/*
* Handle connections.
*
- * Copyright (C) 2011 Simon Ruderich
+ * Copyright (C) 2011-2012 Simon Ruderich
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* certificate then just pass through the connection and let the client
* verify the server certificate. */
if (global_passthrough_unknown) {
- char path[1024];
+ char path[TLSPROXY_MAX_PATH_LENGTH];
FILE *file = NULL;
if (-2 == server_certificate_file(&file, host, path, sizeof(path))) {
gnutls_certificate_credentials_t *x509_cred) {
int result;
int use_invalid_cert;
- char path[1024];
+ char path[TLSPROXY_MAX_PATH_LENGTH];
/* The "invalid" hostname is special. If it's used we send an invalid
* certificate to let the client know something is wrong. */
- use_invalid_cert = 0 == strcmp(hostname, "invalid");
+ use_invalid_cert = (0 == strcmp(hostname, "invalid"));
if (0 != proxy_certificate_path(hostname, path, sizeof(path))) {
LOG(LOG_ERROR,
gnutls_certificate_free_credentials(*x509_cred);
return -1;
}
- gnutls_priority_set(*session, global_tls_priority_cache);
+ result = gnutls_priority_set(*session, global_tls_priority_cache);
if (GNUTLS_E_SUCCESS != result) {
LOG(LOG_ERROR,
"initialize_tls_session_server(): gnutls_priority_set(): %s",
return -2;
}
- while (NULL != fgets(buffer, MAX_REQUEST_LINE, client_fd)) {
+ while (NULL != fgets(buffer, sizeof(buffer), client_fd)) {
/* End of header. */
if (0 == strcmp(buffer, "\n") || 0 == strcmp(buffer, "\r\n")) {
break;