wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix issue with failed TCP connect using invalid socket file descriptor on close. Fixes #2936

Browse Source
This commit is contained in:
David Garske
2020-05-01 07:32:00 -07:00
parent e9b433a998
commit 31502ec3f9
2 changed files with 25 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/wolfio.c
View File

@ -779,6 +779,10 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
SOCKADDR_IN *sin; SOCKADDR_IN *sin;
#endif #endif
if (sockfd == NULL || ip == NULL) {
return -1;
}
XMEMSET(&addr, 0, sizeof(addr)); XMEMSET(&addr, 0, sizeof(addr));
#ifdef WOLFIO_DEBUG #ifdef WOLFIO_DEBUG
@ -821,18 +825,15 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
#endif #endif
*sockfd = (SOCKET_T)socket(addr.ss_family, SOCK_STREAM, 0); *sockfd = (SOCKET_T)socket(addr.ss_family, SOCK_STREAM, 0);
#ifdef USE_WINDOWS_API #ifdef USE_WINDOWS_API
if (*sockfd == INVALID_SOCKET) { if (*sockfd == SOCKET_INVALID)
#else
if (*sockfd <= SOCKET_INVALID)
#endif
{
WOLFSSL_MSG("bad socket fd, out of fds?"); WOLFSSL_MSG("bad socket fd, out of fds?");
return -1; return -1;
} }
#else
if (*sockfd < 0) {
WOLFSSL_MSG("bad socket fd, out of fds?");
return -1;
}
#endif
#ifdef HAVE_IO_TIMEOUT #ifdef HAVE_IO_TIMEOUT
/* if timeout value provided then set socket non-blocking */ /* if timeout value provided then set socket non-blocking */
@ -857,6 +858,8 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
#endif #endif
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG("Responder tcp connect failed"); WOLFSSL_MSG("Responder tcp connect failed");
CloseSocket(*sockfd);
*sockfd = SOCKET_INVALID;
return -1; return -1;
} }
return ret; return ret;
@ -1338,7 +1341,7 @@ int wolfIO_HttpProcessResponseOcsp(int sfd, byte** respBuf,
int EmbedOcspLookup(void* ctx, const char* url, int urlSz, int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf) byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{ {
SOCKET_T sfd = 0; SOCKET_T sfd = SOCKET_INVALID;
word16 port; word16 port;
int ret = -1; int ret = -1;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@ -1385,7 +1388,7 @@ int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
httpBuf, httpBufSz); httpBuf, httpBufSz);
ret = wolfIO_TcpConnect(&sfd, domainName, port, io_timeout_sec); ret = wolfIO_TcpConnect(&sfd, domainName, port, io_timeout_sec);
if ((ret != 0) || ((int)sfd < 0)) { if (ret != 0) {
WOLFSSL_MSG("OCSP Responder connection failed"); WOLFSSL_MSG("OCSP Responder connection failed");
} }
else if (wolfIO_Send(sfd, (char*)httpBuf, httpBufSz, 0) != else if (wolfIO_Send(sfd, (char*)httpBuf, httpBufSz, 0) !=
@ -1400,8 +1403,8 @@ int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
ret = wolfIO_HttpProcessResponseOcsp(sfd, ocspRespBuf, httpBuf, ret = wolfIO_HttpProcessResponseOcsp(sfd, ocspRespBuf, httpBuf,
HTTP_SCRATCH_BUFFER_SIZE, ctx); HTTP_SCRATCH_BUFFER_SIZE, ctx);
} }
if (sfd != SOCKET_INVALID)
CloseSocket(sfd); CloseSocket(sfd);
XFREE(httpBuf, ctx, DYNAMIC_TYPE_OCSP); XFREE(httpBuf, ctx, DYNAMIC_TYPE_OCSP);
} }
} }
@ -1459,7 +1462,7 @@ int wolfIO_HttpProcessResponseCrl(WOLFSSL_CRL* crl, int sfd, byte* httpBuf,
int EmbedCrlLookup(WOLFSSL_CRL* crl, const char* url, int urlSz) int EmbedCrlLookup(WOLFSSL_CRL* crl, const char* url, int urlSz)
{ {
SOCKET_T sfd = 0; SOCKET_T sfd = SOCKET_INVALID;
word16 port; word16 port;
int ret = -1; int ret = -1;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@ -1491,7 +1494,7 @@ int EmbedCrlLookup(WOLFSSL_CRL* crl, const char* url, int urlSz)
httpBuf, httpBufSz); httpBuf, httpBufSz);
ret = wolfIO_TcpConnect(&sfd, domainName, port, io_timeout_sec); ret = wolfIO_TcpConnect(&sfd, domainName, port, io_timeout_sec);
if ((ret != 0) || (sfd < 0)) { if (ret != 0) {
WOLFSSL_MSG("CRL connection failed"); WOLFSSL_MSG("CRL connection failed");
} }
else if (wolfIO_Send(sfd, (char*)httpBuf, httpBufSz, 0) else if (wolfIO_Send(sfd, (char*)httpBuf, httpBufSz, 0)
@ -1502,8 +1505,8 @@ int EmbedCrlLookup(WOLFSSL_CRL* crl, const char* url, int urlSz)
ret = wolfIO_HttpProcessResponseCrl(crl, sfd, httpBuf, ret = wolfIO_HttpProcessResponseCrl(crl, sfd, httpBuf,
HTTP_SCRATCH_BUFFER_SIZE); HTTP_SCRATCH_BUFFER_SIZE);
} }
if (sfd != SOCKET_INVALID)
CloseSocket(sfd); CloseSocket(sfd);
XFREE(httpBuf, crl->heap, DYNAMIC_TYPE_CRL); XFREE(httpBuf, crl->heap, DYNAMIC_TYPE_CRL);
} }
} }

6
wolfssl/wolfio.h
View File

@ -303,8 +303,14 @@
#ifdef USE_WINDOWS_API #ifdef USE_WINDOWS_API
typedef unsigned int SOCKET_T; typedef unsigned int SOCKET_T;
#ifndef SOCKET_INVALID
#define SOCKET_INVALID INVALID_SOCKET
#endif
#else #else
typedef int SOCKET_T; typedef int SOCKET_T;
#ifndef SOCKET_INVALID
#define SOCKET_INVALID -1
#endif
#endif #endif
#ifndef WOLFSSL_NO_SOCK #ifndef WOLFSSL_NO_SOCK