kenmirrors/freeswitch
1
0
Fork 0
mirror of https://github.com/signalwire/freeswitch.git synced 2025-06-27 03:37:50 +00:00
Code Issues Projects Releases Wiki Activity

FS-10150: [freeswitch-core] Reduce writes to closed ssl sockets #resolve

Browse Source 
Conflicts:
	libs/libks/src/kws.c
	libs/sofia-sip/.update
This commit is contained in:
Anthony Minessale 2017-03-17 13:47:35 -05:00 committed by Mike Jerris
parent 46b518d57a
commit 9844d1887b
3 changed files with 90 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libs/sofia-sip/.update
View File

@ -1 +1 @@
Thu Feb 9 17:36:33 CST 2017 Mon Mar 20 17:03:26 CDT 2017

34
libs/sofia-sip/libsofia-sip-ua/tport/ws.c
View File

@ -107,13 +107,13 @@ void init_ssl(void) {
assert(ws_globals.ssl_ctx); assert(ws_globals.ssl_ctx);
/* Disable SSLv2 */ /* Disable SSLv2 */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_SSLv2);
/* Disable SSLv3 */ /* Disable SSLv3 */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_SSLv3); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_SSLv3);
/* Disable TLSv1 */ /* Disable TLSv1 */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_TLSv1); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_TLSv1);
/* Disable Compression CRIME (Compression Ratio Info-leak Made Easy) */ /* Disable Compression CRIME (Compression Ratio Info-leak Made Easy) */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_COMPRESSION); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_COMPRESSION);
/* set the local certificate from CertFile */ /* set the local certificate from CertFile */
SSL_CTX_use_certificate_file(ws_globals.ssl_ctx, ws_globals.cert, SSL_FILETYPE_PEM); SSL_CTX_use_certificate_file(ws_globals.ssl_ctx, ws_globals.cert, SSL_FILETYPE_PEM);
/* set the private key from KeyFile */ /* set the private key from KeyFile */
@ -269,7 +269,7 @@ int ws_handshake(wsh_t *wsh)
} }
} }
if (bytes > wsh->buflen -1) { if (bytes < 0 || bytes > wsh->buflen -1) {
goto err; goto err;
} }
@ -328,11 +328,13 @@ int ws_handshake(wsh_t *wsh)
if (!wsh->stay_open) { if (!wsh->stay_open) {
if (bytes > 0) {
snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n" snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n"
"Sec-WebSocket-Version: 13\r\n\r\n"); "Sec-WebSocket-Version: 13\r\n\r\n");
respond[511] = 0; respond[511] = 0;
ws_raw_write(wsh, respond, strlen(respond)); ws_raw_write(wsh, respond, strlen(respond));
}
ws_close(wsh, WS_NONE); ws_close(wsh, WS_NONE);
} }
@ -748,20 +750,22 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
} }
if (!wsh->handshake) { if (!wsh->handshake) {
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) { if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) {
if (wsh->datalen == -2) { if (wsh->datalen == -2) {
return -2; return -2;
} }
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if (wsh->datalen < need) { if (wsh->datalen < need) {
if ((wsh->datalen += ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK)) < need) { ssize_t bytes = ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK);
if (bytes < 0 || (wsh->datalen += bytes) < need) {
/* too small - protocol err */ /* too small - protocol err */
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
@ -797,7 +801,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
@ -817,9 +821,9 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK); more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK);
if (more < need - wsh->datalen) { if (more < 0 || more < need - wsh->datalen) {
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} else { } else {
wsh->datalen += more; wsh->datalen += more;
} }
@ -838,7 +842,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
u16 = (uint16_t *) wsh->payload; u16 = (uint16_t *) wsh->payload;
@ -856,7 +860,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need < 0) { if (need < 0) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
blen = wsh->body - wsh->bbuffer; blen = wsh->body - wsh->bbuffer;
@ -887,7 +891,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (r < 1) { if (r < 1) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
wsh->datalen += r; wsh->datalen += r;

26
src/mod/endpoints/mod_verto/ws.c
View File

@ -269,7 +269,7 @@ int ws_handshake(wsh_t *wsh)
} }
} }
if (bytes > wsh->buflen -1) { if (bytes < 0 || bytes > wsh->buflen -1) {
goto err; goto err;
} }
@ -328,11 +328,13 @@ int ws_handshake(wsh_t *wsh)
if (!wsh->stay_open) { if (!wsh->stay_open) {
if (bytes > 0) {
snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n" snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n"
"Sec-WebSocket-Version: 13\r\n\r\n"); "Sec-WebSocket-Version: 13\r\n\r\n");
respond[511] = 0; respond[511] = 0;
ws_raw_write(wsh, respond, strlen(respond)); ws_raw_write(wsh, respond, strlen(respond));
}
ws_close(wsh, WS_NONE); ws_close(wsh, WS_NONE);
} }
@ -748,20 +750,22 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
} }
if (!wsh->handshake) { if (!wsh->handshake) {
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) { if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) {
if (wsh->datalen == -2) { if (wsh->datalen == -2) {
return -2; return -2;
} }
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if (wsh->datalen < need) { if (wsh->datalen < need) {
if ((wsh->datalen += ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK)) < need) { ssize_t bytes = ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK);
if (bytes < 0 || (wsh->datalen += bytes) < need) {
/* too small - protocol err */ /* too small - protocol err */
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
@ -797,7 +801,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
@ -817,9 +821,9 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK); more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK);
if (more < need - wsh->datalen) { if (more < 0 || more < need - wsh->datalen) {
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} else { } else {
wsh->datalen += more; wsh->datalen += more;
} }
@ -838,7 +842,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
u16 = (uint16_t *) wsh->payload; u16 = (uint16_t *) wsh->payload;
@ -856,7 +860,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need < 0) { if (need < 0) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
blen = wsh->body - wsh->bbuffer; blen = wsh->body - wsh->bbuffer;
@ -887,7 +891,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (r < 1) { if (r < 1) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
wsh->datalen += r; wsh->datalen += r;