diff options
| author | bluhm <> | 2017-02-08 18:44:50 +0000 |
|---|---|---|
| committer | bluhm <> | 2017-02-08 18:44:50 +0000 |
| commit | 99be07c825e0b7c54b5ee93794d0cd72a72ec590 (patch) | |
| tree | 76a82ccc5210652e393424e01eeb4d19fc88a25b | |
| parent | a94b7f932785504243453f5af199073e401a6650 (diff) | |
| download | openbsd-99be07c825e0b7c54b5ee93794d0cd72a72ec590.tar.gz openbsd-99be07c825e0b7c54b5ee93794d0cd72a72ec590.tar.bz2 openbsd-99be07c825e0b7c54b5ee93794d0cd72a72ec590.zip | |
Avoid a busy loop in netcat's tls_close(). Reuse the tls_handshake()
wrapper that calls poll(2) and handles the -w timeout.
OK beck@
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 26 |
1 files changed, 8 insertions, 18 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index cabb3ceea6..adc1e1532a 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.174 2017/02/08 18:03:31 bluhm Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.175 2017/02/08 18:44:50 bluhm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -121,7 +121,7 @@ int local_listen(char *, char *, struct addrinfo); | |||
| 121 | void readwrite(int, struct tls *); | 121 | void readwrite(int, struct tls *); |
| 122 | void fdpass(int nfd) __attribute__((noreturn)); | 122 | void fdpass(int nfd) __attribute__((noreturn)); |
| 123 | int remote_connect(const char *, const char *, struct addrinfo); | 123 | int remote_connect(const char *, const char *, struct addrinfo); |
| 124 | int timeout_handshake(int, struct tls *); | 124 | int timeout_tls(int, struct tls *, int (*)(struct tls *)); |
| 125 | int timeout_connect(int, const struct sockaddr *, socklen_t); | 125 | int timeout_connect(int, const struct sockaddr *, socklen_t); |
| 126 | int socks_connect(const char *, const char *, struct addrinfo, | 126 | int socks_connect(const char *, const char *, struct addrinfo, |
| 127 | const char *, const char *, struct addrinfo, int, const char *); | 127 | const char *, const char *, struct addrinfo, int, const char *); |
| @@ -578,12 +578,7 @@ main(int argc, char *argv[]) | |||
| 578 | if (!usetls) | 578 | if (!usetls) |
| 579 | readwrite(connfd, NULL); | 579 | readwrite(connfd, NULL); |
| 580 | if (tls_cctx) { | 580 | if (tls_cctx) { |
| 581 | int i; | 581 | timeout_tls(s, tls_cctx, tls_close); |
| 582 | |||
| 583 | do { | ||
| 584 | i = tls_close(tls_cctx); | ||
| 585 | } while (i == TLS_WANT_POLLIN || | ||
| 586 | i == TLS_WANT_POLLOUT); | ||
| 587 | tls_free(tls_cctx); | 582 | tls_free(tls_cctx); |
| 588 | tls_cctx = NULL; | 583 | tls_cctx = NULL; |
| 589 | } | 584 | } |
| @@ -673,12 +668,7 @@ main(int argc, char *argv[]) | |||
| 673 | if (!zflag) | 668 | if (!zflag) |
| 674 | readwrite(s, tls_ctx); | 669 | readwrite(s, tls_ctx); |
| 675 | if (tls_ctx) { | 670 | if (tls_ctx) { |
| 676 | int j; | 671 | timeout_tls(s, tls_ctx, tls_close); |
| 677 | |||
| 678 | do { | ||
| 679 | j = tls_close(tls_ctx); | ||
| 680 | } while (j == TLS_WANT_POLLIN || | ||
| 681 | j == TLS_WANT_POLLOUT); | ||
| 682 | tls_free(tls_ctx); | 672 | tls_free(tls_ctx); |
| 683 | tls_ctx = NULL; | 673 | tls_ctx = NULL; |
| 684 | } | 674 | } |
| @@ -729,12 +719,12 @@ unix_bind(char *path, int flags) | |||
| 729 | } | 719 | } |
| 730 | 720 | ||
| 731 | int | 721 | int |
| 732 | timeout_handshake(int s, struct tls *tls_ctx) | 722 | timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *)) |
| 733 | { | 723 | { |
| 734 | struct pollfd pfd; | 724 | struct pollfd pfd; |
| 735 | int ret; | 725 | int ret; |
| 736 | 726 | ||
| 737 | while ((ret = tls_handshake(tls_ctx)) != 0) { | 727 | while ((ret = (*func)(tls_ctx)) != 0) { |
| 738 | if (ret == TLS_WANT_POLLIN) | 728 | if (ret == TLS_WANT_POLLIN) |
| 739 | pfd.events = POLLIN; | 729 | pfd.events = POLLIN; |
| 740 | else if (ret == TLS_WANT_POLLOUT) | 730 | else if (ret == TLS_WANT_POLLOUT) |
| @@ -765,7 +755,7 @@ tls_setup_client(struct tls *tls_ctx, int s, char *host) | |||
| 765 | errx(1, "tls connection failed (%s)", | 755 | errx(1, "tls connection failed (%s)", |
| 766 | tls_error(tls_ctx)); | 756 | tls_error(tls_ctx)); |
| 767 | } | 757 | } |
| 768 | if (timeout_handshake(s, tls_ctx) == -1) { | 758 | if (timeout_tls(s, tls_ctx, tls_handshake) == -1) { |
| 769 | if ((errstr = tls_error(tls_ctx)) == NULL) | 759 | if ((errstr = tls_error(tls_ctx)) == NULL) |
| 770 | errstr = strerror(errno); | 760 | errstr = strerror(errno); |
| 771 | errx(1, "tls handshake failed (%s)", errstr); | 761 | errx(1, "tls handshake failed (%s)", errstr); |
| @@ -785,7 +775,7 @@ tls_setup_server(struct tls *tls_ctx, int connfd, char *host) | |||
| 785 | 775 | ||
| 786 | if (tls_accept_socket(tls_ctx, &tls_cctx, connfd) == -1) { | 776 | if (tls_accept_socket(tls_ctx, &tls_cctx, connfd) == -1) { |
| 787 | warnx("tls accept failed (%s)", tls_error(tls_ctx)); | 777 | warnx("tls accept failed (%s)", tls_error(tls_ctx)); |
| 788 | } else if (timeout_handshake(connfd, tls_cctx) == -1) { | 778 | } else if (timeout_tls(connfd, tls_cctx, tls_handshake) == -1) { |
| 789 | if ((errstr = tls_error(tls_ctx)) == NULL) | 779 | if ((errstr = tls_error(tls_ctx)) == NULL) |
| 790 | errstr = strerror(errno); | 780 | errstr = strerror(errno); |
| 791 | warnx("tls handshake failed (%s)", errstr); | 781 | warnx("tls handshake failed (%s)", errstr); |