summaryrefslogtreecommitdiffstats
path: root/contrib/unbound/util/net_help.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/unbound/util/net_help.c')
-rw-r--r--contrib/unbound/util/net_help.c43
1 files changed, 39 insertions, 4 deletions
diff --git a/contrib/unbound/util/net_help.c b/contrib/unbound/util/net_help.c
index 7f6daab..e2b7c38 100644
--- a/contrib/unbound/util/net_help.c
+++ b/contrib/unbound/util/net_help.c
@@ -156,7 +156,12 @@ log_addr(enum verbosity_value v, const char* str,
case AF_INET6: family="ip6";
sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
break;
- case AF_UNIX: family="unix"; break;
+ case AF_LOCAL:
+ dest[0]=0;
+ (void)inet_ntop(af, sinaddr, dest,
+ (socklen_t)sizeof(dest));
+ verbose(v, "%s local %s", str, dest);
+ return; /* do not continue and try to get port */
default: break;
}
if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
@@ -313,7 +318,7 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone,
case AF_INET6: family="";
sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
break;
- case AF_UNIX: family="unix_family "; break;
+ case AF_LOCAL: family="local "; break;
default: break;
}
if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
@@ -329,6 +334,26 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone,
str, namebuf, family, dest, (int)port);
}
+void log_err_addr(const char* str, const char* err,
+ struct sockaddr_storage* addr, socklen_t addrlen)
+{
+ uint16_t port;
+ char dest[100];
+ int af = (int)((struct sockaddr_in*)addr)->sin_family;
+ void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
+ if(af == AF_INET6)
+ sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
+ if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
+ (void)strlcpy(dest, "(inet_ntop error)", sizeof(dest));
+ }
+ dest[sizeof(dest)-1] = 0;
+ port = ntohs(((struct sockaddr_in*)addr)->sin_port);
+ if(verbosity >= 4)
+ log_err("%s: %s for %s port %d (len %d)", str, err, dest,
+ (int)port, (int)addrlen);
+ else log_err("%s: %s for %s", str, err, dest);
+}
+
int
sockaddr_cmp(struct sockaddr_storage* addr1, socklen_t len1,
struct sockaddr_storage* addr2, socklen_t len2)
@@ -593,12 +618,17 @@ void* listen_sslctx_create(char* key, char* pem, char* verifypem)
log_crypto_err("could not SSL_CTX_new");
return NULL;
}
- /* no SSLv2 because has defects */
+ /* no SSLv2, SSLv3 because has defects */
if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){
log_crypto_err("could not set SSL_OP_NO_SSLv2");
SSL_CTX_free(ctx);
return NULL;
}
+ if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){
+ log_crypto_err("could not set SSL_OP_NO_SSLv3");
+ SSL_CTX_free(ctx);
+ return NULL;
+ }
if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) {
log_err("error for cert file: %s", pem);
log_crypto_err("error in SSL_CTX use_certificate_file");
@@ -648,6 +678,11 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem)
SSL_CTX_free(ctx);
return NULL;
}
+ if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)) {
+ log_crypto_err("could not set SSL_OP_NO_SSLv3");
+ SSL_CTX_free(ctx);
+ return NULL;
+ }
if(key && key[0]) {
if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) {
log_err("error in client certificate %s", pem);
@@ -669,7 +704,7 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem)
}
}
if(verifypem && verifypem[0]) {
- if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL) != 1) {
+ if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL)) {
log_crypto_err("error in SSL_CTX verify");
SSL_CTX_free(ctx);
return NULL;
OpenPOWER on IntegriCloud