[openssl-commits] [openssl] master update

Richard Levitte levitte at openssl.org
Wed Feb 3 18:39:00 UTC 2016


The branch master has been updated
       via  2fcff74c879c3ff5bcbf11390daf37442cb6aa0c (commit)
       via  b00b21242ae96aeb5521252bf0cdece5be0047a1 (commit)
       via  d33b215b331116e50947ca7e75d210e1db39b78d (commit)
      from  83be2778fe11ede4cd065a136c686fe664c212a2 (commit)


- Log -----------------------------------------------------------------
commit 2fcff74c879c3ff5bcbf11390daf37442cb6aa0c
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Feb 2 21:44:01 2016 +0100

    make update
    
    Reviewed-by: Kurt Roeckx <kurt at openssl.org>

commit b00b21242ae96aeb5521252bf0cdece5be0047a1
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Feb 2 21:42:45 2016 +0100

    Temporary pragma to have GCC quiet down about deprecated functions
    
    Future commits will change our use to newer functions and the pragmas
    will go away at that time.
    
    Reviewed-by: Kurt Roeckx <kurt at openssl.org>

commit d33b215b331116e50947ca7e75d210e1db39b78d
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Feb 2 21:04:54 2016 +0100

    Refactoring BIO: new socket-handling functions, deprecate older ones
    
    Added functions:
    
    BIO_socket
    BIO_connect
    BIO_listen
    BIO_accept_ex
    BIO_closesocket
    BIO_sock_info
    
    These get deprecated:
    
    BIO_gethostbyname
    BIO_get_port
    BIO_get_host_ip
    BIO_get_accept_socket
    BIO_accept
    
    Reviewed-by: Kurt Roeckx <kurt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/bio/Makefile.in     |   4 +-
 crypto/bio/b_sock.c        |  42 +++++++
 crypto/bio/b_sock2.c       | 307 +++++++++++++++++++++++++++++++++++++++++++++
 crypto/bio/bio_err.c       |  15 +++
 crypto/bio/bss_acpt.c      |   6 +
 crypto/bio/bss_conn.c      |   6 +
 crypto/err/err.c           |   3 +
 doc/crypto/BIO_connect.pod | 101 +++++++++++++++
 include/openssl/bio.h      |  58 ++++++---
 include/openssl/err.h      |   3 +
 util/libeay.num            |  16 ++-
 11 files changed, 540 insertions(+), 21 deletions(-)
 create mode 100644 crypto/bio/b_sock2.c
 create mode 100644 doc/crypto/BIO_connect.pod

diff --git a/crypto/bio/Makefile.in b/crypto/bio/Makefile.in
index 9bcc17e..4ad411e 100644
--- a/crypto/bio/Makefile.in
+++ b/crypto/bio/Makefile.in
@@ -19,14 +19,14 @@ LIBSRC= bio_lib.c bio_cb.c bio_err.c \
 	bss_mem.c bss_null.c bss_fd.c \
 	bss_file.c bss_sock.c bss_conn.c \
 	bf_null.c bf_buff.c b_print.c b_dump.c b_addr.c \
-	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \
+	b_sock.c b_sock2.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \
 	bss_dgram.c
 #	bf_lbuf.c
 LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
 	bss_mem.o bss_null.o bss_fd.o \
 	bss_file.o bss_sock.o bss_conn.o \
 	bf_null.o bf_buff.o b_print.o b_dump.o b_addr.o \
-	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \
+	b_sock.o b_sock2.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \
 	bss_dgram.o
 #	bf_lbuf.o
 
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index 5a50251..e07141b 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -88,6 +88,13 @@ static int wsa_init_done = 0;
 #  define WSAAPI
 # endif
 
+/*
+ * We are currently using deprecated functions here, and GCC warns
+ * us about them, but since we know, we don't want to hear it.
+ */
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+
+# if OPENSSL_API_COMPAT < 0x10100000L
 static int get_ip(const char *str, unsigned char *ip);
 int BIO_get_host_ip(const char *str, unsigned char *ip)
 {
@@ -194,6 +201,7 @@ int BIO_get_port(const char *str, unsigned short *port_ptr)
     }
     return (1);
 }
+# endif
 
 int BIO_sock_error(int sock)
 {
@@ -218,6 +226,7 @@ int BIO_sock_error(int sock)
         return (j);
 }
 
+# if OPENSSL_API_COMPAT < 0x10100000L
 struct hostent *BIO_gethostbyname(const char *name)
 {
     /*
@@ -230,6 +239,7 @@ struct hostent *BIO_gethostbyname(const char *name)
     return gethostbyname(name);
 # endif
 }
+# endif
 
 int BIO_sock_init(void)
 {
@@ -338,6 +348,7 @@ int BIO_socket_ioctl(int fd, long type, void *arg)
 }
 # endif                         /* __VMS_VER */
 
+# if OPENSSL_API_COMPAT < 0x10100000L
 /*
  * The reason I have implemented this instead of using sscanf is because
  * Visual C 1.52c gives an unresolved external when linking a DLL :-(
@@ -697,6 +708,7 @@ int BIO_accept(int sock, char **addr)
  end:
     return (ret);
 }
+# endif
 
 int BIO_set_tcp_ndelay(int s, int on)
 {
@@ -728,4 +740,34 @@ int BIO_socket_nbio(int s, int mode)
 # endif
     return (ret == 0);
 }
+
+int BIO_sock_info(int sock,
+                  enum BIO_sock_info_type type, union BIO_sock_info_u *info)
+{
+    switch (type) {
+    case BIO_SOCK_INFO_ADDRESS:
+        {
+            socklen_t addr_len;
+            int ret = 0;
+            addr_len = sizeof(*info->addr);
+            ret = getsockname(sock, BIO_ADDR_sockaddr_noconst(info->addr),
+                              &addr_len);
+            if (ret == -1) {
+                SYSerr(SYS_F_GETSOCKNAME, get_last_socket_error());
+                BIOerr(BIO_F_BIO_SOCK_INFO, BIO_R_GETSOCKNAME_ERROR);
+                return 0;
+            }
+            if (addr_len > sizeof(*info->addr)) {
+                BIOerr(BIO_F_BIO_SOCK_INFO, BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS);
+                return 0;
+            }
+        }
+        break;
+    default:
+        BIOerr(BIO_F_BIO_SOCK_INFO, BIO_R_UNKNOWN_INFO_TYPE);
+        return 0;
+    }
+    return 1;
+}
+
 #endif
diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c
new file mode 100644
index 0000000..4bf5cf3
--- /dev/null
+++ b/crypto/bio/b_sock2.c
@@ -0,0 +1,307 @@
+/* ====================================================================
+ * Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+
+#include "bio_lcl.h"
+
+#include <openssl/err.h>
+
+#ifndef OPENSSL_NO_SOCK
+# ifdef SO_MAXCONN
+#  define MAX_LISTEN  SO_MAXCONN
+# elif defined(SOMAXCONN)
+#  define MAX_LISTEN  SOMAXCONN
+# else
+#  define MAX_LISTEN  32
+# endif
+
+/*-
+ * BIO_socket - create a socket
+ * @domain: the socket domain (AF_INET, AF_INET6, AF_UNIX, ...)
+ * @socktype: the socket type (SOCK_STEAM, SOCK_DGRAM)
+ * @protocol: the protocol to use (IPPROTO_TCP, IPPROTO_UDP)
+ * @options: BIO socket options (currently unused)
+ *
+ * Creates a socket.  This should be called before calling any
+ * of BIO_connect and BIO_listen.
+ *
+ * Returns the file descriptor on success or INVALID_SOCKET on failure.  On
+ * failure errno is set, and a status is added to the OpenSSL error stack.
+ */
+int BIO_socket(int domain, int socktype, int protocol, int options)
+{
+    int sock = -1;
+
+    if (BIO_sock_init() != 1)
+        return INVALID_SOCKET;
+
+    sock = socket(domain, socktype, protocol);
+    if (sock == -1) {
+        SYSerr(SYS_F_SOCKET, get_last_socket_error());
+        BIOerr(BIO_F_BIO_SOCKET, BIO_R_UNABLE_TO_CREATE_SOCKET);
+        return INVALID_SOCKET;
+    }
+
+    return sock;
+}
+
+/*-
+ * BIO_connect - connect to an address
+ * @sock: the socket to connect with
+ * @addr: the address to connect to
+ * @options: BIO socket options
+ *
+ * Connects to the address using the given socket and options.
+ *
+ * Options can be a combination of the following:
+ * - BIO_SOCK_KEEPALIVE: enable regularly sending keep-alive messages.
+ * - BIO_SOCK_NONBLOCK: Make the socket non-blocking.
+ * - BIO_SOCK_NODELAY: don't delay small messages.
+ *
+ * options holds BIO socket options that can be used
+ * You should call this for every address returned by BIO_lookup
+ * until the connection is succesful.
+ *
+ * Returns 1 on success or 0 on failure.  On failure errno is set
+ * and an error status is added to the OpenSSL error stack.
+ */
+int BIO_connect(int sock, const BIO_ADDR *addr, int options)
+{
+    int on = 1;
+
+    if (sock == -1) {
+        BIOerr(BIO_F_BIO_CONNECT, BIO_R_INVALID_SOCKET);
+        return 0;
+    }
+
+    if (!BIO_socket_nbio(sock, (options & BIO_SOCK_NONBLOCK) != 0))
+        return 0;
+
+    if (options & BIO_SOCK_KEEPALIVE) {
+        if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) != 0) {
+            SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
+            BIOerr(BIO_F_BIO_CONNECT, BIO_R_UNABLE_TO_KEEPALIVE);
+            return 0;
+        }
+    }
+
+    if (options & BIO_SOCK_NODELAY) {
+        if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) != 0) {
+            SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
+            BIOerr(BIO_F_BIO_CONNECT, BIO_R_UNABLE_TO_NODELAY);
+            return 0;
+        }
+    }
+
+    if (connect(sock, BIO_ADDR_sockaddr(addr),
+                BIO_ADDR_sockaddr_size(addr)) == -1) {
+        SYSerr(SYS_F_CONNECT, get_last_socket_error());
+        BIOerr(BIO_F_BIO_CONNECT, BIO_R_CONNECT_ERROR);
+        return 0;
+    }
+    return 1;
+}
+
+/*-
+ * BIO_listen - Creates a listen socket
+ * @sock: the socket to listen with
+ * @addr: local address to bind to
+ * @options: BIO socket options
+ *
+ * Binds to the address using the given socket and options, then
+ * starts listening for incoming connections.
+ *
+ * Options can be a combination of the following:
+ * - BIO_SOCK_KEEPALIVE: enable regularly sending keep-alive messages.
+ * - BIO_SOCK_NONBLOCK: Make the socket non-blocking.
+ * - BIO_SOCK_NODELAY: don't delay small messages.
+ * - BIO_SOCK_REUSEADDR: Try to reuse the address and port combination
+ *   for a recently closed port.
+ * - BIO_SOCK_V6_ONLY: When creating an IPv6 socket, make it listen only
+ *   for IPv6 addresses and not IPv4 addresses mapped to IPv6.
+ *
+ * It's recommended that you set up both an IPv6 and IPv4 listen socket, and
+ * then check both for new clients that connect to it.  You want to set up
+ * the socket as non-blocking in that case since else it could hang.
+ *
+ * Not all operating systems support IPv4 addresses on an IPv6 socket, and for
+ * others it's an option.  If you pass the BIO_LISTEN_V6_ONLY it will try to
+ * create the IPv6 sockets to only listen for IPv6 connection.
+ *
+ * It could be that the first BIO_listen() call will listen to all the IPv6
+ * and IPv4 addresses and that then trying to bind to the IPv4 address will
+ * fail.  We can't tell the difference between already listening ourself to
+ * it and someone else listening to it when failing and errno is EADDRINUSE, so
+ * it's recommended to not give an error in that case if the first call was
+ * succesful.
+ *
+ * When restarting the program it could be that the port is still in use.  If
+ * you set to BIO_SOCK_REUSEADDR option it will try to reuse the port anyway.
+ * It's recommended that you use this.
+ */
+int BIO_listen(int sock, const BIO_ADDR *addr, int options)
+{
+    int on = 1;
+    int socktype;
+    socklen_t socktype_len = sizeof(socktype);
+
+    if (sock == -1) {
+        BIOerr(BIO_F_BIO_LISTEN, BIO_R_INVALID_SOCKET);
+        return 0;
+    }
+
+    if (getsockopt(sock, SOL_SOCKET, SO_TYPE, &socktype, &socktype_len) != 0
+        || socktype_len != sizeof(socktype)) {
+        SYSerr(SYS_F_GETSOCKOPT, get_last_socket_error());
+        BIOerr(BIO_F_BIO_LISTEN, BIO_R_GETTING_SOCKTYPE);
+        return 0;
+    }
+
+    if (!BIO_socket_nbio(sock, (options & BIO_SOCK_NONBLOCK) != 0))
+        return 0;
+
+# ifndef OPENSSL_SYS_WINDOWS
+    /* SO_REUSEADDR has different behavior on Windows than on
+     * other operating systems, don't set it there. */
+    if (options & BIO_SOCK_REUSEADDR) {
+        if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) != 0) {
+            SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
+            BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_REUSEADDR);
+            return 0;
+        }
+    }
+# endif
+
+    if (options & BIO_SOCK_KEEPALIVE) {
+        if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) != 0) {
+            SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
+            BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_KEEPALIVE);
+            return 0;
+        }
+    }
+
+    if (options & BIO_SOCK_NODELAY) {
+        if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) != 0) {
+            SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
+            BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_NODELAY);
+            return 0;
+        }
+    }
+
+# ifdef IPV6_V6ONLY
+    if ((options & BIO_SOCK_V6_ONLY) && BIO_ADDR_family(addr) == AF_INET6) {
+        if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) != 0) {
+            SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
+            BIOerr(BIO_F_BIO_LISTEN, BIO_R_LISTEN_V6_ONLY);
+            return 0;
+        }
+    }
+# endif
+
+    if (bind(sock, BIO_ADDR_sockaddr(addr), BIO_ADDR_sockaddr_size(addr)) != 0) {
+        SYSerr(SYS_F_BIND, get_last_socket_error());
+        BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_BIND_SOCKET);
+        return 0;
+    }
+
+    if (socktype != SOCK_DGRAM && listen(sock, MAX_LISTEN) == -1) {
+        SYSerr(SYS_F_LISTEN, get_last_socket_error());
+        BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_LISTEN_SOCKET);
+        return 0;
+    }
+
+    return 1;
+}
+
+/*-
+ * BIO_accept_ex - Accept new incoming connections
+ * @sock: the listening socket
+ * @addr: the BIO_ADDR to store the peer address in
+ * @options: BIO socket options, applied on the accepted socket.
+ *
+ */
+int BIO_accept_ex(int accept_sock, BIO_ADDR *addr, int options)
+{
+    socklen_t len;
+    int accepted_sock;
+
+    len = sizeof(*addr);
+    accepted_sock = accept(accept_sock,
+                           BIO_ADDR_sockaddr_noconst(addr), &len);
+    if (accepted_sock == -1) {
+        SYSerr(SYS_F_ACCEPT, get_last_socket_error());
+        BIOerr(BIO_F_BIO_ACCEPT_EX, BIO_R_ACCEPT_ERROR);
+        return INVALID_SOCKET;
+    }
+
+    if (!BIO_socket_nbio(accepted_sock, (options & BIO_SOCK_NONBLOCK) != 0))
+        return INVALID_SOCKET;
+
+    return accepted_sock;
+}
+
+/*-
+ * BIO_closesocket - Close a socket
+ * @sock: the socket to close
+ */
+int BIO_closesocket(int sock)
+{
+    if (closesocket(sock) < 0)
+        return 0;
+    return 1;
+}
+#endif
diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
index e30c96a..0942c28 100644
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -73,14 +73,17 @@ static ERR_STRING_DATA BIO_str_functs[] = {
     {ERR_FUNC(BIO_F_ACPT_STATE), "acpt_state"},
     {ERR_FUNC(BIO_F_ADDR_STRINGS), "addr_strings"},
     {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"},
+    {ERR_FUNC(BIO_F_BIO_ACCEPT_EX), "BIO_accept_ex"},
     {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"},
     {ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"},
+    {ERR_FUNC(BIO_F_BIO_CONNECT), "BIO_connect"},
     {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"},
     {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"},
     {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"},
     {ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET), "BIO_get_accept_socket"},
     {ERR_FUNC(BIO_F_BIO_GET_HOST_IP), "BIO_get_host_ip"},
     {ERR_FUNC(BIO_F_BIO_GET_PORT), "BIO_get_port"},
+    {ERR_FUNC(BIO_F_BIO_LISTEN), "BIO_listen"},
     {ERR_FUNC(BIO_F_BIO_LOOKUP), "BIO_lookup"},
     {ERR_FUNC(BIO_F_BIO_MAKE_PAIR), "bio_make_pair"},
     {ERR_FUNC(BIO_F_BIO_NEW), "BIO_new"},
@@ -93,6 +96,8 @@ static ERR_STRING_DATA BIO_str_functs[] = {
     {ERR_FUNC(BIO_F_BIO_PARSE_HOSTSERV), "BIO_parse_hostserv"},
     {ERR_FUNC(BIO_F_BIO_PUTS), "BIO_puts"},
     {ERR_FUNC(BIO_F_BIO_READ), "BIO_read"},
+    {ERR_FUNC(BIO_F_BIO_SOCKET), "BIO_socket"},
+    {ERR_FUNC(BIO_F_BIO_SOCK_INFO), "BIO_sock_info"},
     {ERR_FUNC(BIO_F_BIO_SOCK_INIT), "BIO_sock_init"},
     {ERR_FUNC(BIO_F_BIO_WRITE), "BIO_write"},
     {ERR_FUNC(BIO_F_BUFFER_CTRL), "buffer_ctrl"},
@@ -125,10 +130,16 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
      "error setting nbio on accept socket"},
     {ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),
      "gethostbyname addr is not af inet"},
+    {ERR_REASON(BIO_R_GETSOCKNAME_ERROR), "getsockname error"},
+    {ERR_REASON(BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS),
+     "getsockname truncated address"},
+    {ERR_REASON(BIO_R_GETTING_SOCKTYPE), "getting socktype"},
     {ERR_REASON(BIO_R_INVALID_ARGUMENT), "invalid argument"},
     {ERR_REASON(BIO_R_INVALID_IP_ADDRESS), "invalid ip address"},
+    {ERR_REASON(BIO_R_INVALID_SOCKET), "invalid socket"},
     {ERR_REASON(BIO_R_IN_USE), "in use"},
     {ERR_REASON(BIO_R_KEEPALIVE), "keepalive"},
+    {ERR_REASON(BIO_R_LISTEN_V6_ONLY), "listen v6 only"},
     {ERR_REASON(BIO_R_MALFORMED_HOST_OR_SERVICE), "malformed host or service"},
     {ERR_REASON(BIO_R_NBIO_CONNECT_ERROR), "nbio connect error"},
     {ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED), "no accept port specified"},
@@ -140,8 +151,12 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
     {ERR_REASON(BIO_R_TAG_MISMATCH), "tag mismatch"},
     {ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET), "unable to bind socket"},
     {ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"},
+    {ERR_REASON(BIO_R_UNABLE_TO_KEEPALIVE), "unable to keepalive"},
     {ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET), "unable to listen socket"},
+    {ERR_REASON(BIO_R_UNABLE_TO_NODELAY), "unable to nodelay"},
+    {ERR_REASON(BIO_R_UNABLE_TO_REUSEADDR), "unable to reuseaddr"},
     {ERR_REASON(BIO_R_UNINITIALIZED), "uninitialized"},
+    {ERR_REASON(BIO_R_UNKNOWN_INFO_TYPE), "unknown info type"},
     {ERR_REASON(BIO_R_UNSUPPORTED_METHOD), "unsupported method"},
     {ERR_REASON(BIO_R_UNSUPPORTED_PROTOCOL_FAMILY),
      "unsupported protocol family"},
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index a489ba4..e3b8850 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -63,6 +63,12 @@
 
 #ifndef OPENSSL_NO_SOCK
 
+/*
+ * We are currently using deprecated functions here, and GCC warns
+ * us about them, but since we know, we don't want to hear it.
+ */
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+
 # if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
 #  undef FIONBIO
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index 2308ad2..89ab910 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -63,6 +63,12 @@
 
 #ifndef OPENSSL_NO_SOCK
 
+/*
+ * We are currently using deprecated functions here, and GCC warns
+ * us about them, but since we know, we don't want to hear it.
+ */
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+
 # if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
 #  undef FIONBIO
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 13757c2..6cb582d 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -175,6 +175,9 @@ static ERR_STRING_DATA ERR_str_functs[] = {
     {ERR_PACK(0, SYS_F_FREAD, 0), "fread"},
     {ERR_PACK(0, SYS_F_GETADDRINFO, 0), "getaddrinfo"},
     {ERR_PACK(0, SYS_F_GETNAMEINFO, 0), "getnameinfo"},
+    {ERR_PACK(0, SYS_F_SETSOCKOPT, 0), "setsockopt"},
+    {ERR_PACK(0, SYS_F_GETSOCKOPT, 0), "getsockopt"},
+    {ERR_PACK(0, SYS_F_GETSOCKNAME, 0), "getsockname"},
     {0, NULL},
 };
 
diff --git a/doc/crypto/BIO_connect.pod b/doc/crypto/BIO_connect.pod
new file mode 100644
index 0000000..4edb8ba
--- /dev/null
+++ b/doc/crypto/BIO_connect.pod
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+BIO_socket, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO
+socket communication setup routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+ int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+ int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
+ int BIO_closesocket(int sock);
+
+=head1 DESCRIPTION
+
+BIO_socket() creates a socket in the domain B<domain>, of type
+B<socktype> and B<protocol>.  Socket B<options> are currently unused,
+but is present for future use.
+
+BIO_connect() connects B<sock> to the address and service given by
+B<addr>.  Connection B<options> may be zero or any combination of
+B<BIO_SOCK_KEEPALIVE>, B<BIO_SOCK_NONBLOCK> and B<BIO_SOCK_NODELAY>.
+The flags are described in L</FLAGS> below.
+
+BIO_listen() has B<sock> start listening on the address and service
+given by B<addr>.  Connection B<options> may be zero or any
+combination of B<BIO_SOCK_KEEPALIVE>, B<BIO_SOCK_NONBLOCK>,
+B<BIO_SOCK_NODELAY>, B<BIO_SOCK_REUSEADDR> and B<BIO_SOCK_V6_ONLY>.
+The flags are described in L</FLAGS> below.
+
+BIO_accept_ex() waits for an incoming connections on the given
+socket B<accept_sock>.  When it gets a connection, the address and
+port of the peer gets stored in B<peer> if that one is non-NULL.
+Accept B<options> may be zero or B<BIO_SOCK_NONBLOCK>, and is applied
+on the accepted socket.  The flags are described in L</FLAGS> below.
+
+BIO_closesocket() closes B<sock>.
+
+=head1 FLAGS
+
+=over 4
+
+=item BIO_SOCK_KEEPALIVE
+
+Enables regular sending of keep-alive messages.
+
+=item BIO_SOCK_NONBLOCK
+
+Sets the socket to non-blocking mode.
+
+=item BIO_SOCK_NODELAY
+
+Corresponds to B<TCP_NODELAY>, and disables the Nagle algorithm.  With
+this set, any data will be sent as soon as possible instead of being
+buffered until there's enough for the socket to send out in one go.
+
+=item BIO_SOCK_REUSEADDR
+
+Try to reuse the address and port combination for a recently closed
+port.
+
+=item BIO_SOCK_V6_ONLY
+
+When creating an IPv6 socket, make it only listen for IPv6 addresses
+and not IPv4 addresses mapped to IPv6.
+
+=back
+
+These flags are bit flags, so they are to be combined with the
+C<|> operator, for example:
+
+  BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);
+
+=head1 RETURN VALUES
+
+BIO_socket() returns the socket number on success or B<INVALID_SOCKET>
+(-1) on error.  When an error has occured, the OpenSSL error stack
+will hold the error data and errno has the system error.
+
+BIO_connect() and BIO_listen() return 1 on success or 0 on error.
+When an error has occured, the OpenSSL error stack will hold the error
+data and errno has the system error.
+
+BIO_accept_ex() returns the accepted socket on success or
+B<INVALID_SOCKET> (-1) on error.  When an error has occured, the
+OpenSSL error stack will hold the error data and errno has the system
+error.
+
+=head1 HISTORY
+
+BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(),
+BIO_get_accept_socket() and BIO_accept() are deprecated since OpenSSL
+1.1.  Use the functions described above instead.
+
+=head1 SEE ALSO
+
+L<BIO_ADDR(3)>
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index 82d4845..62f9369 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -731,27 +731,43 @@ enum BIO_lookup_type {
 int BIO_lookup(const char *host, const char *service,
                enum BIO_lookup_type lookup_type,
                int family, int socktype, BIO_ADDRINFO **res);
-struct hostent *BIO_gethostbyname(const char *name);
-/*-
- * We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- *     struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
 int BIO_sock_error(int sock);
 int BIO_socket_ioctl(int fd, long type, void *arg);
 int BIO_socket_nbio(int fd, int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port, int mode);
-int BIO_accept(int sock, char **ip_port);
 int BIO_sock_init(void);
 void BIO_sock_cleanup(void);
 int BIO_set_tcp_ndelay(int sock, int turn_on);
 
+DEPRECATEDIN_1_1_0(struct hostent *BIO_gethostbyname(const char *name))
+DEPRECATEDIN_1_1_0(int BIO_get_port(const char *str, unsigned short *port_ptr))
+DEPRECATEDIN_1_1_0(int BIO_get_host_ip(const char *str, unsigned char *ip))
+DEPRECATEDIN_1_1_0(int BIO_get_accept_socket(char *host_port, int mode))
+DEPRECATEDIN_1_1_0(int BIO_accept(int sock, char **ip_port))
+
+union BIO_sock_info_u {
+    BIO_ADDR *addr;
+};
+enum BIO_sock_info_type {
+    BIO_SOCK_INFO_ADDRESS
+};
+int BIO_sock_info(int sock,
+                  enum BIO_sock_info_type type, union BIO_sock_info_u *info);
+
+# define BIO_SOCK_REUSEADDR    0x01
+# define BIO_SOCK_V6_ONLY      0x02
+# define BIO_SOCK_KEEPALIVE    0x04
+# define BIO_SOCK_NONBLOCK     0x08
+# define BIO_SOCK_NODELAY      0x10
+
+int BIO_socket(int domain, int socktype, int protocol, int options);
+int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+int BIO_accept_ex(int accept_sock, BIO_ADDR *addr, int options);
+# if OPENSSL_API_COMPAT >= 0x10100000L
+#  define BIO_accept(as,s,a) BIO_accept_ex((as),(s),(a))
+# endif
+int BIO_closesocket(int sock);
+
 BIO *BIO_new_socket(int sock, int close_flag);
 BIO *BIO_new_dgram(int fd, int close_flag);
 # ifndef OPENSSL_NO_SCTP
@@ -812,14 +828,17 @@ void ERR_load_BIO_strings(void);
 # define BIO_F_ACPT_STATE                                 100
 # define BIO_F_ADDR_STRINGS                               134
 # define BIO_F_BIO_ACCEPT                                 101
+# define BIO_F_BIO_ACCEPT_EX                              137
 # define BIO_F_BIO_BER_GET_HEADER                         102
 # define BIO_F_BIO_CALLBACK_CTRL                          131
+# define BIO_F_BIO_CONNECT                                138
 # define BIO_F_BIO_CTRL                                   103
 # define BIO_F_BIO_GETHOSTBYNAME                          120
 # define BIO_F_BIO_GETS                                   104
 # define BIO_F_BIO_GET_ACCEPT_SOCKET                      105
 # define BIO_F_BIO_GET_HOST_IP                            106
 # define BIO_F_BIO_GET_PORT                               107
+# define BIO_F_BIO_LISTEN                                 139
 # define BIO_F_BIO_LOOKUP                                 135
 # define BIO_F_BIO_MAKE_PAIR                              121
 # define BIO_F_BIO_NEW                                    108
@@ -832,6 +851,8 @@ void ERR_load_BIO_strings(void);
 # define BIO_F_BIO_PARSE_HOSTSERV                         136
 # define BIO_F_BIO_PUTS                                   110
 # define BIO_F_BIO_READ                                   111
+# define BIO_F_BIO_SOCKET                                 140
+# define BIO_F_BIO_SOCK_INFO                              141
 # define BIO_F_BIO_SOCK_INIT                              112
 # define BIO_F_BIO_WRITE                                  113
 # define BIO_F_BUFFER_CTRL                                114
@@ -859,10 +880,15 @@ void ERR_load_BIO_strings(void);
 # define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET      105
 # define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET        106
 # define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET          107
+# define BIO_R_GETSOCKNAME_ERROR                          132
+# define BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS              133
+# define BIO_R_GETTING_SOCKTYPE                           134
 # define BIO_R_INVALID_ARGUMENT                           125
 # define BIO_R_INVALID_IP_ADDRESS                         108
+# define BIO_R_INVALID_SOCKET                             135
 # define BIO_R_IN_USE                                     123
 # define BIO_R_KEEPALIVE                                  109
+# define BIO_R_LISTEN_V6_ONLY                             136
 # define BIO_R_MALFORMED_HOST_OR_SERVICE                  130
 # define BIO_R_NBIO_CONNECT_ERROR                         110
 # define BIO_R_NO_ACCEPT_PORT_SPECIFIED                   111
@@ -874,8 +900,12 @@ void ERR_load_BIO_strings(void);
 # define BIO_R_TAG_MISMATCH                               116
 # define BIO_R_UNABLE_TO_BIND_SOCKET                      117
 # define BIO_R_UNABLE_TO_CREATE_SOCKET                    118
+# define BIO_R_UNABLE_TO_KEEPALIVE                        137
 # define BIO_R_UNABLE_TO_LISTEN_SOCKET                    119
+# define BIO_R_UNABLE_TO_NODELAY                          138
+# define BIO_R_UNABLE_TO_REUSEADDR                        139
 # define BIO_R_UNINITIALIZED                              120
+# define BIO_R_UNKNOWN_INFO_TYPE                          140
 # define BIO_R_UNSUPPORTED_METHOD                         121
 # define BIO_R_UNSUPPORTED_PROTOCOL_FAMILY                131
 # define BIO_R_WRITE_TO_READ_ONLY_BIO                     126
diff --git a/include/openssl/err.h b/include/openssl/err.h
index 0214e68..370763c 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -259,6 +259,9 @@ typedef struct err_state_st {
 # define SYS_F_FREAD             11
 # define SYS_F_GETADDRINFO       12
 # define SYS_F_GETNAMEINFO       13
+# define SYS_F_SETSOCKOPT        14
+# define SYS_F_GETSOCKOPT        15
+# define SYS_F_GETSOCKNAME       16
 
 /* reasons */
 # define ERR_R_SYS_LIB   ERR_LIB_SYS/* 2 */
diff --git a/util/libeay.num b/util/libeay.num
index e2e0564..c59581c 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -46,7 +46,7 @@ BF_options                              45	1_1_0	EXIST::FUNCTION:BF
 BF_set_key                              46	1_1_0	EXIST::FUNCTION:BF
 BIO_CONNECT_free                        47	1_1_0	NOEXIST::FUNCTION:
 BIO_CONNECT_new                         48	1_1_0	NOEXIST::FUNCTION:
-BIO_accept                              51	1_1_0	EXIST::FUNCTION:
+BIO_accept                              51	1_1_0	EXIST::FUNCTION:DEPRECATEDIN_1_1_0
 BIO_ctrl                                52	1_1_0	EXIST::FUNCTION:
 BIO_int_ctrl                            53	1_1_0	EXIST::FUNCTION:
 BIO_debug_callback                      54	1_1_0	EXIST::FUNCTION:
@@ -63,13 +63,13 @@ BIO_fd_should_retry                     64	1_1_0	EXIST::FUNCTION:
 BIO_find_type                           65	1_1_0	EXIST::FUNCTION:
 BIO_free                                66	1_1_0	EXIST::FUNCTION:
 BIO_free_all                            67	1_1_0	EXIST::FUNCTION:
-BIO_get_accept_socket                   69	1_1_0	EXIST::FUNCTION:
+BIO_get_accept_socket                   69	1_1_0	EXIST::FUNCTION:DEPRECATEDIN_1_1_0
 BIO_get_filter_bio                      70	1_1_0	NOEXIST::FUNCTION:
-BIO_get_host_ip                         71	1_1_0	EXIST::FUNCTION:
-BIO_get_port                            72	1_1_0	EXIST::FUNCTION:
+BIO_get_host_ip                         71	1_1_0	EXIST::FUNCTION:DEPRECATEDIN_1_1_0
+BIO_get_port                            72	1_1_0	EXIST::FUNCTION:DEPRECATEDIN_1_1_0
 BIO_get_retry_BIO                       73	1_1_0	EXIST::FUNCTION:
 BIO_get_retry_reason                    74	1_1_0	EXIST::FUNCTION:
-BIO_gethostbyname                       75	1_1_0	EXIST::FUNCTION:
+BIO_gethostbyname                       75	1_1_0	EXIST::FUNCTION:DEPRECATEDIN_1_1_0
 BIO_gets                                76	1_1_0	EXIST::FUNCTION:
 BIO_new                                 78	1_1_0	EXIST::FUNCTION:
 BIO_new_accept                          79	1_1_0	EXIST::FUNCTION:
@@ -4789,3 +4789,9 @@ BIO_ADDR_new                            5183	1_1_0	EXIST::FUNCTION:
 BIO_ADDR_rawmake                        5184	1_1_0	EXIST::FUNCTION:
 BIO_ADDRINFO_free                       5185	1_1_0	EXIST::FUNCTION:
 BIO_parse_hostserv                      5186	1_1_0	EXIST::FUNCTION:
+BIO_accept_ex                           5187	1_1_0	EXIST::FUNCTION:
+BIO_connect                             5188	1_1_0	EXIST::FUNCTION:
+BIO_closesocket                         5189	1_1_0	EXIST::FUNCTION:
+BIO_sock_info                           5190	1_1_0	EXIST::FUNCTION:
+BIO_socket                              5191	1_1_0	EXIST::FUNCTION:
+BIO_listen                              5192	1_1_0	EXIST::FUNCTION:


More information about the openssl-commits mailing list