[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] 02/02: trying to fix #5472
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] 02/02: trying to fix #5472 |
Date: |
Mon, 12 Nov 2018 20:55:40 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
commit 21eec1db5fa782ab36dbc250317dbe117bc52af8
Author: Christian Grothoff <address@hidden>
AuthorDate: Mon Nov 12 20:55:33 2018 +0100
trying to fix #5472
---
src/cadet/test_cadet.conf | 4 ++++
src/gns/gnunet-gns-proxy.c | 48 +++++++++++++++++++++++++++++-------------
src/gns/test_gns_defaults.conf | 12 +++++++++++
3 files changed, 49 insertions(+), 15 deletions(-)
diff --git a/src/cadet/test_cadet.conf b/src/cadet/test_cadet.conf
index 5ad67fec2..30e496aff 100644
--- a/src/cadet/test_cadet.conf
+++ b/src/cadet/test_cadet.conf
@@ -98,3 +98,7 @@ START_ON_DEMAND = NO
[topology]
IMMEDIATE_START = NO
START_ON_DEMAND = NO
+
+[rps]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c
index a9013390e..e1997e215 100644
--- a/src/gns/gnunet-gns-proxy.c
+++ b/src/gns/gnunet-gns-proxy.c
@@ -59,6 +59,12 @@
#define MAX_HTTP_URI_LENGTH 2048
/**
+ * Maximum number of DANE records we support
+ * per domain name (and port and protocol).
+ */
+#define MAX_DANES 32
+
+/**
* Size of the buffer for the data upload / download. Must be
* enough for curl, thus CURL_MAX_WRITE_SIZE is needed here (16k).
*/
@@ -543,9 +549,9 @@ struct Socks5Request
char *leho;
/**
- * Payload of the (last) DANE record encountered.
+ * Payload of the DANE records encountered.
*/
- char *dane_data;
+ char *dane_data[MAX_DANES + 1];
/**
* The URL to fetch
@@ -575,7 +581,13 @@ struct Socks5Request
/**
* Number of bytes in @e dane_data.
*/
- size_t dane_data_len;
+ int dane_data_len[MAX_DANES + 1];
+
+ /**
+ * Number of entries used in @e dane_data_len
+ * and @e dane_data.
+ */
+ unsigned int num_danes;
/**
* Number of bytes already in read buffer
@@ -816,7 +828,8 @@ cleanup_s5r (struct Socks5Request *s5r)
GNUNET_free_non_null (s5r->domain);
GNUNET_free_non_null (s5r->leho);
GNUNET_free_non_null (s5r->url);
- GNUNET_free_non_null (s5r->dane_data);
+ for (unsigned int i=0;i<s5r->num_danes;i++)
+ GNUNET_free (s5r->dane_data[i]);
GNUNET_free (s5r);
}
@@ -989,10 +1002,8 @@ check_ssl_certificate (struct Socks5Request *s5r)
}
/* check for TLSA/DANE records */
#if HAVE_GNUTLS_DANE
- if (NULL != s5r->dane_data)
+ if (0 != s5r->num_danes)
{
- char *dd[] = { s5r->dane_data, NULL };
- int dlen[] = { s5r->dane_data_len, 0};
dane_state_t dane_state;
dane_query_t dane_query;
unsigned int verify;
@@ -1010,10 +1021,12 @@ check_ssl_certificate (struct Socks5Request *s5r)
gnutls_x509_crt_deinit (x509_cert);
return GNUNET_SYSERR;
}
+ s5r->dane_data[s5r->num_danes] = NULL;
+ s5r->dane_data_len[s5r->num_danes] = 0;
if (0 != (rc = dane_raw_tlsa (dane_state,
&dane_query,
- dd,
- dlen,
+ s5r->dane_data,
+ s5r->dane_data_len,
GNUNET_YES,
GNUNET_NO)))
{
@@ -3070,12 +3083,17 @@ handle_gns_result (void *cls,
(ntohs (box->protocol) != IPPROTO_TCP) ||
(ntohs (box->service) != s5r->port) )
break; /* BOX record does not apply */
- GNUNET_free_non_null (s5r->dane_data);
- s5r->dane_data_len = r->data_size - sizeof (struct
GNUNET_GNSRECORD_BoxRecord);
- s5r->dane_data = GNUNET_malloc (s5r->dane_data_len);
- GNUNET_memcpy (s5r->dane_data,
- &box[1],
- s5r->dane_data_len);
+ if (s5r->num_danes >= MAX_DANES)
+ {
+ GNUNET_break (0); /* MAX_DANES too small */
+ break;
+ }
+ s5r->dane_data_len[s5r->num_danes]
+ = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord);
+ s5r->dane_data[s5r->num_danes]
+ = GNUNET_memdup (&box[1],
+ s5r->dane_data_len);
+ s5r->num_danes++;
break;
}
default:
diff --git a/src/gns/test_gns_defaults.conf b/src/gns/test_gns_defaults.conf
index 19ba01ebb..80a2f3c44 100644
--- a/src/gns/test_gns_defaults.conf
+++ b/src/gns/test_gns_defaults.conf
@@ -20,3 +20,15 @@ PLUGINS = tcp
[transport-tcp]
BINDTO = 127.0.0.1
+
+[fs]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO
+
+[rps]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO
+
+[topology]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO
--
To stop receiving notification emails like this one, please contact
address@hidden