Added SSL support for OpenBSD
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@122 0da03de8-d603-11dd-86c2-0f8696b7b6f9
This commit is contained in:
zodiac@gmail.com
parent
adadddf91c
commit
db631d5e35
8 changed files with 56 additions and 14 deletions
|
|
@ -1,3 +1,7 @@
|
||||||
|
2009-05-24 Markus Gutschke <markus@shellinabox.com>
|
||||||
|
|
||||||
|
* Added SSL support for OpenBSD
|
||||||
|
|
||||||
2009-05-23 Markus Gutschke <markus@shellinabox.com>
|
2009-05-23 Markus Gutschke <markus@shellinabox.com>
|
||||||
|
|
||||||
* Released version 2.8
|
* Released version 2.8
|
||||||
|
|
|
||||||
2
config.h
2
config.h
|
|
@ -129,7 +129,7 @@
|
||||||
#define STDC_HEADERS 1
|
#define STDC_HEADERS 1
|
||||||
|
|
||||||
/* Most recent revision number in the version control system */
|
/* Most recent revision number in the version control system */
|
||||||
#define VCS_REVISION "121"
|
#define VCS_REVISION "122"
|
||||||
|
|
||||||
/* Version number of package */
|
/* Version number of package */
|
||||||
#define VERSION "2.8"
|
#define VERSION "2.8"
|
||||||
|
|
|
||||||
4
configure
vendored
4
configure
vendored
|
|
@ -2037,7 +2037,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
|
||||||
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||||
|
|
||||||
|
|
||||||
VCS_REVISION=121
|
VCS_REVISION=122
|
||||||
|
|
||||||
|
|
||||||
cat >>confdefs.h <<_ACEOF
|
cat >>confdefs.h <<_ACEOF
|
||||||
|
|
@ -12867,7 +12867,7 @@ $as_echo "$ac_cv_header_openssl_ssl_h" >&6; }
|
||||||
|
|
||||||
fi
|
fi
|
||||||
if test "x$ac_cv_header_openssl_ssl_h" = x""yes; then
|
if test "x$ac_cv_header_openssl_ssl_h" = x""yes; then
|
||||||
LIBS="-lssl $LIBS"
|
LIBS="-lssl -lcrypto $LIBS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ AC_PREREQ(2.57)
|
||||||
|
|
||||||
dnl This is the one location where the authoritative version number is stored
|
dnl This is the one location where the authoritative version number is stored
|
||||||
AC_INIT(shellinabox, 2.8, markus@shellinabox.com)
|
AC_INIT(shellinabox, 2.8, markus@shellinabox.com)
|
||||||
VCS_REVISION=121
|
VCS_REVISION=122
|
||||||
AC_SUBST(VCS_REVISION)
|
AC_SUBST(VCS_REVISION)
|
||||||
AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
|
AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
|
||||||
[Most recent revision number in the version control system])
|
[Most recent revision number in the version control system])
|
||||||
|
|
@ -111,7 +111,7 @@ if test "x$enable_runtime_loading" == xno; then
|
||||||
if test "x$enable_ssl" != xno; then
|
if test "x$enable_ssl" != xno; then
|
||||||
AC_CHECK_HEADER(openssl/bio.h,
|
AC_CHECK_HEADER(openssl/bio.h,
|
||||||
[AC_CHECK_HEADER(openssl/err.h,
|
[AC_CHECK_HEADER(openssl/err.h,
|
||||||
[AC_CHECK_HEADER(openssl/ssl.h, [LIBS="-lssl $LIBS"])])])
|
[AC_CHECK_HEADER(openssl/ssl.h, [LIBS="-lssl -lcrypto $LIBS"])])])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
dnl Link against PAM libraries, unless PAM support has been disabled
|
dnl Link against PAM libraries, unless PAM support has been disabled
|
||||||
|
|
|
||||||
|
|
@ -1500,7 +1500,7 @@ VT100.prototype.toggleBell = function() {
|
||||||
};
|
};
|
||||||
|
|
||||||
VT100.prototype.about = function() {
|
VT100.prototype.about = function() {
|
||||||
alert("VT100 Terminal Emulator " + "2.8 (revision 121)" +
|
alert("VT100 Terminal Emulator " + "2.8 (revision 122)" +
|
||||||
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
||||||
"For more information check http://shellinabox.com");
|
"For more information check http://shellinabox.com");
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -178,22 +178,60 @@ void deleteSSL(struct SSLSupport *ssl) {
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(HAVE_OPENSSL) && defined(HAVE_DLOPEN)
|
#if defined(HAVE_OPENSSL) && defined(HAVE_DLOPEN)
|
||||||
|
static int maybeLoadCrypto(void) {
|
||||||
|
// Some operating systems cannot automatically load dependent dynamic
|
||||||
|
// libraries. As libssl.so can depend on libcrypto.so, we try to load
|
||||||
|
// it, iff we haven't tried loading it before and iff libssl.so does not
|
||||||
|
// work by itself.
|
||||||
|
static int crypto;
|
||||||
|
if (!crypto++) {
|
||||||
|
#ifdef RTLD_NOLOAD
|
||||||
|
if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD))
|
||||||
|
return 1;
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL))
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
static void *loadSymbol(const char *lib, const char *fn) {
|
static void *loadSymbol(const char *lib, const char *fn) {
|
||||||
|
int err = NOINTR(dup(2));
|
||||||
|
if (err > 2) {
|
||||||
|
int null = NOINTR(open("/dev/null", O_WRONLY));
|
||||||
|
if (null >= 0) {
|
||||||
|
NOINTR(dup2(null, 2));
|
||||||
|
NOINTR(close(null));
|
||||||
|
}
|
||||||
|
}
|
||||||
void *dl = RTLD_DEFAULT;
|
void *dl = RTLD_DEFAULT;
|
||||||
void *rc = dlsym(dl, fn);
|
void *rc = dlsym(dl, fn);
|
||||||
if (!rc) {
|
if (!rc) {
|
||||||
|
for (int i = 0; i < 2; i++) {
|
||||||
#ifdef RTLD_NOLOAD
|
#ifdef RTLD_NOLOAD
|
||||||
dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD);
|
dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD);
|
||||||
#else
|
#else
|
||||||
dl = NULL;
|
dl = NULL;
|
||||||
#endif
|
#endif
|
||||||
if (dl == NULL) {
|
if (dl == NULL) {
|
||||||
dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL);
|
dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL);
|
||||||
|
}
|
||||||
|
if (dl != NULL || !maybeLoadCrypto()) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (dl != NULL) {
|
if (dl != NULL) {
|
||||||
rc = dlsym(dl, fn);
|
rc = dlsym(RTLD_DEFAULT, fn);
|
||||||
|
if (rc == NULL && maybeLoadCrypto()) {
|
||||||
|
rc = dlsym(RTLD_DEFAULT, fn);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (err > 2) {
|
||||||
|
NOINTR(dup2(err, 2));
|
||||||
|
}
|
||||||
|
NOINTR(close(err));
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -305,7 +343,7 @@ static void sslGenerateCertificate(const char *certificate,
|
||||||
"set -e; "
|
"set -e; "
|
||||||
"exec 2>/dev/null </dev/null; "
|
"exec 2>/dev/null </dev/null; "
|
||||||
"umask 0377; "
|
"umask 0377; "
|
||||||
"PATH=/usr/bin "
|
"PATH=/usr/bin:/usr/sbin "
|
||||||
"openssl req -x509 -nodes -days 7300 -newkey rsa:1024 -keyout /dev/stdout "
|
"openssl req -x509 -nodes -days 7300 -newkey rsa:1024 -keyout /dev/stdout "
|
||||||
"-out /dev/stdout -subj '/CN=%s/' | cat>'%s'",
|
"-out /dev/stdout -subj '/CN=%s/' | cat>'%s'",
|
||||||
serverName, certificate);
|
serverName, certificate);
|
||||||
|
|
|
||||||
|
|
@ -355,7 +355,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
|
||||||
};
|
};
|
||||||
|
|
||||||
ShellInABox.prototype.about = function() {
|
ShellInABox.prototype.about = function() {
|
||||||
alert("Shell In A Box version " + "2.8 (revision 121)" +
|
alert("Shell In A Box version " + "2.8 (revision 122)" +
|
||||||
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
||||||
"For more information check http://shellinabox.com" +
|
"For more information check http://shellinabox.com" +
|
||||||
(typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?
|
(typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?
|
||||||
|
|
|
||||||
|
|
@ -1500,7 +1500,7 @@ VT100.prototype.toggleBell = function() {
|
||||||
};
|
};
|
||||||
|
|
||||||
VT100.prototype.about = function() {
|
VT100.prototype.about = function() {
|
||||||
alert("VT100 Terminal Emulator " + "2.8 (revision 121)" +
|
alert("VT100 Terminal Emulator " + "2.8 (revision 122)" +
|
||||||
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
||||||
"For more information check http://shellinabox.com");
|
"For more information check http://shellinabox.com");
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue