From 5431ebd5df605571e88fd5ef9ed122179f60dae2 Mon Sep 17 00:00:00 2001 From: Peter Pentchev Date: Tue, 4 Jan 2011 16:37:24 +0000 Subject: Implement transparent proxying using the IP_BINDANY option if available in a way a bit different (and a bit more generic) than the one in the PR. While I'm here, declare the GPL-2+ license and remove the MD5 checksum. PR: 153568 Submitted by: Jason Helfman --- security/stunnel/files/patch-src::client.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 security/stunnel/files/patch-src::client.c (limited to 'security/stunnel/files/patch-src::client.c') diff --git a/security/stunnel/files/patch-src::client.c b/security/stunnel/files/patch-src::client.c new file mode 100644 index 000000000000..ff6956a35df0 --- /dev/null +++ b/security/stunnel/files/patch-src::client.c @@ -0,0 +1,29 @@ +Description: Allow transparent proxying using IP_BINDANY. +Forwarded: yes +Author: Peter Pentchev , + Jason Helfman +Last-Updated: 2011-01-04 + +--- src/client.c.orig ++++ src/client.c +@@ -1034,15 +1034,16 @@ + static void local_bind(CLI *c) { + SOCKADDR_UNION addr; + +-#ifdef IP_TRANSPARENT ++#ifdef STUNNEL_TRANSPARENT + int on=1; + if(c->opt->option.transparent) { +- if(setsockopt(c->fd, SOL_IP, IP_TRANSPARENT, &on, sizeof on)) +- sockerror("setsockopt IP_TRANSPARENT"); ++ if(setsockopt(c->fd, STUNNEL_TRANSPARENT_LEVEL, ++ STUNNEL_TRANSPARENT, &on, sizeof on)) ++ sockerror("setsockopt " STUNNEL_TRANSPARENT_NAME); + /* ignore the error to retain Linux 2.2 compatibility */ + /* the error will be handled by bind(), anyway */ + } +-#endif /* IP_TRANSPARENT */ ++#endif /* STUNNEL_TRANSPARENT */ + + memcpy(&addr, &c->bind_addr.addr[0], sizeof addr); + if(ntohs(addr.in.sin_port)>=1024) { /* security check */ -- cgit v1.2.3