[GNUnet-SVN] [gnunet] 02/02: trying to fix #5472

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnunet] 02/02: trying to fix #5472

From:	gnunet
Subject:	[GNUnet-SVN] [gnunet] 02/02: trying to fix #5472
Date:	Mon, 12 Nov 2018 20:55:40 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository gnunet.

commit 21eec1db5fa782ab36dbc250317dbe117bc52af8
Author: Christian Grothoff <address@hidden>
AuthorDate: Mon Nov 12 20:55:33 2018 +0100

    trying to fix #5472
---
 src/cadet/test_cadet.conf      |  4 ++++
 src/gns/gnunet-gns-proxy.c     | 48 +++++++++++++++++++++++++++++-------------
 src/gns/test_gns_defaults.conf | 12 +++++++++++
 3 files changed, 49 insertions(+), 15 deletions(-)

diff --git a/src/cadet/test_cadet.conf b/src/cadet/test_cadet.conf
index 5ad67fec2..30e496aff 100644
--- a/src/cadet/test_cadet.conf
+++ b/src/cadet/test_cadet.conf
@@ -98,3 +98,7 @@ START_ON_DEMAND = NO
 [topology]
 IMMEDIATE_START = NO
 START_ON_DEMAND = NO
+
+[rps]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c
index a9013390e..e1997e215 100644
--- a/src/gns/gnunet-gns-proxy.c
+++ b/src/gns/gnunet-gns-proxy.c
@@ -59,6 +59,12 @@
 #define MAX_HTTP_URI_LENGTH 2048
 
 /**
+ * Maximum number of DANE records we support
+ * per domain name (and port and protocol).
+ */
+#define MAX_DANES 32
+
+/**
  * Size of the buffer for the data upload / download.  Must be
  * enough for curl, thus CURL_MAX_WRITE_SIZE is needed here (16k).
  */
@@ -543,9 +549,9 @@ struct Socks5Request
   char *leho;
 
   /**
-   * Payload of the (last) DANE record encountered.
+   * Payload of the DANE records encountered.
    */
-  char *dane_data;
+  char *dane_data[MAX_DANES + 1];
 
   /**
    * The URL to fetch
@@ -575,7 +581,13 @@ struct Socks5Request
   /**
    * Number of bytes in @e dane_data.
    */
-  size_t dane_data_len;
+  int dane_data_len[MAX_DANES + 1];
+
+  /**
+   * Number of entries used in @e dane_data_len
+   * and @e dane_data.
+   */
+  unsigned int num_danes;
 
   /**
    * Number of bytes already in read buffer
@@ -816,7 +828,8 @@ cleanup_s5r (struct Socks5Request *s5r)
   GNUNET_free_non_null (s5r->domain);
   GNUNET_free_non_null (s5r->leho);
   GNUNET_free_non_null (s5r->url);
-  GNUNET_free_non_null (s5r->dane_data);
+  for (unsigned int i=0;i<s5r->num_danes;i++)
+    GNUNET_free (s5r->dane_data[i]);
   GNUNET_free (s5r);
 }
 
@@ -989,10 +1002,8 @@ check_ssl_certificate (struct Socks5Request *s5r)
   }
   /* check for TLSA/DANE records */
 #if HAVE_GNUTLS_DANE
-  if (NULL != s5r->dane_data)
+  if (0 != s5r->num_danes)
   {
-    char *dd[] = { s5r->dane_data, NULL };
-    int dlen[] = { s5r->dane_data_len, 0};
     dane_state_t dane_state;
     dane_query_t dane_query;
     unsigned int verify;
@@ -1010,10 +1021,12 @@ check_ssl_certificate (struct Socks5Request *s5r)
       gnutls_x509_crt_deinit (x509_cert);
       return GNUNET_SYSERR;
     }
+    s5r->dane_data[s5r->num_danes] = NULL;
+    s5r->dane_data_len[s5r->num_danes] = 0;
     if (0 != (rc = dane_raw_tlsa (dane_state,
                                   &dane_query,
-                                  dd,
-                                  dlen,
+                                  s5r->dane_data,
+                                  s5r->dane_data_len,
                                   GNUNET_YES,
                                   GNUNET_NO)))
     {
@@ -3070,12 +3083,17 @@ handle_gns_result (void *cls,
                (ntohs (box->protocol) != IPPROTO_TCP) ||
                (ntohs (box->service) != s5r->port) )
             break; /* BOX record does not apply */
-          GNUNET_free_non_null (s5r->dane_data);
-          s5r->dane_data_len = r->data_size - sizeof (struct 
GNUNET_GNSRECORD_BoxRecord);
-          s5r->dane_data = GNUNET_malloc (s5r->dane_data_len);
-          GNUNET_memcpy (s5r->dane_data,
-                         &box[1],
-                         s5r->dane_data_len);
+         if (s5r->num_danes >= MAX_DANES)
+           {
+             GNUNET_break (0); /* MAX_DANES too small */
+             break;
+           }
+          s5r->dane_data_len[s5r->num_danes]
+           = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord);
+          s5r->dane_data[s5r->num_danes]
+           = GNUNET_memdup (&box[1],
+                            s5r->dane_data_len);
+         s5r->num_danes++;
           break;
         }
       default:
diff --git a/src/gns/test_gns_defaults.conf b/src/gns/test_gns_defaults.conf
index 19ba01ebb..80a2f3c44 100644
--- a/src/gns/test_gns_defaults.conf
+++ b/src/gns/test_gns_defaults.conf
@@ -20,3 +20,15 @@ PLUGINS = tcp
 [transport-tcp]
 BINDTO = 127.0.0.1
 
+
+[fs]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO
+
+[rps]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO
+
+[topology]
+IMMEDIATE_START = NO
+START_ON_DEMAND = NO

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [gnunet] branch master updated (748788145 -> 21eec1db5), gnunet, 2018/11/12
- [GNUnet-SVN] [gnunet] 01/02: fix etime setting in gnunet-namestore, gnunet, 2018/11/12
- [GNUnet-SVN] [gnunet] 02/02: trying to fix #5472, gnunet <=

Prev by Date: [GNUnet-SVN] [gnunet] 01/02: fix etime setting in gnunet-namestore
Next by Date: [GNUnet-SVN] [gnunet] branch master updated (748788145 -> 21eec1db5)
Previous by thread: [GNUnet-SVN] [gnunet] 01/02: fix etime setting in gnunet-namestore
Index(es):
- Date
- Thread