diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-12-05 17:06:22 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-12-07 14:16:11 +0100 |
| commit | f7f12bedcde066eda334d219228688f32e44cae7 (patch) | |
| tree | ce118488906954bb60f2c5d0fba2452e856b6719 | |
| parent | 7a14109f45fe438efe9629b998c0c4594789dd41 (diff) | |
| download | gnutls-f7f12bedcde066eda334d219228688f32e44cae7.tar.gz | |
gnutls-serv: do not exit on command failure
If gnutls_reauth() or gnutls_heartbeat_ping() fail, gnutls-serv
would simply quit. This prevents using this tool in a test environment
like tlsfuzzer. Ensure that we don't quit on error.
Resolves: #868
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | src/common.c | 4 | ||||
| -rw-r--r-- | src/serv.c | 48 |
2 files changed, 32 insertions, 20 deletions
diff --git a/src/common.c b/src/common.c index 6a0c00ebaa..753481741b 100644 --- a/src/common.c +++ b/src/common.c @@ -996,7 +996,7 @@ int check_command(gnutls_session_t session, const char *str, unsigned no_cli_cer if (ret < 0) { fprintf(stderr, "reauth: %s\n", gnutls_strerror(ret)); - exit(1); + return ret; } return 1; } else @@ -1013,7 +1013,7 @@ int check_command(gnutls_session_t session, const char *str, unsigned no_cli_cer } else { fprintf(stderr, "ping: %s\n", gnutls_strerror(ret)); - exit(1); + return ret; } } return 2; diff --git a/src/serv.c b/src/serv.c index ad58260b3a..de5691261f 100644 --- a/src/serv.c +++ b/src/serv.c @@ -1014,7 +1014,7 @@ static void strip(char *data) } } -static void +static unsigned get_response(gnutls_session_t session, char *request, char **response, int *response_length) { @@ -1035,7 +1035,7 @@ get_response(gnutls_session_t session, char *request, goto unimplemented; *p = '\0'; } -/* *response = peer_print_info(session, request+4, h, response_length); */ + if (http != 0) { if (http_data_file == NULL) *response = peer_print_info(session, response_length, h); @@ -1051,25 +1051,34 @@ get_response(gnutls_session_t session, char *request, *response = strdup("Successfully executed command\n"); if (*response == NULL) { fprintf(stderr, "Memory error\n"); - exit(1); + return 0; } *response_length = strlen(*response); - return; + return 1; } else if (ret == 0) { + if (*response == NULL) { + fprintf(stderr, "Memory error\n"); + return 0; + } *response = strdup(request); *response_length = ((*response) ? strlen(*response) : 0); } else { + *response = NULL; do { - ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_UNEXPECTED_MESSAGE); + ret = gnutls_alert_send_appropriate(session, ret); } while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + return 0; } } - return; + return 1; unimplemented: *response = strdup(HTTP_UNIMPLEMENTED); + if (*response == NULL) + return 0; *response_length = ((*response) ? strlen(*response) : 0); + return 1; } static void terminate(int sig) __attribute__ ((__noreturn__)); @@ -1663,18 +1672,21 @@ static void tcp_server(const char *name, int port) || strstr(j-> http_request, "\n\n")) { - get_response(j-> - tls_session, - j-> - http_request, - &j-> - http_response, - &j-> - response_length); - j->http_state = - HTTP_STATE_RESPONSE; - j->response_written - = 0; + if (get_response(j-> + tls_session, + j-> + http_request, + &j-> + http_response, + &j-> + response_length)) { + j->http_state = + HTTP_STATE_RESPONSE; + j->response_written + = 0; + } else { + j->http_state = HTTP_STATE_CLOSING; + } } } } |