From db631d5e35d2ad3c38723101dc91eee87a14838b Mon Sep 17 00:00:00 2001 From: "zodiac@gmail.com" Date: Mon, 25 May 2009 06:03:26 +0000 Subject: [PATCH] Added SSL support for OpenBSD git-svn-id: https://shellinabox.googlecode.com/svn/trunk@122 0da03de8-d603-11dd-86c2-0f8696b7b6f9 --- ChangeLog | 4 +++ config.h | 2 +- configure | 4 +-- configure.ac | 4 +-- demo/vt100.js | 2 +- libhttp/ssl.c | 50 ++++++++++++++++++++++++++++++----- shellinabox/shell_in_a_box.js | 2 +- shellinabox/vt100.js | 2 +- 8 files changed, 56 insertions(+), 14 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6512433..e28f343 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2009-05-24 Markus Gutschke + + * Added SSL support for OpenBSD + 2009-05-23 Markus Gutschke * Released version 2.8 diff --git a/config.h b/config.h index 9e9e936..a140e67 100644 --- a/config.h +++ b/config.h @@ -129,7 +129,7 @@ #define STDC_HEADERS 1 /* Most recent revision number in the version control system */ -#define VCS_REVISION "121" +#define VCS_REVISION "122" /* Version number of package */ #define VERSION "2.8" diff --git a/configure b/configure index 2cab1a5..215ae73 100755 --- a/configure +++ b/configure @@ -2037,7 +2037,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $ ac_compiler_gnu=$ac_cv_c_compiler_gnu -VCS_REVISION=121 +VCS_REVISION=122 cat >>confdefs.h <<_ACEOF @@ -12867,7 +12867,7 @@ $as_echo "$ac_cv_header_openssl_ssl_h" >&6; } fi if test "x$ac_cv_header_openssl_ssl_h" = x""yes; then - LIBS="-lssl $LIBS" + LIBS="-lssl -lcrypto $LIBS" fi diff --git a/configure.ac b/configure.ac index a5c8f14..fab433e 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ AC_PREREQ(2.57) dnl This is the one location where the authoritative version number is stored AC_INIT(shellinabox, 2.8, markus@shellinabox.com) -VCS_REVISION=121 +VCS_REVISION=122 AC_SUBST(VCS_REVISION) AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}", [Most recent revision number in the version control system]) @@ -111,7 +111,7 @@ if test "x$enable_runtime_loading" == xno; then if test "x$enable_ssl" != xno; then AC_CHECK_HEADER(openssl/bio.h, [AC_CHECK_HEADER(openssl/err.h, - [AC_CHECK_HEADER(openssl/ssl.h, [LIBS="-lssl $LIBS"])])]) + [AC_CHECK_HEADER(openssl/ssl.h, [LIBS="-lssl -lcrypto $LIBS"])])]) fi dnl Link against PAM libraries, unless PAM support has been disabled diff --git a/demo/vt100.js b/demo/vt100.js index 3787cd8..2080500 100644 --- a/demo/vt100.js +++ b/demo/vt100.js @@ -1500,7 +1500,7 @@ VT100.prototype.toggleBell = function() { }; VT100.prototype.about = function() { - alert("VT100 Terminal Emulator " + "2.8 (revision 121)" + + alert("VT100 Terminal Emulator " + "2.8 (revision 122)" + "\nCopyright 2008-2009 by Markus Gutschke\n" + "For more information check http://shellinabox.com"); }; diff --git a/libhttp/ssl.c b/libhttp/ssl.c index 24c8690..bb815f7 100644 --- a/libhttp/ssl.c +++ b/libhttp/ssl.c @@ -178,22 +178,60 @@ void deleteSSL(struct SSLSupport *ssl) { } #if defined(HAVE_OPENSSL) && defined(HAVE_DLOPEN) +static int maybeLoadCrypto(void) { + // Some operating systems cannot automatically load dependent dynamic + // libraries. As libssl.so can depend on libcrypto.so, we try to load + // it, iff we haven't tried loading it before and iff libssl.so does not + // work by itself. + static int crypto; + if (!crypto++) { +#ifdef RTLD_NOLOAD + if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD)) + return 1; + else +#endif + if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL)) + return 1; + } + return 0; +} + static void *loadSymbol(const char *lib, const char *fn) { + int err = NOINTR(dup(2)); + if (err > 2) { + int null = NOINTR(open("/dev/null", O_WRONLY)); + if (null >= 0) { + NOINTR(dup2(null, 2)); + NOINTR(close(null)); + } + } void *dl = RTLD_DEFAULT; void *rc = dlsym(dl, fn); if (!rc) { + for (int i = 0; i < 2; i++) { #ifdef RTLD_NOLOAD - dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD); + dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD); #else - dl = NULL; + dl = NULL; #endif - if (dl == NULL) { - dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL); + if (dl == NULL) { + dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL); + } + if (dl != NULL || !maybeLoadCrypto()) { + break; + } } if (dl != NULL) { - rc = dlsym(dl, fn); + rc = dlsym(RTLD_DEFAULT, fn); + if (rc == NULL && maybeLoadCrypto()) { + rc = dlsym(RTLD_DEFAULT, fn); + } } } + if (err > 2) { + NOINTR(dup2(err, 2)); + } + NOINTR(close(err)); return rc; } @@ -305,7 +343,7 @@ static void sslGenerateCertificate(const char *certificate, "set -e; " "exec 2>/dev/null '%s'", serverName, certificate); diff --git a/shellinabox/shell_in_a_box.js b/shellinabox/shell_in_a_box.js index 4460671..0d75eff 100644 --- a/shellinabox/shell_in_a_box.js +++ b/shellinabox/shell_in_a_box.js @@ -355,7 +355,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) { }; ShellInABox.prototype.about = function() { - alert("Shell In A Box version " + "2.8 (revision 121)" + + alert("Shell In A Box version " + "2.8 (revision 122)" + "\nCopyright 2008-2009 by Markus Gutschke\n" + "For more information check http://shellinabox.com" + (typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ? diff --git a/shellinabox/vt100.js b/shellinabox/vt100.js index 3787cd8..2080500 100644 --- a/shellinabox/vt100.js +++ b/shellinabox/vt100.js @@ -1500,7 +1500,7 @@ VT100.prototype.toggleBell = function() { }; VT100.prototype.about = function() { - alert("VT100 Terminal Emulator " + "2.8 (revision 121)" + + alert("VT100 Terminal Emulator " + "2.8 (revision 122)" + "\nCopyright 2008-2009 by Markus Gutschke\n" + "For more information check http://shellinabox.com"); };