the first received packet an error occurred: |
| socket_init(): unknown address family 0 |
| test: RAWIP4RECVBIND |
| |
| RECVFROM addresses with FORK option hung after processing the first |
| packet. test: UDP4RECVFROM_FORK |
| |
| corrected a few mistakes that caused compiler warnings on 64bit hosts |
| (thanks to Jonathan Brannan e.a. for providing a patch) |
| |
| EXEC and SYSTEM with stderr injected socat messages into the data |
| stream. test: EXECSTDERRLOG |
| |
| when the EXEC address got a string with consecutive spaces it created |
| additional empty arguments (thanks to Olivier Hervieu for reporting |
| this bug). test: EXECSPACES |
| |
| in ignoreeof polling mode socat also blocked data transfer in the other |
| direction during the 1s wait intervalls (thanks to Jorgen Cederlof for |
| reporting this bug) |
| |
| corrected alphabetical order of options (proxy-auth) |
| |
| some minor corrections |
| |
| improved test.sh script: more stable timing, corrections for BSD |
| |
| replaced the select() calls by poll() to cleanly fix the problems with |
| many file descriptors already open |
| |
| socat option -lf did not log to file but to stderr |
| |
| socat did not compile on Solaris when configured without termios |
| feature (thanks to Pavan Gadi for reporting this bug) |
| |
| porting: |
| socat compiles and runs on AIX with gcc (thanks to Andi Mather for his |
| help) |
| |
| socat compiles and runs on Cygwin (thanks to Jan Just Keijser for his |
| help) |
| |
| socat compiles and runs on HP-UX with gcc (thanks to Michal Rysavy for |
| his help) |
| |
| socat compiles and runs on MacOS X (thanks to Camillo Lugaresi for his |
| help) |
| |
| further changes: |
| filan -s prefixes output with FD number if more than one FD |
| |
| Makefile now supports datarootdir (thanks to Camillo Lugaresi for |
| providing the patch) |
| |
| cleanup in xio-unix.c |
| |
| ####################### V 1.6.0.1: |
| |
| new features: |
| new make target "gitclean" |
| |
| docu source doc/socat.yo released |
| |
| corrections: |
| exec:...,pty did not kill child process under some circumstances; fixed |
| by correcting typo in xio-progcall.c (thanks to Ralph Forsythe for |
| reporting this problem) |
| |
| service name resolution failed due to byte order mistake |
| (thanks to James Sainsbury for reporting this problem) |
| |
| socat would hang when invoked with many file descriptors already opened |
| fix: replaced FOPEN_MAX with FD_SETSIZE |
| thanks to Daniel Lucq for reporting this problem. |
| |
| fixed bugs where sub processes would become zombies because the master |
| process did not catch SIGCHLD. this affected addresses UDP-LISTEN, |
| UDP-CONNECT, TCP-CONNECT, OPENSSL, PROXY, UNIX-CONNECT, UNIX-CLIENT, |
| ABSTRACT-CONNECT, ABSTRACT-CLIENT, SOCKSA, SOCKS4A |
| (thanks to Fernanda G Weiden for reporting this problem) |
| |
| fixed a bug where sub processes would become zombies because the master |
| process caught SIGCHLD but did not wait(). this affected addresses |
| UDP-RECVFROM, IP-RECVFROM, UNIX-RECVFROM, ABSTRACT-RECVFROM |
| (thanks to Evan Borgstrom for reporting this problem) |
| |
| corrected option handling with STDIO; usecase: cool-write |
| |
| configure --disable-pty also disabled option waitlock |
| |
| fixed small bugs on systems with struct ip_mreq without struct ip_mreqn |
| (thanks to Roland Illig for sending a patch) |
| |
| corrected name of option intervall to interval (old form still valid |
| for us German speaking guys) |
| |
| corrected some print statements and variable names |
| |
| make uninstall did not uninstall procan |
| |
| fixed lots of weaknesses in test.sh |
| |
| corrected some bugs and typos in doc/socat.yo, EXAMPLES, C comments |
| |
| further changes: |
| procan -c prints C defines important for socat |
| |
| added test OPENSSLEOF for OpenSSL half close |
| |
| ####################### V 1.6.0.0: |
| |
| new features: |
| new addresses IP-DATAGRAM and UDP-DATAGRAM allow versatile broadcast |
| and multicast modes |
| |
| new option ip-add-membership for control of multicast group membership |
| |
| new address TUN for generation of Linux TUN/TAP pseudo network |
| interfaces (suggested by Mat Caughron); associated options tun-device, |
| tun-name, tun-type; iff-up, iff-promisc, iff-noarp, iff-no-pi etc. |
| |
| new addresses ABSTRACT-CONNECT, ABSTRACT-LISTEN, ABSTRACT-SENDTO, |
| ABSTRACT-RECV, and ABSTRACT-RECVFROM for abstract UNIX domain addresses |
| on Linux (requested by Zeeshan Ali); option unix-tightsocklen controls |
| socklen parameter on system calls. |
| |
| option end-close for control of connection closing allows FD sharing |
| by sub processes |
| |
| range option supports form address:mask with IPv4 |
| |
| changed behaviour of SSL-LISTEN to require and verify client |
| certificate per default |
| |
| options f-setlkw-rd, f-setlkw-wr, f-setlk-rd, f-setlk-wr allow finer |
| grained locking on regular files |
| |
| uninstall target in Makefile (lack reported by Zeeshan Ali) |
| |
| corrections: |
| fixed bug where only first tcpwrap option was applied; fixed bug where |
| tcpwrap IPv6 check always failed (thanks to Rudolf Cejka for reporting |
| and fixing this bug) |
| |
| filan (and socat -D) could hang when a socket was involved |
| |
| corrected PTYs on HP-UX (and maybe others) using STREAMS (inspired by |
| Roberto Mackun) |
| |
| correct bind with udp6-listen (thanks to Jan Horak for reporting this |
| bug) |
| |
| corrected filan.c peekbuff[0] which did not compile with Sun Studio Pro |
| (thanks to Leo Zhadanovsky for reporting this problem) |
| |
| corrected problem with read data buffered in OpenSSL layer (thanks to |
| Jon Nelson for reporting this bug) |
| |
| corrected problem with option readbytes when input stream stayed idle |
| after so many bytes |
| |
| fixed a bug where a datagram receiver with option fork could fork two |
| sub processes per packet |
| |
| further changes: |
| moved documentation to new doc/ subdir |
| |
| new documents (kind of mini tutorials) are provided in doc/ |
| |
| ####################### V 1.5.0.0: |
| |
| new features: |
| new datagram modes for udp, rawip, unix domain sockets |
| |
| socat option -T specifies inactivity timeout |
| |
| rewrote lexical analysis to allow nested socat calls |
| |
| addresses tcp, udp, tcp-l, udp-l, and rawip now support IPv4 and IPv6 |
| |
| socat options -4, -6 and environment variables SOCAT_DEFAULT_LISTEN_IP, |
| SOCAT_PREFERRED_RESOLVE_IP for control of protocol selection |
| |
| addresses ssl, ssl-l, socks, proxy now support IPv4 and IPv6 |
| |
| option protocol-family (pf), esp. for openssl-listen |
| |
| range option supports IPv6 - syntax: range=[::1/128] |
| |
| option ipv6-v6only (ipv6only) |
| |
| new tcp-wrappers options allow-table, deny-table, tcpwrap-etc |
| |
| FIPS version of OpenSSL can be integrated - initial patch provided by |
| David Acker. See README.FIPS |
| |
| support for resolver options res-debug, aaonly, usevc, primary, igntc, |
| recurse, defnames, stayopen, dnsrch |
| |
| options for file attributes on advanced filesystems (ext2, ext3, |
| reiser): secrm, unrm, compr, ext2-sync, immutable, ext2-append, nodump, |
| ext2-noatime, journal-data etc. |
| |
| option cool-write controls severeness of write failure (EPIPE, |
| ECONNRESET) |
| |
| option o-noatime |
| |
| socat option -lh for hostname in log output |
| |
| traffic dumping provides packet headers |
| |
| configure.in became part of distribution |
| |
| socats unpack directory now has full version, e.g. socat-1.5.0.0/ |
| |
| corrected docu of option verify |
| |
| corrections: |
| fixed tcpwrappers integration - initial fix provided by Rudolf Cejka |
| |
| exec with pipes,stderr produced error |
| |
| setuid-early was ignored with many address types |
| |
| some minor corrections |
| |
| ####################### V 1.4.3.1: |
| |
| corrections: |
| PROBLEM: UNIX socket listen accepted only one (or a few) connections. |
| FIX: do not remove listening UNIX socket in child process |
| |
| PROBLEM: SIGSEGV when TCP part of SSL connect failed |
| FIX: check ssl pointer before calling SSL_shutdown |
| |
| In debug mode, show connect client port even when connect fails |
| |
| ####################### V 1.4.3.0: |
| |
| new features: |
| socat options -L, -W for application level locking |
| |
| options "lockfile", "waitlock" for address level locking |
| (Stefan Luethje) |
| |
| option "readbytes" limits read length (Adam Osuchowski) |
| |
| option "retry" for unix-connect, unix-listen, tcp6-listen (Dale Dude) |
| |
| pty symlink, unix listen socket, and named pipe are per default removed |
| after use; option unlink-close overrides this new behaviour and also |
| controls removal of other socat generated files (Stefan Luethje) |
| |
| corrections: |
| option "retry" did not work with tcp-listen |
| |
| EPIPE condition could result in a 100% CPU loop |
| |
| further changes: |
| support systems without SHUT_RD etc. |
| handle more size_t types |
| try to find makedepend options with gcc 3 (richard/OpenMacNews) |
| |
| ####################### V 1.4.2.0: |
| |
| new features: |
| option "connect-timeout" limits wait time for connect operations |
| (requested by Giulio Orsero) |
| |
| option "dhparam" for explicit Diffie-Hellman parameter file |
| |
| corrections: |
| support for OpenSSL DSA certificates (Miika Komu) |
| |
| create install directories before copying files (Miika Komu) |
| |
| when exiting on signal, return status 128+signum instead of 1 |
| |
| on EPIPE and ECONNRESET, only issue a warning (Santiago Garcia |
| Mantinan) |
| |
| -lu could cause a core dump on long messages |
| |
| further changes: |
| modifications to simplify using socats features in applications |
| |
| ####################### V 1.4.1.0: |
| |
| new features: |
| option "wait-slave" blocks open of pty master side until a client |
| connects, "pty-intervall" controls polling |
| |
| option -h as synonym to -? for help (contributed by Christian |
| Lademann) |
| |
| filan prints formatted time stamps and rdev (disable with -r) |
| |
| redirect filan's output, so stdout is not affected (contributed by |
| Luigi Iotti) |
| |
| filan option -L to follow symbolic links |
| |
| filan shows termios control characters |
| |
| corrections: |
| proxy address no longer performs unsolicited retries |
| |
| filan -f no longer needs read permission to analyze a file (but still |
| needs access permission to directory, of course) |
| |
| porting: |
| Option dsusp |
| FreeBSD options noopt, nopush, md5sig |
| OpenBSD options sack-disable, signature-enable |
| HP-UX, Solaris options abort-threshold, conn-abort-threshold |
| HP-UX options b900, b3600, b7200 |
| Tru64/OSF1 options keepinit, paws, sackena, tsoptena |
| |
| further corrections: |
| address pty now uses ptmx as default if openpty is also available |
| |
| ####################### V 1.4.0.3: |
| |
| corrections: |
| fix to a syslog() based format string vulnerability that can lead to |
| remote code execution. See advisory socat-adv-1.txt |
| |
| ####################### V 1.4.0.2: |
| |
| corrections: |
| exec'd write-only addresses get a chance to flush before being killed |
| |
| error handler: print notice on error-exit |
| |
| filan printed wrong file type information |
| |
| ####################### V 1.4.0.1: |
| |
| corrections: |
| socks4a constructed invalid header. Problem found, reported, and fixed |
| by Thomas Themel, by Peter Palfrader, and by rik |
| |
| with nofork, don't forget to apply some process related options |
| (chroot, setsid, setpgid, ...) |
| |
| ####################### V 1.4.0.0: |
| |
| new features: |
| simple openssl server (ssl-l), experimental openssl trust |
| |
| new options "cafile", "capath", "key", "cert", "egd", and "pseudo" for |
| openssl |
| |
| new options "retry", "forever", and "intervall" |
| |
| option "fork" for address TCP improves `gender changer´ |
| |
| options "sigint", "sigquit", and "sighup" control passing of signals to |
| sub process (thanks to David Shea who contributed to this issue) |
| |
| readline takes respect to the prompt issued by the peer address |
| |
| options "prompt" and "noprompt" allow to override readline's new |
| default behaviour |
| |
| readline supports invisible password with option "noecho" |
| |
| socat option -lp allows to set hostname in log output |
| |
| socat option -lu turns on microsecond resolution in log output |
| |
| |
| corrections: |
| before reading available data, check if writing on other channel is |
| possible |
| |
| tcp6, udp6: support hostname specification (not only IP address), and |
| map IP4 names to IP6 addresses |
| |
| openssl client checks server certificate per default |
| |
| support unidirectional communication with exec/system subprocess |
| |
| try to restore original terminal settings when terminating |
| |
| test.sh uses tmp dir /tmp/$USER/$$ instead of /tmp/$$ |
| |
| socks4 failed on platforms where long does not have 32 bits |
| (thanks to Peter Palfrader and Thomas Seyrat) |
| |
| hstrerror substitute wrote wrong messages (HP-UX, Solaris) |
| |
| proxy error message was truncated when answer contained multiple spaces |
| |
| |
| porting: |
| compiles with AIX xlc, HP-UX cc, Tru64 cc (but might not link) |
| |
| ####################### V 1.3.2.2: |
| |
| corrections: |
| PROXY CONNECT failed when the status reply from the proxy server |
| contained more than one consecutive spaces. Problem reported by |
| Alexandre Bezroutchko |
| |
| do not SIGSEGV when proxy address fails to resolve server name |
| |
| udp-listen failed on systems where AF_INET != SOCK_DGRAM (e.g. SunOS). |
| Problem reported by Christoph Schittel |
| |
| test.sh only tests available features |
| |
| added missing IP and TCP options in filan analyzer |
| |
| do not apply stdio address options to both directions when in |
| unidirectional mode |
| |
| on systems lacking /dev/*random and egd, provide (weak) entropy from |
| libc random() |
| |
| |
| porting: |
| changes for HP-UX (VREPRINT, h_NETDB_INTERNAL) |
| |
| compiles on True64, FreeBSD (again), NetBSD, OpenBSD |
| |
| support for long long as st_ino type (Cygwin 1.5) |
| |
| compile on systems where pty can not be featured |
| |
| ####################### V 1.3.2.1: |
| |
| corrections: |
| "final" solution for the ENOCHLD problem |
| |
| corrected "make strip" |
| |
| default gcc debug/opt is "-O" again |
| |
| check for /proc at runtime, even if configure found it |
| |
| src.rpm accidently supported SuSE instead of RedHat |
| |
| ####################### V 1.3.2.0: |
| |
| new features: |
| option "nofork" connects an exec'd script or program directly |
| to the file descriptors of the other address, circumventing the socat |
| transfer engine |
| |
| support for files >2GB, using ftruncate64(), lseek64(), stat64() |
| |
| filan has new "simple" output style (filan -s) |
| |
| |
| porting: |
| options "binary" and "text" for controlling line termination on Cygwin |
| file system access (hint from Yang Wu-Zhou) |
| |
| fix by Yang Wu-Zhou for the Cygwin "No Children" problem |
| |
| improved support for OSR: _SVID3; no IS_SOCK, no F_GETOWN (thanks to |
| John DuBois) |
| |
| minor corrections to avoid warnings with gcc 3 |
| |
| |
| further corrections and minor improvements: |
| configure script is generated with autoconf 2.57 (no longer 2.52) |
| |
| configure passes CFLAGS to Makefile |
| |
| option -??? for complete list of address options and their short forms |
| |
| program name in syslog messages is derived from argv[0] |
| |
| SIGHUP now prints notice instead of error |
| |
| EIO during read of pty now gives Notice instead of Error, and |
| triggers EOF |
| |
| use of hstrerror() for printing resolver error messages |
| |
| setgrent() got required endgrent() |
| |
| ####################### V 1.3.1.0: |
| |
| new features: |
| integration of Wietse Venema's tcpwrapper library (libwrap) |
| |
| with "proxy" address, option "resolve" controls if hostname or IP |
| address is sent in request |
| |
| option "lowport" establishes limited authorization for TCP and UDP |
| connections |
| |
| improvement of .spec file for RPM creation (thanks to Gerd v. Egidy) |
| An accompanying change in the numbering scheme results in an |
| incompatibility with earlier socat RPMs! |
| |
| |
| solved problems and bugs: |
| PROBLEM: socat daemon terminated when the address of a connecting |
| client did not match range option value instead of continue listening |
| SOLVED: in this case, print warning instead of error to keep daemon |
| active |
| |
| PROBLEM: tcp-listen with fork sometimes left excessive number of zombie |
| processes |
| SOLVED: dont assume that each exiting child process generates SIGCHLD |
| |
| when converting CRNL to CR, socat converted to NL |
| |
| |
| further corrections: |
| configure script now disables features that depend on missing files |
| making it more robust in "unsupported" environments |
| |
| server.pem permissions corrected to 600 |
| |
| "make install" now does not strip; use "make strip; make install" |
| if you like strip (suggested by Peter Bray) |
| |
| ####################### V 1.3.0.1: |
| |
| solved problems and bugs: |
| PROBLEM: OPENSSL did not apply tcp, ip, and socket options |
| SOLVED: OPENSSL now correctly handles the options list |
| |
| PROBLEM: CRNL to NL and CRNL to CR conversions failed when CRNL crossed |
| block boundary |
| SOLVED: these conversions now simply strip all CR's or NL's from input |
| stream |
| |
| |
| porting: |
| SunOS ptys now work on x86, too (thanks to Peter Bray) |
| |
| configure looks for freeware libs in /pkgs/lib/ (thanks to Peter Bray) |
| |
| |
| further corrections: |
| added WITH_PROXY value to -V output |
| |
| added compile dependencies of WITH_PTY and WITH_PROXY |
| |
| -?? did not print option group of proxy options |
| |
| corrected syntax for bind option in docu |
| |
| corrected an issue with stdio in unidirectional mode |
| |
| options socksport and proxyport support service names |
| |
| ftp.sh script supports proxy address |
| |
| man page no longer installed with execute permissions (thanks to Peter |
| Bray) |
| |
| fixed a malloc call bug that could cause SIGSEGV or false "out of |
| memory" errors on EXEC and SYSTEM, depending on program name length and |
| libc. |
| |
| ####################### V 1.3.0.0: |
| |
| new features: |
| proxy connect with optional proxy authentication |
| |
| combined hex and text dump mode, credits to Gregory Margo |
| |
| address pty applies options user, group, and perm to device |
| |
| |
| solved problems and bugs: |
| PROBLEM: option reuseport was not applied (BSD, AIX) |
| SOLVED: option reuseport now in phase PASTSOCKET instead of PREBIND, |
| credits to Jean-Baptiste Marchand |
| |
| PROBLEM: ignoreeof with stdio was ignored |
| SOLVED: ignoreeof now works correctly with address stdio |
| |
| PROBLEM: ftp.sh did not use user supplied password |
| SOLVED: ftp.sh now correctly passes password from command line |
| |
| PROBLEM: server.pem had expired |
| SOLVED: new server.pem valid for ten years |
| |
| PROBLEM: socks notice printed wrong port on some platforms |
| SOLVED: socks now uses correct byte-order for port number in notice |
| |
| |
| further corrections: |
| option name o_trunc corrected to o-trunc |
| |
| combined use of -u and -U is now detected and prevented |
| |
| made message system a little more robust against format string attacks |
| |
| |
| ####################### V 1.2.0.0: |
| |
| new features: |
| address pty for putting socat behind a new pseudo terminal that may |
| fake a serial line, modem etc. |
| |
| experimental openssl integration |
| (it does not provide any trust between the peers because is does not |
| check certificates!) |
| |
| options flock-ex, flock-ex-nb, flock-sh, flock-sh-nb to control all |
| locking mechanism provided by flock() |
| |
| options setsid and setpgid now available with all address types |
| |
| option ctty (controlling terminal) now available for all TERMIOS |
| addresses |
| |
| option truncate (a hybrid of open(.., O_TRUNC) and ftruncate()) is |
| replaced by options o-trunc and ftruncate=offset |
| |
| option sourceport now available with TCP and UDP listen addresses to |
| restrict incoming client connections |
| |
| unidirectional mode right-to-left (-U) |
| |
| |
| solved problems and bugs: |
| PROBLEM: addresses without required parameters but an option containing |
| a '/' were incorrectly interpreted as implicit GOPEN address |
| SOLVED: if an address does not have ':' separator but contains '/', |
| check if the slash is before the first ',' before assuming |
| implicit GOPEN. |
| |
| |
| porting: |
| ptys under SunOS work now due to use of stream options |
| |
| |
| further corrections: |
| with -d -d -d -d -D, don't print debug info during file analysis |
| |
| |
| ####################### V 1.1.0.1: |
| |
| new features: |
| .spec file for RPM generation |
| |
| |
| solved problems and bugs: |
| PROBLEM: GOPEN on socket did not apply option unlink-late |
| SOLUTION: GOPEN for socket now applies group NAMED, phase PASTOPEN |
| options |
| |
| PROBLEM: with unidirectional mode, an unnecessary close timeout was |
| applied |
| SOLUTION: in unidirectional mode, terminate without wait time |
| |
| PROBLEM: using GOPEN on a unix domain socket failed for datagram |
| sockets |
| SOLUTION: when connect() fails with EPROTOTYPE, use a datagram socket |
| |
| |
| further corrections: |
| |
| open() flag options had names starting with "o_", now corrected to "o-" |
| |
| in docu, *-listen addresses were called *_listen |
| |
| address unix now called unix-connect because it does not handle unix |
| datagram sockets |
| |
| in test.sh, apply global command line options with all tests |
| |
| |
| ####################### V 1.1.0.0: |
| |
| new features: |
| regular man page and html doc - thanks to kromJx for prototype |
| |
| new address type "readline", utilizing GNU readline and history libs |
| |
| address option "history-file" for readline |
| |
| new option "dash" to "exec" address that allows to start login shells |
| |
| syslog facility can be set per command line option |
| |
| new address option "tcp-quickack", found in Linux 2.4 |
| |
| option -g prevents option group checking |
| |
| filan and procan can print usage |
| |
| procan prints rlimit infos |
| |
| |
| solved problems and bugs: |
| PROBLEM: raw IP socket SIGSEGV'ed when it had been shut down. |
| SOLVED: set eof flag of channel on shutdown. |
| |
| PROBLEM: if channel 2 uses a single non-socket FD in bidirectional mode |
| and has data available while channel 1 reaches EOF, the data is |
| lost. |
| SOLVED: during one loop run, first handle all data transfers and |
| _afterwards_ handle EOF. |
| |
| PROBLEM: despite to option NONBLOCK, the connect() call blocked |
| SOLVED: option NONBLOCK is now applied in phase FD instead of LATE |
| |
| PROBLEM: UNLINK options issued error when file did not exist, |
| terminating socat |
| SOLVED: failure of unlink() is only warning if errno==ENOENT |
| |
| PROBLEM: TCP6-LISTEN required numeric port specification |
| SOLVED: now uses common TCP service resolver |
| |
| PROBLEM: with PIPE, wrong FDs were shown for data transfer loop |
| SOLVED: retrieval of FDs now pays respect to PIPE pecularities |
| |
| PROBLEM: using address EXEC against an address with IGNOREEOF, socat |
| never terminated |
| SOLVED: corrected EOF handling of sigchld |
| |
| |
| porting: |
| MacOS and old AIX versions now have pty |
| |
| flock() now available on Linux (configure check was wrong) |
| |
| named pipe were generated using mknod(), which requires root under BSD |
| now they are generated using mkfifo |
| |
| |
| further corrections: |
| lots of address options that were "forgotten" at runtime are now |
| available |
| |
| option BINDTODEVICE now also called SO-BINDTODEVICE, IF |
| |
| "make install" now installs binaries with ownership 0:0 |
| |
| |
| ####################### V 1.0.4.2: |
| |
| solved problems and bugs: |
| PROBLEM: EOF of one stream caused close of other stream, giving it no |
| chance to go down regularly |
| SOLVED: EOF of one stream now causes shutdown of write part of other |
| stream |
| |
| PROBLEM: sending mail via socks address to qmail showed that crlf |
| option does not work |
| SOLVED: socks address applies PH_LATE options |
| |
| PROBLEM: in debug mode, no info about socat and platform was issued |
| SOLVED: print socat version and uname output in debug mode |
| |
| PROBLEM: invoking socat with -t and no following parameters caused |
| SIGSEGV |
| SOLVED: -t and -b now check next argv entry |
| |
| PROBLEM: when opening of logfile (-lf) failed, no error was reported |
| and no further messages were printed |
| SOLVED: check result of fopen and print error message if it failed |
| |
| new features: |
| address type UDP-LISTEN now supports option fork: it internally applies |
| socket option SO_REUSEADDR so a new UDP socket can bind to port after |
| `accepting´ a connection (child processes might live forever though) |
| (suggestion from Damjan Lango) |
| |
| |
| ####################### V 1.0.4.1: |
| |
| solved problems and bugs: |
| PROB: assert in libc caused an endless recursion |
| SOLVED: no longer catch SIGABRT |
| |
| PROB: socat printed wrong verbose prefix for "right to left" packets |
| SOLVED: new parameter for xiotransfer() passes correct prefix |
| |
| new features: |
| in debug mode, socat prints its command line arguments |
| in verbose mode, escape special characters and replace unprintables |
| with '.'. Patch from Adrian Thurston. |
| |
| |
| ####################### V 1.0.4.0: |
| |
| solved problems and bugs: |
| Debug output for lstat and fstat said "stat" |
| |
| further corrections: |
| FreeBSD now includes libutil.h |
| |
| new features: |
| option setsid with exec/pty |
| option setpgid with exec/pty |
| option ctty with exec/pty |
| TCP V6 connect test |
| gettimeofday in sycls.c (no use yet) |
| |
| porting: |
| before Gethostbyname, invoke inet_aton for MacOSX |
| |
| |
| ####################### V 1.0.3.0: |
| |
| solved problems and bugs: |
| |
| PROB: test 9 of test.sh (echo via file) failed on some platforms, |
| socat exited without error message |
| SOLVED: _xioopen_named_early(): preset statbuf.st_mode with 0 |
| |
| PROB: test 17 hung forever |
| REASON: child death before select loop did not result in EOF |
| SOLVED: check of existence of children before starting select loop |
| |
| PROB: test 17 failed |
| REASON: child dead triggered EOF before last data was read |
| SOLVED: after child death, read last data before setting EOF |
| |
| PROB: filan showed that exec processes incorrectly had fd3 open |
| REASON: inherited open fd3 from main process |
| SOLVED: set CLOEXEC flag on pty fd in main process |
| |
| PROB: help printed "undef" instead of group "FORK" |
| SOLVED: added "FORK" to group name array |
| |
| PROB: fatal messages did not include severity classifier |
| SOLVED: added "F" to severity classifier array |
| |
| PROB: IP6 addresses where printed incorrectly |
| SOLVED: removed type casts to unsigned short * |
| |
| further corrections: |
| socat catches illegal -l modes |
| corrected error message on setsockopt(linger) |
| option tabdly is of type uint |
| correction for UDP over IP6 |
| more cpp conditionals, esp. for IP6 situations |
| better handling of group NAMED options with listening UNIX sockets |
| applyopts2 now includes last given phase |
| corrected option group handling for most address types |
| introduce dropping of unappliable options (dropopts, dropopts2) |
| gopen now accepts socket and unix-socket options |
| exec and system now accept all socket and termios options |
| child process for exec and system addresses with option pty |
| improved descriptions and options for EXAMPLES |
| printf format for file mode changed to "0%03o" with length spec. |
| added va_end() in branch of msg() |
| changed phase of lock options from PASTOPEN to FD |
| support up to four early dying processes |
| |
| structural changes: |
| xiosysincludes now includes sysincludes.h for non xio files |
| |
| new features: |
| option umask |
| CHANGES file |
| TYPE_DOUBLE, u_double |
| OFUNC_OFFSET |
| added getsid(), setsid(), send() to sycls |
| procan prints sid (session id) |
| mail.sh gets -f (from) option |
| new EXAMPLEs for file creation |
| gatherinfo.sh now tells about failures |
| test.sh can check for much more address/option combinations |
| |
| porting: |
| ispeed, ospeed for termios on FreeBSD |
| getpgid() conditional for MacOS 10 |
| added ranlib in Makefile.in for MacOS 10 |
| disable pty option if no pty mechanism is available (MacOS 10) |
| now compiles and runs on MacOS 10 (still some tests fail) |
| setgroups() conditional for cygwin |
| sighandler_t defined conditionally |
| use gcc option -D_GNU_SOURCE |