diff options
Diffstat (limited to 'contrib/unbound/util/net_help.c')
-rw-r--r-- | contrib/unbound/util/net_help.c | 43 |
1 files changed, 39 insertions, 4 deletions
diff --git a/contrib/unbound/util/net_help.c b/contrib/unbound/util/net_help.c index 7f6daab..e2b7c38 100644 --- a/contrib/unbound/util/net_help.c +++ b/contrib/unbound/util/net_help.c @@ -156,7 +156,12 @@ log_addr(enum verbosity_value v, const char* str, case AF_INET6: family="ip6"; sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr; break; - case AF_UNIX: family="unix"; break; + case AF_LOCAL: + dest[0]=0; + (void)inet_ntop(af, sinaddr, dest, + (socklen_t)sizeof(dest)); + verbose(v, "%s local %s", str, dest); + return; /* do not continue and try to get port */ default: break; } if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) { @@ -313,7 +318,7 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone, case AF_INET6: family=""; sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr; break; - case AF_UNIX: family="unix_family "; break; + case AF_LOCAL: family="local "; break; default: break; } if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) { @@ -329,6 +334,26 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone, str, namebuf, family, dest, (int)port); } +void log_err_addr(const char* str, const char* err, + struct sockaddr_storage* addr, socklen_t addrlen) +{ + uint16_t port; + char dest[100]; + int af = (int)((struct sockaddr_in*)addr)->sin_family; + void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr; + if(af == AF_INET6) + sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr; + if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) { + (void)strlcpy(dest, "(inet_ntop error)", sizeof(dest)); + } + dest[sizeof(dest)-1] = 0; + port = ntohs(((struct sockaddr_in*)addr)->sin_port); + if(verbosity >= 4) + log_err("%s: %s for %s port %d (len %d)", str, err, dest, + (int)port, (int)addrlen); + else log_err("%s: %s for %s", str, err, dest); +} + int sockaddr_cmp(struct sockaddr_storage* addr1, socklen_t len1, struct sockaddr_storage* addr2, socklen_t len2) @@ -593,12 +618,17 @@ void* listen_sslctx_create(char* key, char* pem, char* verifypem) log_crypto_err("could not SSL_CTX_new"); return NULL; } - /* no SSLv2 because has defects */ + /* no SSLv2, SSLv3 because has defects */ if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){ log_crypto_err("could not set SSL_OP_NO_SSLv2"); SSL_CTX_free(ctx); return NULL; } + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){ + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + SSL_CTX_free(ctx); + return NULL; + } if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) { log_err("error for cert file: %s", pem); log_crypto_err("error in SSL_CTX use_certificate_file"); @@ -648,6 +678,11 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem) SSL_CTX_free(ctx); return NULL; } + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)) { + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + SSL_CTX_free(ctx); + return NULL; + } if(key && key[0]) { if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) { log_err("error in client certificate %s", pem); @@ -669,7 +704,7 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem) } } if(verifypem && verifypem[0]) { - if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL) != 1) { + if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL)) { log_crypto_err("error in SSL_CTX verify"); SSL_CTX_free(ctx); return NULL; |