diff options
| author | jsing <> | 2014-07-08 09:46:44 +0000 |
|---|---|---|
| committer | jsing <> | 2014-07-08 09:46:44 +0000 |
| commit | c37e27862703a0227027360cdb92a019878e3400 (patch) | |
| tree | 64c41fba0e1c83b360191933ba5943b9d4ee3613 | |
| parent | a089ab976b6d2755b77dbe67295227a3cd65f4a0 (diff) | |
| download | openbsd-c37e27862703a0227027360cdb92a019878e3400.tar.gz openbsd-c37e27862703a0227027360cdb92a019878e3400.tar.bz2 openbsd-c37e27862703a0227027360cdb92a019878e3400.zip | |
Avoid locking in BIO_get_port() by using getservbyname_r() instead of
getservbyname(). While here, provide a common/single return path.
ok deraadt@
| -rw-r--r-- | src/lib/libcrypto/bio/b_sock.c | 62 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/bio/b_sock.c | 62 |
2 files changed, 62 insertions, 62 deletions
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c index 447f0febce..5a8636f5d7 100644 --- a/src/lib/libcrypto/bio/b_sock.c +++ b/src/lib/libcrypto/bio/b_sock.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: b_sock.c,v 1.44 2014/07/08 09:06:49 jsing Exp $ */ | 1 | /* $OpenBSD: b_sock.c,v 1.45 2014/07/08 09:46:44 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -115,7 +115,8 @@ err: | |||
| 115 | int | 115 | int |
| 116 | BIO_get_port(const char *str, unsigned short *port_ptr) | 116 | BIO_get_port(const char *str, unsigned short *port_ptr) |
| 117 | { | 117 | { |
| 118 | struct servent *s; | 118 | struct servent_data sd; |
| 119 | struct servent se; | ||
| 119 | long port; | 120 | long port; |
| 120 | char *ep; | 121 | char *ep; |
| 121 | 122 | ||
| @@ -135,38 +136,37 @@ BIO_get_port(const char *str, unsigned short *port_ptr) | |||
| 135 | BIOerr(BIO_F_BIO_GET_PORT, BIO_R_INVALID_PORT_NUMBER); | 136 | BIOerr(BIO_F_BIO_GET_PORT, BIO_R_INVALID_PORT_NUMBER); |
| 136 | return (0); | 137 | return (0); |
| 137 | } | 138 | } |
| 139 | goto done; | ||
| 140 | } | ||
| 138 | 141 | ||
| 139 | *port_ptr = (unsigned short)port; | 142 | memset(&sd, 0, sizeof(sd)); |
| 140 | return (1); | 143 | if (getservbyname_r(str, "tcp", &se, &sd) == 0) { |
| 144 | port = ntohs((unsigned short)se.s_port); | ||
| 145 | goto done; | ||
| 141 | } | 146 | } |
| 142 | 147 | ||
| 143 | CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME); | 148 | if (strcmp(str, "http") == 0) |
| 144 | s = getservbyname(str, "tcp"); | 149 | port = 80; |
| 145 | if (s != NULL) | 150 | else if (strcmp(str, "telnet") == 0) |
| 146 | *port_ptr = ntohs((unsigned short)s->s_port); | 151 | port = 23; |
| 147 | CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME); | 152 | else if (strcmp(str, "socks") == 0) |
| 148 | 153 | port = 1080; | |
| 149 | if (s == NULL) { | 154 | else if (strcmp(str, "https") == 0) |
| 150 | if (strcmp(str, "http") == 0) | 155 | port = 443; |
| 151 | *port_ptr = 80; | 156 | else if (strcmp(str, "ssl") == 0) |
| 152 | else if (strcmp(str, "telnet") == 0) | 157 | port = 443; |
| 153 | *port_ptr = 23; | 158 | else if (strcmp(str, "ftp") == 0) |
| 154 | else if (strcmp(str, "socks") == 0) | 159 | port = 21; |
| 155 | *port_ptr = 1080; | 160 | else if (strcmp(str, "gopher") == 0) |
| 156 | else if (strcmp(str, "https") == 0) | 161 | port = 70; |
| 157 | *port_ptr = 443; | 162 | else { |
| 158 | else if (strcmp(str, "ssl") == 0) | 163 | SYSerr(SYS_F_GETSERVBYNAME, errno); |
| 159 | *port_ptr = 443; | 164 | ERR_asprintf_error_data("service='%s'", str); |
| 160 | else if (strcmp(str, "ftp") == 0) | 165 | return (0); |
| 161 | *port_ptr = 21; | ||
| 162 | else if (strcmp(str, "gopher") == 0) | ||
| 163 | *port_ptr = 70; | ||
| 164 | else { | ||
| 165 | SYSerr(SYS_F_GETSERVBYNAME, errno); | ||
| 166 | ERR_asprintf_error_data("service='%s'", str); | ||
| 167 | return (0); | ||
| 168 | } | ||
| 169 | } | 166 | } |
| 167 | |||
| 168 | done: | ||
| 169 | *port_ptr = (unsigned short)port; | ||
| 170 | return (1); | 170 | return (1); |
| 171 | } | 171 | } |
| 172 | 172 | ||
diff --git a/src/lib/libssl/src/crypto/bio/b_sock.c b/src/lib/libssl/src/crypto/bio/b_sock.c index 447f0febce..5a8636f5d7 100644 --- a/src/lib/libssl/src/crypto/bio/b_sock.c +++ b/src/lib/libssl/src/crypto/bio/b_sock.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: b_sock.c,v 1.44 2014/07/08 09:06:49 jsing Exp $ */ | 1 | /* $OpenBSD: b_sock.c,v 1.45 2014/07/08 09:46:44 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -115,7 +115,8 @@ err: | |||
| 115 | int | 115 | int |
| 116 | BIO_get_port(const char *str, unsigned short *port_ptr) | 116 | BIO_get_port(const char *str, unsigned short *port_ptr) |
| 117 | { | 117 | { |
| 118 | struct servent *s; | 118 | struct servent_data sd; |
| 119 | struct servent se; | ||
| 119 | long port; | 120 | long port; |
| 120 | char *ep; | 121 | char *ep; |
| 121 | 122 | ||
| @@ -135,38 +136,37 @@ BIO_get_port(const char *str, unsigned short *port_ptr) | |||
| 135 | BIOerr(BIO_F_BIO_GET_PORT, BIO_R_INVALID_PORT_NUMBER); | 136 | BIOerr(BIO_F_BIO_GET_PORT, BIO_R_INVALID_PORT_NUMBER); |
| 136 | return (0); | 137 | return (0); |
| 137 | } | 138 | } |
| 139 | goto done; | ||
| 140 | } | ||
| 138 | 141 | ||
| 139 | *port_ptr = (unsigned short)port; | 142 | memset(&sd, 0, sizeof(sd)); |
| 140 | return (1); | 143 | if (getservbyname_r(str, "tcp", &se, &sd) == 0) { |
| 144 | port = ntohs((unsigned short)se.s_port); | ||
| 145 | goto done; | ||
| 141 | } | 146 | } |
| 142 | 147 | ||
| 143 | CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME); | 148 | if (strcmp(str, "http") == 0) |
| 144 | s = getservbyname(str, "tcp"); | 149 | port = 80; |
| 145 | if (s != NULL) | 150 | else if (strcmp(str, "telnet") == 0) |
| 146 | *port_ptr = ntohs((unsigned short)s->s_port); | 151 | port = 23; |
| 147 | CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME); | 152 | else if (strcmp(str, "socks") == 0) |
| 148 | 153 | port = 1080; | |
| 149 | if (s == NULL) { | 154 | else if (strcmp(str, "https") == 0) |
| 150 | if (strcmp(str, "http") == 0) | 155 | port = 443; |
| 151 | *port_ptr = 80; | 156 | else if (strcmp(str, "ssl") == 0) |
| 152 | else if (strcmp(str, "telnet") == 0) | 157 | port = 443; |
| 153 | *port_ptr = 23; | 158 | else if (strcmp(str, "ftp") == 0) |
| 154 | else if (strcmp(str, "socks") == 0) | 159 | port = 21; |
| 155 | *port_ptr = 1080; | 160 | else if (strcmp(str, "gopher") == 0) |
| 156 | else if (strcmp(str, "https") == 0) | 161 | port = 70; |
| 157 | *port_ptr = 443; | 162 | else { |
| 158 | else if (strcmp(str, "ssl") == 0) | 163 | SYSerr(SYS_F_GETSERVBYNAME, errno); |
| 159 | *port_ptr = 443; | 164 | ERR_asprintf_error_data("service='%s'", str); |
| 160 | else if (strcmp(str, "ftp") == 0) | 165 | return (0); |
| 161 | *port_ptr = 21; | ||
| 162 | else if (strcmp(str, "gopher") == 0) | ||
| 163 | *port_ptr = 70; | ||
| 164 | else { | ||
| 165 | SYSerr(SYS_F_GETSERVBYNAME, errno); | ||
| 166 | ERR_asprintf_error_data("service='%s'", str); | ||
| 167 | return (0); | ||
| 168 | } | ||
| 169 | } | 166 | } |
| 167 | |||
| 168 | done: | ||
| 169 | *port_ptr = (unsigned short)port; | ||
| 170 | return (1); | 170 | return (1); |
| 171 | } | 171 | } |
| 172 | 172 | ||