From 21eec1db5fa782ab36dbc250317dbe117bc52af8 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 12 Nov 2018 20:55:33 +0100 Subject: trying to fix #5472 --- src/cadet/test_cadet.conf | 4 ++++ src/gns/gnunet-gns-proxy.c | 48 +++++++++++++++++++++++++++++------------- src/gns/test_gns_defaults.conf | 12 +++++++++++ 3 files changed, 49 insertions(+), 15 deletions(-) (limited to 'src') diff --git a/src/cadet/test_cadet.conf b/src/cadet/test_cadet.conf index 5ad67fec2..30e496aff 100644 --- a/src/cadet/test_cadet.conf +++ b/src/cadet/test_cadet.conf @@ -98,3 +98,7 @@ START_ON_DEMAND = NO [topology] IMMEDIATE_START = NO START_ON_DEMAND = NO + +[rps] +IMMEDIATE_START = NO +START_ON_DEMAND = NO diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index a9013390e..e1997e215 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c @@ -58,6 +58,12 @@ */ #define MAX_HTTP_URI_LENGTH 2048 +/** + * Maximum number of DANE records we support + * per domain name (and port and protocol). + */ +#define MAX_DANES 32 + /** * Size of the buffer for the data upload / download. Must be * enough for curl, thus CURL_MAX_WRITE_SIZE is needed here (16k). @@ -543,9 +549,9 @@ struct Socks5Request char *leho; /** - * Payload of the (last) DANE record encountered. + * Payload of the DANE records encountered. */ - char *dane_data; + char *dane_data[MAX_DANES + 1]; /** * The URL to fetch @@ -575,7 +581,13 @@ struct Socks5Request /** * Number of bytes in @e dane_data. */ - size_t dane_data_len; + int dane_data_len[MAX_DANES + 1]; + + /** + * Number of entries used in @e dane_data_len + * and @e dane_data. + */ + unsigned int num_danes; /** * Number of bytes already in read buffer @@ -816,7 +828,8 @@ cleanup_s5r (struct Socks5Request *s5r) GNUNET_free_non_null (s5r->domain); GNUNET_free_non_null (s5r->leho); GNUNET_free_non_null (s5r->url); - GNUNET_free_non_null (s5r->dane_data); + for (unsigned int i=0;inum_danes;i++) + GNUNET_free (s5r->dane_data[i]); GNUNET_free (s5r); } @@ -989,10 +1002,8 @@ check_ssl_certificate (struct Socks5Request *s5r) } /* check for TLSA/DANE records */ #if HAVE_GNUTLS_DANE - if (NULL != s5r->dane_data) + if (0 != s5r->num_danes) { - char *dd[] = { s5r->dane_data, NULL }; - int dlen[] = { s5r->dane_data_len, 0}; dane_state_t dane_state; dane_query_t dane_query; unsigned int verify; @@ -1010,10 +1021,12 @@ check_ssl_certificate (struct Socks5Request *s5r) gnutls_x509_crt_deinit (x509_cert); return GNUNET_SYSERR; } + s5r->dane_data[s5r->num_danes] = NULL; + s5r->dane_data_len[s5r->num_danes] = 0; if (0 != (rc = dane_raw_tlsa (dane_state, &dane_query, - dd, - dlen, + s5r->dane_data, + s5r->dane_data_len, GNUNET_YES, GNUNET_NO))) { @@ -3070,12 +3083,17 @@ handle_gns_result (void *cls, (ntohs (box->protocol) != IPPROTO_TCP) || (ntohs (box->service) != s5r->port) ) break; /* BOX record does not apply */ - GNUNET_free_non_null (s5r->dane_data); - s5r->dane_data_len = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); - s5r->dane_data = GNUNET_malloc (s5r->dane_data_len); - GNUNET_memcpy (s5r->dane_data, - &box[1], - s5r->dane_data_len); + if (s5r->num_danes >= MAX_DANES) + { + GNUNET_break (0); /* MAX_DANES too small */ + break; + } + s5r->dane_data_len[s5r->num_danes] + = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); + s5r->dane_data[s5r->num_danes] + = GNUNET_memdup (&box[1], + s5r->dane_data_len); + s5r->num_danes++; break; } default: diff --git a/src/gns/test_gns_defaults.conf b/src/gns/test_gns_defaults.conf index 19ba01ebb..80a2f3c44 100644 --- a/src/gns/test_gns_defaults.conf +++ b/src/gns/test_gns_defaults.conf @@ -20,3 +20,15 @@ PLUGINS = tcp [transport-tcp] BINDTO = 127.0.0.1 + +[fs] +IMMEDIATE_START = NO +START_ON_DEMAND = NO + +[rps] +IMMEDIATE_START = NO +START_ON_DEMAND = NO + +[topology] +IMMEDIATE_START = NO +START_ON_DEMAND = NO -- cgit v1.2.3