From: Guy Harris Date: Mon, 7 Jan 2019 00:08:00 +0000 (-0800) Subject: Merge branch 'master' of https://github.com/rixed/libpcap into rixed-master X-Git-Tag: libpcap-1.10-bp~677^2 X-Git-Url: https://git.tcpdump.org/libpcap/commitdiff_plain/9956745b7df4e9ffa6bc97f411779167bde69e70 Merge branch 'master' of https://github.com/rixed/libpcap into rixed-master --- 9956745b7df4e9ffa6bc97f411779167bde69e70 diff --cc configure index 7de6c148,0928e115..0acb192d --- a/configure +++ b/configure @@@ -7730,7 -7883,7 +7951,7 @@@ f $as_echo "#define ENABLE_REMOTE /**/" >>confdefs.h - MSRC="$MSRC pcap-new.c pcap-rpcap.c rpcap-protocol.c sockutils.c" - SSRC="$SSRC pcap-new.c pcap-rpcap.c rpcap-protocol.c sockutils.c sslutils.c" ++ MSRC="$MSRC pcap-new.c pcap-rpcap.c rpcap-protocol.c sockutils.c sslutils.c" BUILD_RPCAPD=build-rpcapd INSTALL_RPCAPD=install-rpcapd ;; @@@ -8191,75 -8316,24 +8412,95 @@@ f darwin*) # - # Post-Snow Leopard. Build for x86-64 and - # x86, with x86-64 first. (That's probably what - # Apple does, given that Rosetta is gone.) + # Post-Snow Leopard. Build libraries for x86-64 + # and 32-bit x86, with x86-64 first, and build + # executables only for x86-64. (That's what + # Apple does.) This requires no special flags + # for programs. # XXX - update if and when Apple drops support - # for 32-bit x86 code. + # for 32-bit x86 code and if and when Apple adds + # ARM-based Macs. (You're on your own for iOS + # etc.) + # + # XXX - check whether we *can* build for + # i386 and, if not, suggest that the user + # install the /usr/include headers if they + # want to build fat. # - V_CCOPT="$V_CCOPT -arch x86_64" - LDFLAGS="$LDFLAGS -arch x86_64" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether building for 32-bit x86 is supported" >&5 +$as_echo_n "checking whether building for 32-bit x86 is supported... " >&6; } + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -arch i386" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } - V_LIB_CCOPT_FAT="-arch x86_64 -arch i386" - V_LIB_LDFLAGS_FAT="-arch x86_64 -arch i386" ++ V_LIB_CCOPT_FAT="-arch x86_64" ++ V_LIB_LDFLAGS_FAT="-arch x86_64" ++ ++ # ++ # OpenSSL installation on macOS seems ++ # to install only the libs for 64-bit ++ # x86 - at least that's what Brew does: ++ # only configure 32-bit builds if we ++ # don't have OpenSSL. ++ # ++ if test "$HAVE_OPENSSL" != yes; then ++ V_LIB_CCOPT_FAT="$V_LIB_CCOPT_FAT -arch i386" ++ V_LIB_LDFLAGS_FAT="$V_LIB_LDFLAGS_FAT -arch i386" ++ fi + +else + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + V_LIB_CCOPT_FAT="-arch x86_64" + V_LIB_LDFLAGS_FAT="-arch x86_64" + case "$host_os" in + + darwin18.*) + # + # Mojave; you need to install the + # /usr/include headers to get + # 32-bit x86 builds to work. + # + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Compiling for 32-bit x86 gives an error; try installing the command-line tools and, after that, installing the /usr/include headers from the /Library/Developer/CommandLineTools/Packages/macOS_SDK_headers_for_macOS_10.14.pkg package" >&5 +$as_echo "$as_me: WARNING: Compiling for 32-bit x86 gives an error; try installing the command-line tools and, after that, installing the /usr/include headers from the /Library/Developer/CommandLineTools/Packages/macOS_SDK_headers_for_macOS_10.14.pkg package" >&2;} + ;; + + *) + # + # Pre-Mojave; the command-line + # tools should be sufficient to + # enable 32-bit x86 builds. + # + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Compiling for 32-bit x86 gives an error; try installing the command-line tools" >&5 +$as_echo "$as_me: WARNING: Compiling for 32-bit x86 gives an error; try installing the command-line tools" >&2;} + ;; + esac + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS="$save_CFLAGS" + if test "$HAVE_OPENSSL" = yes; then - # If all else fail, look for openssl in /usr/local/opt: ++ # ++ # If all else fails, look for OpenSSL in ++ # /usr/local/opt. ++ # + CFLAGS="$CFLAGS -I/usr/local/opt/openssl/include" + LIBS="$LIBS -L/usr/local/opt/openssl/lib" - else - # Openssl installation on MacOS seems to install only the libs for - # the amd64 ABI; at least that's what brew does: - V_CCOPT="$V_CCOPT -arch i386" - LDFLAGS="$LDFLAGS -arch i386" + fi ;; esac fi diff --cc configure.ac index 55a79474,aeb7cb8b..069d9f8a --- a/configure.ac +++ b/configure.ac @@@ -1487,9 -1453,19 +1487,19 @@@ yes) AC_MSG_RESULT(yes #include ]) + # + # Optionally, we may want to forward packets over SSL: + # + PKG_CHECK_MODULES([OPENSSL], [openssl], + [AC_DEFINE([HAVE_OPENSSL], [1], [Use OpenSSL]) + CFLAGS="$CFLAGS $OPENSSL_CFLAGS" + LIBS="$LIBS $OPENSSL_LIBS" + HAVE_OPENSSL="yes"], + AC_MSG_NOTICE(No openssl detected)) + AC_DEFINE(ENABLE_REMOTE,, [Define to 1 if remote packet capture is to be supported]) - MSRC="$MSRC pcap-new.c pcap-rpcap.c rpcap-protocol.c sockutils.c" - SSRC="$SSRC pcap-new.c pcap-rpcap.c rpcap-protocol.c sockutils.c sslutils.c" ++ MSRC="$MSRC pcap-new.c pcap-rpcap.c rpcap-protocol.c sockutils.c sslutils.c" BUILD_RPCAPD=build-rpcapd INSTALL_RPCAPD=install-rpcapd ;; @@@ -1715,58 -1663,24 +1725,78 @@@ darwin* darwin*) # - # Post-Snow Leopard. Build for x86-64 and - # x86, with x86-64 first. (That's probably what - # Apple does, given that Rosetta is gone.) + # Post-Snow Leopard. Build libraries for x86-64 + # and 32-bit x86, with x86-64 first, and build + # executables only for x86-64. (That's what + # Apple does.) This requires no special flags + # for programs. # XXX - update if and when Apple drops support - # for 32-bit x86 code. + # for 32-bit x86 code and if and when Apple adds + # ARM-based Macs. (You're on your own for iOS + # etc.) # - V_CCOPT="$V_CCOPT -arch x86_64" - LDFLAGS="$LDFLAGS -arch x86_64" + # XXX - check whether we *can* build for + # i386 and, if not, suggest that the user + # install the /usr/include headers if they + # want to build fat. + # + AC_MSG_CHECKING(whether building for 32-bit x86 is supported) + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -arch i386" + AC_TRY_COMPILE( + [], + [return 0;], + [ + AC_MSG_RESULT(yes) - V_LIB_CCOPT_FAT="-arch x86_64 -arch i386" - V_LIB_LDFLAGS_FAT="-arch x86_64 -arch i386" ++ V_LIB_CCOPT_FAT="-arch x86_64" ++ V_LIB_LDFLAGS_FAT="-arch x86_64" ++ ++ # ++ # OpenSSL installation on macOS seems ++ # to install only the libs for 64-bit ++ # x86 - at least that's what Brew does: ++ # only configure 32-bit builds if we ++ # don't have OpenSSL. ++ # ++ if test "$HAVE_OPENSSL" != yes; then ++ V_LIB_CCOPT_FAT="$V_LIB_CCOPT_FAT -arch i386" ++ V_LIB_LDFLAGS_FAT="$V_LIB_LDFLAGS_FAT -arch i386" ++ fi + ], + [ + AC_MSG_RESULT(no) + V_LIB_CCOPT_FAT="-arch x86_64" + V_LIB_LDFLAGS_FAT="-arch x86_64" + case "$host_os" in + + darwin18.*) + # + # Mojave; you need to install the + # /usr/include headers to get + # 32-bit x86 builds to work. + # + AC_MSG_WARN([Compiling for 32-bit x86 gives an error; try installing the command-line tools and, after that, installing the /usr/include headers from the /Library/Developer/CommandLineTools/Packages/macOS_SDK_headers_for_macOS_10.14.pkg package]) + ;; + + *) + # + # Pre-Mojave; the command-line + # tools should be sufficient to + # enable 32-bit x86 builds. + # + AC_MSG_WARN([Compiling for 32-bit x86 gives an error; try installing the command-line tools]) + ;; + esac + ]) + CFLAGS="$save_CFLAGS" + if test "$HAVE_OPENSSL" = yes; then - # If all else fail, look for openssl in /usr/local/opt: ++ # ++ # If all else fails, look for OpenSSL in ++ # /usr/local/opt. ++ # + CFLAGS="$CFLAGS -I/usr/local/opt/openssl/include" + LIBS="$LIBS -L/usr/local/opt/openssl/lib" - else - # Openssl installation on MacOS seems to install only the libs for - # the amd64 ABI; at least that's what brew does: - V_CCOPT="$V_CCOPT -arch i386" - LDFLAGS="$LDFLAGS -arch i386" + fi ;; esac fi diff --cc rpcapd/rpcapd.c index 9e46a2de,645828ea..0509147a --- a/rpcapd/rpcapd.c +++ b/rpcapd/rpcapd.c @@@ -261,11 -283,25 +283,25 @@@ int main(int argc, char *argv[] break; } case 'f': - strlcpy(loadfile, optarg, MAX_LINE); + pcap_strlcpy(loadfile, optarg, MAX_LINE); break; case 's': - strlcpy(savefile, optarg, MAX_LINE); + pcap_strlcpy(savefile, optarg, MAX_LINE); break; + #ifdef HAVE_OPENSSL + case 'S': + uses_ssl = 1; + break; + case 'C': + enable_compression = 1; + break; + case 'K': + snprintf(ssl_keyfile, sizeof ssl_keyfile, "%s", optarg); + break; + case 'X': + snprintf(ssl_certfile, sizeof ssl_certfile, "%s", optarg); + break; + #endif case 'h': printusage(); exit(0); diff --cc sockutils.c index 7ed7d298,84745527..25844c6c --- a/sockutils.c +++ b/sockutils.c @@@ -835,10 -841,9 +841,10 @@@ int sock_bufferize(const char *buffer, * The error message is returned in the 'errbuf' variable. */ - int sock_recv(SOCKET sock, void *buffer, size_t size, int flags, + int sock_recv(SOCKET sock, SSL *ssl, void *buffer, size_t size, int flags, char *errbuf, int errbuflen) { + int recv_flags = 0; char *bufp = buffer; int remaining; ssize_t nread; @@@ -870,7 -872,17 +876,20 @@@ * Win32. */ for (;;) { + #ifdef HAVE_OPENSSL + if (ssl) + { ++ /* ++ * XXX - what about MSG_PEEK? ++ */ + nread = ssl_recv(ssl, bufp, remaining, errbuf, errbuflen); + if (nread == -2) return -1; + } + else ++ nread = recv(sock, bufp, remaining, recv_flags); + #else - (void)ssl; + nread = recv(sock, bufp, remaining, recv_flags); + #endif - nread = recv(sock, bufp, remaining, 0); if (nread == -1) {