Dear All, Please find enclosed a patch in "diff -cr orig patched" format, applying to stunnel v500b3 as found here https://www.stunnel.org/downloads.html
This patch mainly addresses compilation and unicode issues for Windows CE targets + ONE issue preventing stunnel to display error logs in error Window on WCE.
This code has been made common to WCE AND W32, by selecting proper win32 api calls common to both platforms.
For example : InsertMenuItem does not exist on WCE, but InsertMenu can do the same job. ShellExecute does not exist on WCE, but...ShellExecuteEx does exist on both platforms and can do the job.
I use MS EVC 4sp4 compiler with WCE 420 SDK, on a vista sp2 host platform. Once debugged the code works fine on WM6 HTC smartphones. Should work on WM5. It needs a windows CE openssl lib (I recompiled MY patched version of openssl 1.0.2snap20121213 successfully: I have sent a patch to those openssl gentlemen, hoping that they will integrate it one fine day..., something not so obvious ...).
You will find my openssl "patch to port", by following carefully this thread at openssl diffusion list :
http://marc.info/?l=openssl-dev&m=135574071824906&w=2 two messages are more important than the others : one containing the patch on the code. Another one containing 2 useful scripts.
The present stunnel patch addresses the following issues :
************* I] COMPILATION FAILURES
It is important to state that to detect more type mismatching (that can be error prone at runtime), I delibarately use /WX option on both WCE and W32 compilers: this flag takes each warning as an error. This is very useful for UNICODE clean coding as, without this option, the compiler will just warn when seeing a short* (unicode string) used as a char* (ansi string), which leads to big pb at run time.
1/ orig/src/client.c just a warning on missing "return".
2/ evc.mak new SSLDIR to openssl V102snap20121213 Missing flag x86 needed to get inline function InterlockedExchange from winbase.h. Added dependency to evc.mak itself, as in vc.mak Added commctrl.lib for CommandBar routines (although, strangely, the program was running without that !)
3/ gui.c : UNICODE port for W32/WCE. WM_WINDOWSPOSCHHANGED replaces WM_SHOWINDOW, as the latter is unsupported in WCE. some mismatch between prototype and function definition for service_install. Visible now is a BOOL, as it is more consistant with its value and usage. Some "return TRUE" have been replaced by "return 0" as stated in msdn doc. Trick to delete menuitems : itemcount does not exist in WCE, but the delete loop is using the return value of deletemenu. message_boxT created for Tchar vars such as section->help ShellExecute replaced by shellExecuteEx, common to WCE and W32
4/ prototypes.h : declared message_boxT
5/ resolver.c : UNICODE issue on LoadLibrary
6/ stunnel.c type cast for time_t
7/ vc.mak : inc32 for openssl includes /WX warning as error flag to see every potential casting problem around UNICODE
************* II] OPERATIONAL ERRORS (at run-time)
1/ error log windows is displayed empty : cause = WM_SHOWWINDOW does not exist on WCE, although the constant is declared ! solution : use WM_WINDOWPOSCHANGED instead...
2/ Unsolved, unfortunaltely : on WCE only, on start, there is an error message, but no real error behind : "CommandBar_InsertMenuBar : error 120 : this function is only valid in win32 mode"
I am still searching...
************* III] MINOR IMPROVMENT
1/replaced some win3.1 ugly fonts See resources.rc : some nice FONT on About and Password dlgbox...to replace ugly windows3.1 style bold font...
Note : I use stunnel to establish a simple "vpn" between smartphones and a corporate linux server mainly for HTTPS/POPS/SMTPS support. Stunnel is very relevant in that matter, over solutions based on SSH (although we use also ssh), from a communication cost point of view : ssh establishes permanent socket between client and server, so that the communication is charged by the mobile network provider : and these charges are very expensive. On the contrary stunnel only establishes ssl sockets on demand so that financial charges are limited to strict necessary. Please note that stunnel brings "client based certificate authentication" to POP/SMTP mobile mail user agents which only BASICALLY supports SSL with server authentication, but NO client authentication, such as M$ Outlook for Mobile (unless you pay for an exchange server and exchange client licence). Here again stunnel is very relevant.
Note 2 : TODO list and Wish list :
1/ there is a remaining runtime bug on WCE : On start there is a warning that is NOT causing any failure in the software. Very difficult to analyse...
2/ find a notepad for WCE...
3/ in log.c...I really it would be good to replace hard coded values for socket errors by symbolic constant.
4/ fips openssl for WCE and then stunnel for WCE...
I hope you will find this patch useful. Michal, thank you for your excellent work, Yours sincerely,
Pierre Delaage