socat - Multipurpose relay (cloned from git://repo.or.cz/socat.git) - I am not the project owner, please submit bugs to socat@dest-unreach.org
Switch branches/tags
Clone or download
craSH Merge pull request #5 from pilkch/spelling
socat.yo "econd" -> "second".
Latest commit c20699f Apr 18, 2016
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Config Final fixes before release 1.7.3.0 Jan 24, 2015
doc Merge pull request #5 from pilkch/spelling Apr 18, 2016
BUGREPORTS socat V1.6.0.0 (initial GIT commit) Jan 27, 2008
CHANGES version 1.7.3.1 Jan 29, 2016
COPYING libwrap only logs to syslog; actual COPYING file Mar 2, 2014
COPYING.OpenSSL socat V1.6.0.0 (initial GIT commit) Jan 27, 2008
DEVELOPMENT Made code async-signal-safe Jan 12, 2015
EXAMPLES minor corrections of docu and test.sh; o-append Apr 2, 2009
FAQ FAQ: SIGTTOU problem and solution Feb 7, 2008
FILES socat V1.6.0.0 (initial GIT commit) Jan 27, 2008
Makefile.in Final fixes before release 1.7.3.0 Jan 24, 2015
PORTING socat V1.6.0.0 (initial GIT commit) Jan 27, 2008
README version 1.7.3.0 Jan 24, 2015
README.FIPS socat V1.6.0.0 (initial GIT commit) Jan 27, 2008
SECURITY socat V1.6.0.0 (initial GIT commit) Jan 27, 2008
VERSION version 1.7.3.1 Jan 29, 2016
compat.h environ variable from C runtime is not declared on all systems Jan 23, 2015
config.h.in Port to Openindiana Jan 23, 2015
configure.ac struct cmsghdr.cmsg is system dependend; more print format corrections Mar 9, 2014
configure.in Function cfmakeraw() is simulated when missing Jan 23, 2015
daemon.sh replaced RCS ID's by source file names Jan 28, 2008
dalan.c Support for NetBSD 5.1 Jan 23, 2015
dalan.h replaced RCS ID's by source file names Jan 28, 2008
error.c Port to Openindiana Jan 23, 2015
error.h Made code async-signal-safe Jan 12, 2015
fdname.c Ubuntu Oneiric: OpenSSL w/o SSLv2, bsd/libutil.h, unused vars Dec 4, 2011
filan.c Red Hat issue 1020203: configure checks fail with some compilers Mar 2, 2014
filan.h merged features ioctl, setsockopt, generic-socket Sep 22, 2008
filan_main.c Corrected help text for filan -L Jan 23, 2015
ftp.sh replaced RCS ID's by source file names Jan 28, 2008
gatherinfo.sh replaced RCS ID's by source file names Jan 28, 2008
hostan.c Corrected some configure --disable Jan 12, 2015
hostan.h replaced RCS ID's by source file names Jan 28, 2008
install-sh socat V1.6.0.0 (initial GIT commit) Jan 27, 2008
mail.sh version 1.7.1.0 Apr 2, 2009
mytypes.h Prevent multiple definition of bool,Min(),Max() (MacOS X) Jan 23, 2015
nestlex.c socat security advisory 8: stack overflow in nestlex() Jan 29, 2016
nestlex.h socat security advisory 8: stack overflow in nestlex() Jan 29, 2016
procan-cdefs.c struct cmsghdr.cmsg is system dependend; more print format corrections Mar 9, 2014
procan.c Increased field width for ulimit values from 16 to 24 digits Mar 2, 2014
procan.h procan prints C defines important for socat Jan 31, 2008
procan_main.c Made code async-signal-safe Jan 12, 2015
proxy.sh replaced RCS ID's by source file names Jan 28, 2008
proxyecho.sh minor corrections of docu and test.sh; o-append Apr 2, 2009
readline-test.sh ported generic socket to *BSD; minor improvements Sep 20, 2008
readline.sh replaced RCS ID's by source file names Jan 28, 2008
snprinterr.c Made code async-signal-safe Jan 12, 2015
snprinterr.h Made code async-signal-safe Jan 12, 2015
socat.c Debian Bug 764251: Set the build timestamp to a deterministic time Jan 23, 2015
socat.spec version 1.7.3.1 Jan 29, 2016
socat_buildscript_for_android.sh Android build script with pty code Mar 2, 2014
socks4a-echo.sh replaced RCS ID's by source file names Jan 28, 2008
socks4echo.sh replaced RCS ID's by source file names Jan 28, 2008
sslcls.c Added TLS methods support Jan 23, 2015
sslcls.h Added TLS methods support Jan 23, 2015
sycls.c Made code async-signal-safe Jan 12, 2015
sycls.h struct cmsghdr.cmsg is system dependend; more print format corrections Mar 9, 2014
sysincludes.h Support for NetBSD 5.1 Jan 23, 2015
sysutils.c Check OpenSSL peers commonName+subjectAltName; new option openssl-com… Jan 12, 2015
sysutils.h Check OpenSSL peers commonName+subjectAltName; new option openssl-com… Jan 12, 2015
test.sh socat security advisory 8: stack overflow in nestlex() Jan 29, 2016
testcert.conf Generate testcert.conf and testcert6.conf in test.sh Jan 12, 2015
utils.c Check OpenSSL peers commonName+subjectAltName; new option openssl-com… Jan 12, 2015
utils.h Red Hat issue 1020203: configure checks fail with some compilers Mar 2, 2014
vsnprintf_r.c Made code async-signal-safe Jan 12, 2015
vsnprintf_r.h Made code async-signal-safe Jan 12, 2015
xio-ascii.c Red Hat issue 1021958: fixed a bug with faulty buffer/data length cal… Mar 2, 2014
xio-ascii.h merged features ancillary, envvar Sep 22, 2008
xio-creat.c replaced RCS ID's by source file names Jan 28, 2008
xio-creat.h replaced RCS ID's by source file names Jan 28, 2008
xio-exec.c Ubuntu Oneiric: OpenSSL w/o SSLv2, bsd/libutil.h, unused vars Dec 4, 2011
xio-exec.h replaced RCS ID's by source file names Jan 28, 2008
xio-ext2.c replaced RCS ID's by source file names Jan 28, 2008
xio-ext2.h replaced RCS ID's by source file names Jan 28, 2008
xio-fd.c on some 64bit systems a compiler warning "cast from pointer to intege… Jan 9, 2010
xio-fd.h new address options shut-null, null-eof Apr 2, 2009
xio-fdnum.c replaced RCS ID's by source file names Jan 28, 2008
xio-fdnum.h replaced RCS ID's by source file names Jan 28, 2008
xio-file.c replaced RCS ID's by source file names Jan 28, 2008
xio-file.h replaced RCS ID's by source file names Jan 28, 2008
xio-gopen.c fixed a bug where socat might crash when connecting to a unix domain … Oct 3, 2010
xio-gopen.h replaced RCS ID's by source file names Jan 28, 2008
xio-interface.c added struct sockaddr_ll to union sockaddr_union to avoid "strict ali… Jan 4, 2010
xio-interface.h new address "interface" for transparent network interface handling Sep 20, 2008
xio-ip.c Red Hat issue: socat 1.7.2.4 build failure missing linux/errqueue.h Jan 23, 2015
xio-ip.h merged features ioctl, setsockopt, generic-socket Sep 22, 2008
xio-ip4.c Red Hat issue 1022063: out-of-range shifts on net mask bits Mar 2, 2014
xio-ip4.h merged features ioctl, setsockopt, generic-socket Sep 22, 2008
xio-ip6.c Red Hat issue 1020203: configure checks fail with some compilers Mar 2, 2014
xio-ip6.h merged features ioctl, setsockopt, generic-socket Sep 22, 2008
xio-ipapp.c Fixed memory leaks Jan 23, 2015
xio-ipapp.h reworked so-type, so-prototype Sep 20, 2008
xio-listen.c Port to Openindiana Jan 23, 2015
xio-listen.h new option max-children that limits the number of concurrent child pr… Nov 26, 2011
xio-named.c some file system bases addresses failed to apply file options Mar 2, 2014
xio-named.h replaced RCS ID's by source file names Jan 28, 2008
xio-openssl.c socat security advisory 7, MSVR-1499: created new 2048bit DH modulus Jan 29, 2016
xio-openssl.h Check OpenSSL peers commonName+subjectAltName; new option openssl-com… Jan 12, 2015
xio-pipe.c some file system bases addresses failed to apply file options Mar 2, 2014
xio-pipe.h replaced RCS ID's by source file names Jan 28, 2008
xio-process.c struct cmsghdr.cmsg is system dependend; more print format corrections Mar 9, 2014
xio-process.h Red Hat issue 1021429: getgroupent fails with large number of groups Mar 2, 2014
xio-progcall.c Print error on useless fdout,fdin options Jan 23, 2015
xio-progcall.h EXEC and SYSTEM with stderr injected socat messages into the data stream Jun 7, 2008
xio-proxy.c struct cmsghdr.cmsg is system dependend; more print format corrections Mar 9, 2014
xio-proxy.h replaced RCS ID's by source file names Jan 28, 2008
xio-pty.c Red Hat issue 1020203: configure checks fail with some compilers Mar 2, 2014
xio-pty.h replaced RCS ID's by source file names Jan 28, 2008
xio-rawip.c merged features ioctl, setsockopt, generic-socket Sep 22, 2008
xio-rawip.h replaced RCS ID's by source file names Jan 28, 2008
xio-readline.c Red Hat issue 1022048: strncpy hardening Mar 2, 2014
xio-readline.h replaced RCS ID's by source file names Jan 28, 2008
xio-sctp.c merged feature sctp streams Sep 22, 2008
xio-sctp.h merged feature sctp streams Sep 22, 2008
xio-socket.c Check OpenSSL peers commonName+subjectAltName; new option openssl-com… Jan 12, 2015
xio-socket.h new address options shut-null, null-eof Apr 2, 2009
xio-socks.c struct cmsghdr.cmsg is system dependend; more print format corrections Mar 9, 2014
xio-socks.h replaced RCS ID's by source file names Jan 28, 2008
xio-stdio.c corrected option handling with stdio Feb 3, 2008
xio-stdio.h replaced RCS ID's by source file names Jan 28, 2008
xio-streams.c new address options i-pop-all, i-push Sep 26, 2008
xio-streams.h new address options i-pop-all, i-push Sep 26, 2008
xio-system.c Address SYSTEM, when terminating, shutted down its parent addresses Jan 12, 2015
xio-system.h replaced RCS ID's by source file names Jan 28, 2008
xio-tcp.c replaced RCS ID's by source file names Jan 28, 2008
xio-tcp.h replaced RCS ID's by source file names Jan 28, 2008
xio-tcpwrap.c merged features ancillary, envvar Sep 22, 2008
xio-tcpwrap.h replaced RCS ID's by source file names Jan 28, 2008
xio-termios.c Added option rawer for pty Jan 23, 2015
xio-termios.h Function cfmakeraw() is simulated when missing Jan 23, 2015
xio-tun.c Red Hat issue 1022048: strncpy hardening Mar 2, 2014
xio-tun.h replaced RCS ID's by source file names Jan 28, 2008
xio-udp.c struct cmsghdr.cmsg is system dependend; more print format corrections Mar 9, 2014
xio-udp.h replaced RCS ID's by source file names Jan 28, 2008
xio-unix.c Fixed bind with abstract unix domain sockets (Linux) Jan 12, 2015
xio-unix.h merged feature protocol-type Sep 22, 2008
xio.h Port to Openindiana Jan 23, 2015
xioclose.c removed END_UNLINK (not yet needed) Jan 9, 2010
xioconfig.h Red Hat issue 1020203: configure checks fail with some compilers Mar 2, 2014
xiodiag.c replaced RCS ID's by source file names Jan 28, 2008
xiodiag.h replaced RCS ID's by source file names Jan 28, 2008
xioexit.c Final fixes before release 1.7.3.0 Jan 24, 2015
xiohelp.c version 1.7.0.1 Apr 1, 2009
xiohelp.h replaced RCS ID's by source file names Jan 28, 2008
xioinitialize.c typos in docu and source Nov 26, 2011
xiolayer.c on some 64bit systems a compiler warning "cast from pointer to intege… Jan 9, 2010
xiolayer.h new address option "escape" allows to break a socat instance Sep 20, 2008
xiolockfile.c handle partial write()'s without data loss Oct 9, 2011
xiolockfile.h replaced RCS ID's by source file names Jan 28, 2008
xiomodes.h new address options i-pop-all, i-push Sep 26, 2008
xioopen.c adapted conditionals to genericsocket, interface Sep 24, 2008
xioopen.h merged feature sctp streams Sep 22, 2008
xioopts.c Function cfmakeraw() is simulated when missing Jan 23, 2015
xioopts.h Added option rawer for pty Jan 23, 2015
xioparam.c Red Hat issue 1022048: strncpy hardening Mar 2, 2014
xioread.c added struct sockaddr_ll to union sockaddr_union to avoid "strict ali… Jan 4, 2010
xioshutdown.c Made code async-signal-safe Jan 12, 2015
xiosigchld.c Made code async-signal-safe Jan 12, 2015
xiosignal.c Made code async-signal-safe Jan 12, 2015
xiosysincludes.h replaced RCS ID's by source file names Jan 28, 2008
xiowrite.c handle partial write()'s without data loss Oct 9, 2011

README

about
-----

socat is a relay for bidirectional data transfer between two independent data
channels. Each of these data channels may be a file, pipe, device (serial line
etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an
SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU
line editor (readline), a program, or a combination of two of these. 
These modes include generation of "listening" sockets, named pipes, and pseudo
terminals.

socat can be used, e.g., as TCP port forwarder (one-shot or daemon), as an
external socksifier, for attacking weak firewalls, as a shell interface to UNIX
sockets, IP6 relay, for redirecting TCP oriented programs to a serial line, to
logically connect serial lines on different computers, or to establish a
relatively secure environment (su and  chroot) for running client or server
shell scripts with network connections. 

Many options are available to refine socats behaviour:
terminal parameters, open() options, file permissions, file and process owners,
basic socket options like bind address, advanced socket options like IP source
routing, linger, TTL, TOS (type of service), or TCP performance tuning.

More capabilities, like daemon mode with forking, client address check,
"tail -f" mode, some stream data processing (line terminator conversion),
choosing sockets, pipes, or ptys for interprocess communication, debug and
trace options, logging to syslog, stderr or file, and last but not least
precise error messages make it a versatile tool for many different purposes.

In fact, many of these features already exist in specialized tools; but until
now, there does not seem to exists another tool that provides such a generic,
flexible, simple and almost comprehensive (UNIX) byte stream connector.


packages
--------

before bothering with compilers, dependencies and include files, you might
try to get a binary distribution that matches your platform. Have a look at 
the projects home page for actual information regarding socat binary 
distributions.


platforms
---------

socat 1.7.0 was compiled and more or less successfully tested under the
following operating systems:

Debian lenny/sid on x86, kernel 2.6.24
FreeBSD 6.1 on x86
NetBSD 4.0  on x86
OpenBSD 4.3 on x86
OpenSolaris 10 on x86 with gcc
Mac OS X 10.5.5 on iMac G5, with libreadline
HP-UX 11.23
AIX 5.3 on 64bit Power4 with gcc
Cygwin 1.5.25 on i686

tests on Tru64 can no longer be performed because HP testdrive has taken down
these hosts.

Some versions of socat have been reported to successfully compile under older
Linux versions back to RedHat 2.1 (kernel 1.2.13, gcc 2.7.0), under AIX 4.1 and
4.3, SunOS 5.7-5.8, FreeBSD 4.2 - 4.9, MacOS X 10.1, Cygwin, Solaris 8 on x86, 
OSR 5.0.6, NetBSD 1.6.1 and 2.0.2, OpenBSD 3.4 and 3.8, Tru64 5.1B, Mac OS X
10.1-10.2, and HP-UX 11

It might well compile and run under other UNIX like operating systems.


install
-------

Get the tarball and extract it:
	tar xzf socat.tar.gz
	cd socat-1.7.3.0
	./configure
	make
	su
	make install	# installs socat, filan, and procan in /usr/local/bin

For compiling socat, gcc (or egc) is recommended.
If gcc is not available, the configure script will fail to determine
some features; then you'd better begin with one of the Makefiles and config.h's
from the Config directory.

If you have problems with the OpenSSL library, you can apply the option
"--disable-openssl" to configure.

If you have problems with the readline library or (n)curses, you can apply the
option "--disable-readline" to configure.

If you have problems with the tcp wrappers library, you can apply the option
"--disable-libwrap" to configure.

If you still get errors or a tremendous amount of warnings you can exclude 
the features for system call tracing and file descriptor analyzing by
applying the options "--disable-sycls --disable-filan" to configure.

You still need the functions vsnprintf and snprintf that are in the GNU libc,
but might not be available with some proprietary libc's.

The configure script looks for headers and libraries of openssl, readline, and
tcp wrappers in the OS'es standard places and in the subdirectories include/
and lib/ of the following places: 
   /sw/
   /usr/local/
   /opt/freeware/
   /usr/sfw/
and for openssl also in:
   /usr/local/ssl/
In case of unexpected behaviour it is important to understand that configure
first searches for the appropriate include file and then expects to find the
library in the associated lib directory. That means, when e.g. a OpenSSL
installation resides under /usr/local and there is a symbolic link from
/usr/include/ssl/ssl.h to /usr/local/ssl/include/ssl/ssl.h, configure will find
the /usr/include/... header and will therefore expect libssl in /usr/lib
instead of /usr/local/...

If configure does not find a header file or library but you know where it is,
you can specify additional search locations, e.g.:
   export LIBS="-L$HOME/lib"
   export CPPFLAGS="-I$HOME/include"
before running configure and make.

For other operating systems, if socat does not compile without errors, refer to
the file PORTING.


platform specifics - redhat
---------------------------

Install the following packages before building socat:
  tcp_wrappers-devel
  readline-devel
  openssl-devel

On RedHat Linux 9.0, including openssl/ssl.h might fail due to problems with
the krb5-devel package. configure reacts with disabling openssl integration. 
To solve this issue, help cpp to find the krb5.h include file:
CPPFLAGS="-I/usr/kerberos/include" ./configure


platform specifics - aix
------------------------

The flock() prototype is not available but the function is. Thus, to enable the
socat flock options, run configure and then change in config.h the line 
/* #undef HAVE_FLOCK */
to
#define HAVE_FLOCK 1
and continue the build process.

When using the OpenSSL rpm provided by IBM, configure might need the 
environment variable setting:
LIBS="-L/opt/freeware/lib"

When using the OpenSSL bundle provided by IBM, egd needs to be installed too
to get enough entropy.

socat compiles not only with gcc, but also with xlc. Just adapt the Makefile:
replace gcc by /usr/vac/bin/xlc and remove gcc specific options 
"-Wall -Wno-parentheses".

When linking with the OpenSSL library provided by IBM, errors may occur:
ld: 0711-317 ERROR: Undefined symbol: .__umoddi3
In this case, you need to link with libgcc or compile libcrypt yourself using
xlc, or disable SSL (in config.h, undefine WITH_OPENSSL and recompile)

The score of test.sh can be improved by uncommenting MISCDELAY=1 in this
script.


platform specifics - solaris
----------------------------

If libreadline or libssl are in a directory not searched by the loader per
default, e.g. /opt/sfw/lib, you must add this directory to $LD_LIBRARY_PATH,
for running both configure and the socat executables, e.g.:
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/sfw/lib

For some shell scripts, it is preferable to have /usr/xpg4/bin at a prominent
position in $PATH.

With the default compiler define _GNU_SOURCE, the CMSG_* macros are not
available, and therefore ancillary messages cannot be used. To enable these try
the following:
After running ./configure, edit Makefile and replace "-D_GNU_SOURCE" with
"-D_XPG4_2 -D__EXTENSIONS__" and run make


platform specifics - hp-ux
--------------------------

Ancillary messages cannot be compiled in with socat: both struct msghdr and
struct cmsghdr are required. Compiling with -D_XOPEN_SOURCE_EXTENDED provides
struct msghdr but disables struct cmsghdr while -D_OPEN_SOURCE disables struct
msghdr but disables struct cmsghdr. Please contact socat development if you
know a solution.

Shutting down the write channel of a UNIX domain socket does not seem to
trigger an EOF on the peer socket. This makes problems with the exec and
system addresses.

This OS provides the type "long long", but not the strtoll() function to read
data into a long long variable.

UNIX domain sockets are only supported with SOCK_STREAM, not with datagrams
(see man 7 unix).

With UDP sockets it seems to happen that the select() call reports available
data (or EOF) but a subsequent read() call hangs.


platform specifics - tru64
--------------------------

When the use of the readline address fails with an error like:
socat: /sbin/loader: Fatal Error: Reference to unresolvable symbol "tgetent" in ".../libreadline.so.4"
and you still want to use shared libraries, try the following workaround: 
$ make distclean; LIBS="-static" ./configure
remove the "-static" occurrence in Makefile
$ make


documentation
-------------

These files reside in the doc subdirectory:

socat.1 is the man page, socat.html is the HTML based man page. It is actual,
but describes only the more useful options.

xio.help is an older, but more exact description in text form; with socat
version 1.6.0 it is outdated.

doc/socat-openssltunnel.html is a simple tutorial for a private SSL connection.
doc/socat-multicast.html is a short tutorial for multicast and broadcast
communications.
doc/socat-tun shows how to build a virtual network between two hosts.

socat.1 and socat.html can be generated from socat.yo (which is released with
socat 1.6.0.1 and later) using the yodl document language package. Maintenance
of yodl had been discontinued by its author
(http://www.xs4all.nl/~jantien/yodl/) (there seems to be a revival at
http://yodl.sourceforge.net/ though). For socat, the old version 1.31 is used;
an rpm is still distributed with recent OpenSuSE versions (confirmed for
OpenSuSE 10.1 in suse/i586/yodl-1.31.18-1142.i586.rpm). It appears to install
smoothly also under RedHat Linux. After yodl 1.31 installation, the following
correction must be performed in /usr/share/yodl/shared.yo in two places:
< whenhtml(htmlcommand(<!)ARG1+htmlcommand(>)))
> whenhtml(htmlcommand(<!--)ARG1+htmlcommand(-->)))


license
-------

socat is distributed under the terms of the GNU GPLv2;
except for install-sh, which is copyright MIT, with its own license;

In addition, as a special exception, the copyright holder
gives permission to link the code of this program with
any version of the OpenSSL library which is distributed
under a license identical to that listed in the included
COPYING.OpenSSL file, and distribute linked combinations
including the two. You must obey the GNU General Public
License in all respects for all of the code used other
than OpenSSL. If you modify this file, you may extend this
exception to your version of the file, but you are not
obligated to do so. If you do not wish to do so, delete
this exception statement from your version.


    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, version 2 of the License

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.


contact
-------

For questions, bug reports, ideas, contributions etc. please contact
socat@dest-unreach.org

For socat source distribution, bug fixes, and latest news see
        http://www.dest-unreach.org/socat/

www.socat.org is an alternate site providing the same contents.

public git repository:
	git://repo.or.cz/socat.git
	http://repo.or.cz/r/socat.git