Added SSL support for OpenBSD

git-svn-id: https://shellinabox.googlecode.com/svn/trunk@122 0da03de8-d603-11dd-86c2-0f8696b7b6f9

ChangeLog

@@ -1,3 +1,7 @@
+2009-05-24  Markus Gutschke  <markus@shellinabox.com>
+
+	* Added SSL support for OpenBSD
+
 2009-05-23  Markus Gutschke  <markus@shellinabox.com>
 
 	* Released version 2.8

config.h

@@ -129,7 +129,7 @@
 #define STDC_HEADERS 1
 
 /* Most recent revision number in the version control system */
-#define VCS_REVISION "121"
+#define VCS_REVISION "122"
 
 /* Version number of package */
 #define VERSION "2.8"

configure

@@ -2037,7 +2037,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
 ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 
-VCS_REVISION=121
+VCS_REVISION=122
 
 
 cat >>confdefs.h <<_ACEOF
@@ -12867,7 +12867,7 @@ $as_echo "$ac_cv_header_openssl_ssl_h" >&6; }
 
 fi
 if test "x$ac_cv_header_openssl_ssl_h" = x""yes; then
-  LIBS="-lssl $LIBS"
+  LIBS="-lssl -lcrypto $LIBS"
 fi
 
 

configure.ac

@@ -2,7 +2,7 @@ AC_PREREQ(2.57)
 
 dnl This is the one location where the authoritative version number is stored
 AC_INIT(shellinabox, 2.8, markus@shellinabox.com)
-VCS_REVISION=121
+VCS_REVISION=122
 AC_SUBST(VCS_REVISION)
 AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
                    [Most recent revision number in the version control system])
@@ -111,7 +111,7 @@ if test "x$enable_runtime_loading" == xno; then
   if test "x$enable_ssl" != xno; then
     AC_CHECK_HEADER(openssl/bio.h,
       [AC_CHECK_HEADER(openssl/err.h,
-        [AC_CHECK_HEADER(openssl/ssl.h, [LIBS="-lssl $LIBS"])])])
+        [AC_CHECK_HEADER(openssl/ssl.h, [LIBS="-lssl -lcrypto $LIBS"])])])
   fi
 
   dnl Link against PAM libraries, unless PAM support has been disabled

demo/vt100.js

@@ -1500,7 +1500,7 @@ VT100.prototype.toggleBell = function() {
 };
 
 VT100.prototype.about = function() {
-  alert("VT100 Terminal Emulator " + "2.8 (revision 121)" +
+  alert("VT100 Terminal Emulator " + "2.8 (revision 122)" +
         "\nCopyright 2008-2009 by Markus Gutschke\n" +
         "For more information check http://shellinabox.com");
 };

libhttp/ssl.c

@@ -178,22 +178,60 @@ void deleteSSL(struct SSLSupport *ssl) {
 }
 
 #if defined(HAVE_OPENSSL) && defined(HAVE_DLOPEN)
+static int maybeLoadCrypto(void) {
+  // Some operating systems cannot automatically load dependent dynamic
+  // libraries. As libssl.so can depend on libcrypto.so, we try to load
+  // it, iff we haven't tried loading it before and iff libssl.so does not
+  // work by itself.
+  static int crypto;
+  if (!crypto++) {
+#ifdef RTLD_NOLOAD
+    if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD))
+      return 1;
+    else
+#endif
+      if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL))
+        return 1;
+  }
+  return 0;
+}
+
 static void *loadSymbol(const char *lib, const char *fn) {
+  int err  = NOINTR(dup(2));
+  if (err > 2) {
+    int null = NOINTR(open("/dev/null", O_WRONLY));
+    if (null >= 0) {
+      NOINTR(dup2(null, 2));
+      NOINTR(close(null));
+    }
+  }
   void *dl = RTLD_DEFAULT;
   void *rc = dlsym(dl, fn);
   if (!rc) {
+    for (int i = 0; i < 2; i++) {
 #ifdef RTLD_NOLOAD
-    dl     = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD);
+      dl   = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD);
 #else
-    dl     = NULL;
+      dl   = NULL;
 #endif
-    if (dl == NULL) {
-      dl   = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL);
+      if (dl == NULL) {
+        dl = dlopen(lib, RTLD_LAZY|RTLD_GLOBAL);
+      }
+      if (dl != NULL || !maybeLoadCrypto()) {
+        break;
+      }
     }
     if (dl != NULL) {
-      rc   = dlsym(dl, fn);
+      rc   = dlsym(RTLD_DEFAULT, fn);
+      if (rc == NULL && maybeLoadCrypto()) {
+        rc = dlsym(RTLD_DEFAULT, fn);
+      }
     }
   }
+  if (err > 2) {
+    NOINTR(dup2(err, 2));
+  }
+  NOINTR(close(err));
   return rc;
 }
 
@@ -305,7 +343,7 @@ static void sslGenerateCertificate(const char *certificate,
     "set -e; "
     "exec 2>/dev/null </dev/null; "
     "umask 0377; "
-    "PATH=/usr/bin "
+    "PATH=/usr/bin:/usr/sbin "
     "openssl req -x509 -nodes -days 7300 -newkey rsa:1024 -keyout /dev/stdout "
                                  "-out /dev/stdout -subj '/CN=%s/' | cat>'%s'",
     serverName, certificate);

shellinabox/shell_in_a_box.js

@@ -355,7 +355,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
 };
 
 ShellInABox.prototype.about = function() {
-  alert("Shell In A Box version " + "2.8 (revision 121)" +
+  alert("Shell In A Box version " + "2.8 (revision 122)" +
         "\nCopyright 2008-2009 by Markus Gutschke\n" +
         "For more information check http://shellinabox.com" +
         (typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?

shellinabox/vt100.js

@@ -1500,7 +1500,7 @@ VT100.prototype.toggleBell = function() {
 };
 
 VT100.prototype.about = function() {
-  alert("VT100 Terminal Emulator " + "2.8 (revision 121)" +
+  alert("VT100 Terminal Emulator " + "2.8 (revision 122)" +
         "\nCopyright 2008-2009 by Markus Gutschke\n" +
         "For more information check http://shellinabox.com");
 };