X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=src%2Fconnection.c;h=fb854da4536937ae43f136ff6f418cbbaf776698;hb=70dfaa55b611838c956f700b5f47b2c2753988f1;hp=1fbbae57831f1464109380b4e5339df09e72710c;hpb=55ce9f0a9991527dc9a7c09ee03446c3a7c48e93;p=tlsproxy%2Ftlsproxy.git

diff --git a/src/connection.c b/src/connection.c
index 1fbbae5..fb854da 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -1,7 +1,7 @@
 /*
  * Handle connections.
  *
- * Copyright (C) 2011-2013  Simon Ruderich
+ * Copyright (C) 2011-2014  Simon Ruderich
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -26,6 +26,7 @@
 #include <limits.h>
 #include <netdb.h>
 #include <poll.h>
+#include <sys/socket.h>
 #include <unistd.h>
 
 #include <gnutls/x509.h>
@@ -101,9 +102,9 @@ void handle_connection(int client_socket) {
     int version_minor; /* x in HTTP/1.x */
     int result;
 
-    /* client_x509_cred is used when talking to the client (acting as a TSL
+    /* client_x509_cred is used when talking to the client (acting as a TLS
      * server), server_x509_cred is used when talking to the server (acting as
-     * a TSL client). */
+     * a TLS client). */
     gnutls_certificate_credentials_t client_x509_cred, server_x509_cred;
 
     gnutls_session_t client_session, server_session;
@@ -206,7 +207,7 @@ void handle_connection(int client_socket) {
     LOG(DEBUG1, "connection to server established");
 
     /* If the -u option is used and we don't know this hostname's server
-     * certificate then just pass through the connection and let the client
+     * certificate, then just pass through the connection and let the client
      * verify the server certificate. */
     if (global_passthrough_unknown) {
         char path[TLSPROXY_MAX_PATH_LENGTH];
@@ -788,7 +789,11 @@ static int read_from_write_to_tls(gnutls_session_t from,
         /* Allow rehandshakes. As handshakes might be insecure make sure that
          * %SAFE_RENEGOTIATION is used in GnuTLS's priority string. */
         if (size_read == GNUTLS_E_REHANDSHAKE) {
-            int result = gnutls_handshake(from);
+            int result;
+
+            LOG(DEBUG1, "server requested TLS rehandshake");
+
+            result = gnutls_handshake(from);
             if (result != GNUTLS_E_SUCCESS) {
                 LOG(WARNING, "server TLS rehandshake failed: %s",
                              gnutls_strerror(result));
@@ -839,8 +844,10 @@ static int connect_to_host(const char *hostname, const char *port) {
     gai_hints.ai_socktype = SOCK_STREAM;
     gai_hints.ai_protocol = 0;
     gai_hints.ai_flags    = AI_NUMERICSERV /* given port is numeric */
+#ifdef AI_ADDRCONFIG
                           | AI_ADDRCONFIG  /* supported by this computer */
-                          | AI_V4MAPPED;   /* support IPv4 through IPv6 */
+#endif
+                          ;
     gai_return = getaddrinfo(hostname, port, &gai_hints, &gai_result);
     if (gai_return != 0) {
         if (gai_return == EAI_SYSTEM) {