diff --git a/apps/s_cb.c b/apps/s_cb.c index 90a3cb8625..c4f5512247 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -696,15 +696,13 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign { unsigned char *buffer, result[EVP_MAX_MD_SIZE]; unsigned int length, resultlength; -#if OPENSSL_USE_IPV6 union { - struct sockaddr_storage ss; - struct sockaddr_in6 s6; + struct sockaddr sa; struct sockaddr_in s4; - } peer; -#else - struct sockaddr_in peer; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 s6; #endif + } peer; /* Initialize a random secret */ if (!cookie_initialized) @@ -721,26 +719,23 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer); /* Create buffer with peer's address and port */ -#if OPENSSL_USE_IPV6 length = 0; - switch (peer.ss.ss_family) + switch (peer.sa.sa_family) { case AF_INET: length += sizeof(struct in_addr); length += sizeof(peer.s4.sin_port); break; +#if OPENSSL_USE_IPV6 case AF_INET6: length += sizeof(struct in6_addr); length += sizeof(peer.s6.sin6_port); break; +#endif default: OPENSSL_assert(0); break; } -#else - length = sizeof(peer.sin_addr); - length += sizeof(peer.sin_port); -#endif buffer = OPENSSL_malloc(length); if (buffer == NULL) @@ -749,8 +744,7 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign return 0; } -#if OPENSSL_USE_IPV6 - switch (peer.ss.ss_family) + switch (peer.sa.sa_family) { case AF_INET: memcpy(buffer, @@ -760,6 +754,7 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign &peer.s4.sin_addr, sizeof(struct in_addr)); break; +#if OPENSSL_USE_IPV6 case AF_INET6: memcpy(buffer, &peer.s6.sin6_port, @@ -768,14 +763,11 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign &peer.s6.sin6_addr, sizeof(struct in6_addr)); break; +#endif default: OPENSSL_assert(0); break; } -#else - memcpy(buffer, &peer.sin_port, sizeof(peer.sin_port)); - memcpy(buffer + sizeof(peer.sin_port), &peer.sin_addr, sizeof(peer.sin_addr)); -#endif /* Calculate HMAC of buffer using the secret */ HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, @@ -792,15 +784,13 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned { unsigned char *buffer, result[EVP_MAX_MD_SIZE]; unsigned int length, resultlength; -#if OPENSSL_USE_IPV6 union { - struct sockaddr_storage ss; - struct sockaddr_in6 s6; + struct sockaddr sa; struct sockaddr_in s4; - } peer; -#else - struct sockaddr_in peer; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 s6; #endif + } peer; /* If secret isn't initialized yet, the cookie can't be valid */ if (!cookie_initialized) @@ -810,26 +800,23 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer); /* Create buffer with peer's address and port */ -#if OPENSSL_USE_IPV6 length = 0; - switch (peer.ss.ss_family) + switch (peer.sa.sa_family) { case AF_INET: length += sizeof(struct in_addr); length += sizeof(peer.s4.sin_port); break; +#if OPENSSL_USE_IPV6 case AF_INET6: length += sizeof(struct in6_addr); length += sizeof(peer.s6.sin6_port); break; +#endif default: OPENSSL_assert(0); break; } -#else - length = sizeof(peer.sin_addr); - length += sizeof(peer.sin_port); -#endif buffer = OPENSSL_malloc(length); if (buffer == NULL) @@ -838,8 +825,7 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned return 0; } -#if OPENSSL_USE_IPV6 - switch (peer.ss.ss_family) + switch (peer.sa.sa_family) { case AF_INET: memcpy(buffer, @@ -849,6 +835,7 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned &peer.s4.sin_addr, sizeof(struct in_addr)); break; +#if OPENSSL_USE_IPV6 case AF_INET6: memcpy(buffer, &peer.s6.sin6_port, @@ -857,14 +844,11 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned &peer.s6.sin6_addr, sizeof(struct in6_addr)); break; +#endif default: OPENSSL_assert(0); break; } -#else - memcpy(buffer, &peer.sin_port, sizeof(peer.sin_port)); - memcpy(buffer + sizeof(peer.sin_port), &peer.sin_addr, sizeof(peer.sin_addr)); -#endif /* Calculate HMAC of buffer using the secret */ HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index fa886af557..ef739fcf59 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -371,7 +371,13 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) #endif #ifdef OPENSSL_SYS_LINUX socklen_t addr_len; - struct sockaddr_storage addr; + union { + struct sockaddr sa; + struct sockaddr_in s4; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 s6; +#endif + } addr; #endif data = (bio_dgram_data *)b->ptr; @@ -446,15 +452,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) /* (Linux)kernel sets DF bit on outgoing IP packets */ case BIO_CTRL_DGRAM_MTU_DISCOVER: #ifdef OPENSSL_SYS_LINUX - addr_len = (socklen_t)sizeof(struct sockaddr_storage); - memset((void *)&addr, 0, sizeof(struct sockaddr_storage)); - if (getsockname(b->num, (void *)&addr, &addr_len) < 0) + addr_len = (socklen_t)sizeof(addr); + memset((void *)&addr, 0, sizeof(addr)); + if (getsockname(b->num, &addr.sa, &addr_len) < 0) { ret = 0; break; } sockopt_len = sizeof(sockopt_val); - switch (addr.ss_family) + switch (addr.sa.sa_family) { case AF_INET: sockopt_val = IP_PMTUDISC_DO; @@ -462,7 +468,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) &sockopt_val, sizeof(sockopt_val))) < 0) perror("setsockopt"); break; -#if OPENSSL_USE_IPV6 +#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) case AF_INET6: sockopt_val = IPV6_PMTUDISC_DO; if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER, @@ -480,15 +486,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) #endif case BIO_CTRL_DGRAM_QUERY_MTU: #ifdef OPENSSL_SYS_LINUX - addr_len = (socklen_t)sizeof(struct sockaddr_storage); - memset((void *)&addr, 0, sizeof(struct sockaddr_storage)); - if (getsockname(b->num, (void *)&addr, &addr_len) < 0) + addr_len = (socklen_t)sizeof(addr); + memset((void *)&addr, 0, sizeof(addr)); + if (getsockname(b->num, &addr.sa, &addr_len) < 0) { ret = 0; break; } sockopt_len = sizeof(sockopt_val); - switch (addr.ss_family) + switch (addr.sa.sa_family) { case AF_INET: if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, @@ -505,7 +511,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) ret = data->mtu; } break; -#if OPENSSL_USE_IPV6 +#if OPENSSL_USE_IPV6 && defined(IPV6_MTU) case AF_INET6: if ((ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, (void *)&sockopt_val, &sockopt_len)) < 0 || sockopt_val < 0)