Package: webfs / 1.21+ds1-12

60_error_trapping.diff Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
Description: Implement a few critical preventive error checks.
 The error trapping is insufficient in the original source.
 .
 The patch prepares for implementing such trapping, and also
 improves two conditionals which only with later changes will
 actually matter, but for now are non-intrusive.
Author: Mats Erik Andersson <debian@gisladisker.se>
Forwarded: no
Last-Update: 2010-03-15
--- webfs-1.21/httpd.h.debian
+++ webfs-1.21/httpd.h
@@ -193,8 +193,8 @@ static void inline close_on_exec(int fd)
 extern int ssl_read(struct REQUEST *req, char *buf, int len);
 extern int ssl_write(struct REQUEST *req, char *buf, int len);
 extern int ssl_blk_write(struct REQUEST *req, int offset, int len);
-extern void init_ssl(void);
-extern void open_ssl_session(struct REQUEST *req);
+extern int init_ssl(void);
+extern int open_ssl_session(struct REQUEST *req);
 #endif
 
 /* --- request.c ------------------------------------------------ */
--- webfs-1.21/webfsd.c.debian
+++ webfs-1.21/webfsd.c
@@ -470,17 +470,22 @@ mainloop(void *thread_arg)
 		    if (with_ssl)
 			open_ssl_session(req);
 #endif
-		    length = sizeof(req->peer);
-		    if (-1 == getpeername(req->fd,(struct sockaddr*)&(req->peer),&length)) {
-			xperror(LOG_WARNING,"getpeername",NULL);
-			req->state = STATE_CLOSE;
+		    /* Make sure the request has not been cancelled!
+		     * Otherwise just ignore it. */
+		    if (req) {
+			length = sizeof(req->peer);
+			if (-1 == getpeername(req->fd,(struct sockaddr*)&(req->peer),&length)) {
+			    xperror(LOG_WARNING,"getpeername",NULL);
+			    req->state = STATE_CLOSE;
+			}
+			getnameinfo((struct sockaddr*)&req->peer, length,
+					req->peerhost, MAX_HOST,
+					req->peerserv, MAX_MISC,
+					NI_NUMERICHOST | NI_NUMERICSERV);
+			if (debug)
+			    fprintf(stderr,"%03d: connect from (%s)\n",
+					req->fd,req->peerhost);
 		    }
-		    getnameinfo((struct sockaddr*)&req->peer,length,
-				req->peerhost,64,req->peerserv,8,
-				NI_NUMERICHOST | NI_NUMERICSERV);
-		    if (debug)
-			fprintf(stderr,"%03d: connect from (%s)\n",
-				req->fd,req->peerhost);
 		}
 	    }
 	}
@@ -535,7 +540,9 @@ mainloop(void *thread_arg)
 			fprintf(stderr,"%03d: keepalive timeout\n",req->fd);
 		    req->state = STATE_CLOSE;
 		}
-	    } else {
+	    /* Make sure the last action happens with an active state.
+	     * Only positive state values are defined. */
+	    } else if (req->state > 0) {
 		if (now > req->ping + timeout) {
 		    if (req->state == STATE_READ_HEADER) {
 			mkerror(req,408,0);
--- webfs-1.21/ssl.c.debian
+++ webfs-1.21/ssl.c
@@ -97,7 +97,7 @@ static int password_cb(char *buf, int nu
     return(strlen(buf));
 }
 
-void init_ssl(void)
+int init_ssl(void)
 {
     int rc;
 
@@ -136,9 +136,10 @@ void init_ssl(void)
     }
 
     SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
+    return rc;
 }
 
-void open_ssl_session(struct REQUEST *req)
+int open_ssl_session(struct REQUEST *req)
 {
     DO_LOCK(lock_ssl);
     req->ssl_s = SSL_new(ctx);
@@ -152,4 +153,5 @@ void open_ssl_session(struct REQUEST *re
     SSL_set_accept_state(req->ssl_s);
     SSL_set_read_ahead(req->ssl_s, 0); /* to prevent unwanted buffering in ssl layer */
     DO_UNLOCK(lock_ssl);
+    return 0;
 }