From f7f12bedcde066eda334d219228688f32e44cae7 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 5 Dec 2019 17:06:22 +0100
Subject: gnutls-serv: do not exit on command failure

If gnutls_reauth() or gnutls_heartbeat_ping() fail, gnutls-serv
would simply quit. This prevents using this tool in a test environment
like tlsfuzzer. Ensure that we don't quit on error.

Resolves: #868

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 src/common.c |  4 ++--
 src/serv.c   | 48 ++++++++++++++++++++++++++++++------------------
 2 files changed, 32 insertions(+), 20 deletions(-)

diff --git a/src/common.c b/src/common.c
index 6a0c00ebaa..753481741b 100644
--- a/src/common.c
+++ b/src/common.c
@@ -996,7 +996,7 @@ int check_command(gnutls_session_t session, const char *str, unsigned no_cli_cer
 			if (ret < 0) {
 				fprintf(stderr, "reauth: %s\n",
 					gnutls_strerror(ret));
-				exit(1);
+				return ret;
 			}
 			return 1;
 		} else
@@ -1013,7 +1013,7 @@ int check_command(gnutls_session_t session, const char *str, unsigned no_cli_cer
 				} else {
 					fprintf(stderr, "ping: %s\n",
 						gnutls_strerror(ret));
-					exit(1);
+					return ret;
 				}
 			}
 			return 2;
diff --git a/src/serv.c b/src/serv.c
index ad58260b3a..de5691261f 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -1014,7 +1014,7 @@ static void strip(char *data)
 	}
 }
 
-static void
+static unsigned
 get_response(gnutls_session_t session, char *request,
 	     char **response, int *response_length)
 {
@@ -1035,7 +1035,7 @@ get_response(gnutls_session_t session, char *request,
 			goto unimplemented;
 		*p = '\0';
 	}
-/*    *response = peer_print_info(session, request+4, h, response_length); */
+
 	if (http != 0) {
 		if (http_data_file == NULL)
 			*response = peer_print_info(session, response_length, h);
@@ -1051,25 +1051,34 @@ get_response(gnutls_session_t session, char *request,
 			*response = strdup("Successfully executed command\n");
 			if (*response == NULL) {
 				fprintf(stderr, "Memory error\n");
-				exit(1);
+				return 0;
 			}
 			*response_length = strlen(*response);
-			return;
+			return 1;
 		} else if (ret == 0) {
+			if (*response == NULL) {
+				fprintf(stderr, "Memory error\n");
+				return 0;
+			}
 			*response = strdup(request);
 			*response_length = ((*response) ? strlen(*response) : 0);
 		} else {
+			*response = NULL;
 			do {
-				ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_UNEXPECTED_MESSAGE);
+				ret = gnutls_alert_send_appropriate(session, ret);
 			} while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
+			return 0;
 		}
 	}
 
-	return;
+	return 1;
 
       unimplemented:
 	*response = strdup(HTTP_UNIMPLEMENTED);
+	if (*response == NULL)
+		return 0;
 	*response_length = ((*response) ? strlen(*response) : 0);
+	return 1;
 }
 
 static void terminate(int sig) __attribute__ ((__noreturn__));
@@ -1663,18 +1672,21 @@ static void tcp_server(const char *name, int port)
 						    || strstr(j->
 							      http_request,
 							      "\n\n")) {
-							get_response(j->
-								     tls_session,
-								     j->
-								     http_request,
-								     &j->
-								     http_response,
-								     &j->
-								     response_length);
-							j->http_state =
-							    HTTP_STATE_RESPONSE;
-							j->response_written
-							    = 0;
+							if (get_response(j->
+								         tls_session,
+								         j->
+								         http_request,
+								         &j->
+								         http_response,
+								         &j->
+								         response_length)) {
+								j->http_state =
+								    HTTP_STATE_RESPONSE;
+								j->response_written
+								    = 0;
+							} else {
+								j->http_state = HTTP_STATE_CLOSING;
+							}
 						}
 					}
 				}
-- 
cgit v1.2.1