X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=src%2Fconnection.c;h=08a72809a2f30c308f6e9e3fc4b7acd3575e48ad;hb=34d5e8a98501f972dbfeb990cf0b96fdd77f0bac;hp=7f2071a7975340737e68acdd06237ae759e4d5ca;hpb=8b2ed4a58229f9b377f3a4ae74af36c31c5db1c0;p=tlsproxy%2Ftlsproxy.git diff --git a/src/connection.c b/src/connection.c index 7f2071a..08a7280 100644 --- a/src/connection.c +++ b/src/connection.c @@ -21,6 +21,7 @@ #include "connection.h" #include "verify.h" +#include #include #include #include @@ -35,11 +36,11 @@ /* Format string used to send HTTP/1.0 error responses to the client. * - * %s is used 4 times, first three are the error code (no %n$s!), the last is - * the message. */ + * %s is used 5 times, first is the error code, then additional headers, next + * two are the error code (no %n$s!), the last is the message. */ #define HTTP_RESPONSE_FORMAT "HTTP/1.0 %s\r\n\ Content-Type: text/html; charset=US-ASCII\r\n\ -\r\n\ +%s\r\n\ \n\ \n\ %s\n\ @@ -545,54 +546,30 @@ static int read_http_request(FILE *client_fd, char *request, size_t length) { } static void send_bad_request(FILE *client_fd) { -#define RESPONSE_ERROR "400 Bad Request" -#define RESPONSE_MSG "Your browser sent an invalid request." - fprintf(client_fd, HTTP_RESPONSE_FORMAT, - RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_ERROR, - RESPONSE_MSG); + const char error[] = "400 Bad Request"; + const char msg[] = "Your browser sent an invalid request."; + fprintf(client_fd, HTTP_RESPONSE_FORMAT, error, "", error, error, msg); fflush(client_fd); -#undef RESPONSE_ERROR -#undef RESPONSE_MSG } static void send_forwarding_failure(FILE *client_fd) { -#define RESPONSE_ERROR "503 Forwarding failure" -#define RESPONSE_MSG "Failed to connect to server, check logs." - fprintf(client_fd, HTTP_RESPONSE_FORMAT, - RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_ERROR, - RESPONSE_MSG); + const char error[] = "503 Forwarding failure"; + const char msg[] = "Failed to connect to server, check logs."; + fprintf(client_fd, HTTP_RESPONSE_FORMAT, error, "", error, error, msg); fflush(client_fd); -#undef RESPONSE_ERROR -#undef RESPONSE_MSG } static void tls_send_invalid_cert_message(gnutls_session_t session) { -#define RESPONSE_ERROR "500 Internal Server Error" -#define RESPONSE_MSG "Server certificate validation failed, check logs." + const char error[] = "500 Internal Server Error"; + const char msg[] = "Server certificate validation failed, check logs."; int result; - char buffer[sizeof(HTTP_RESPONSE_FORMAT) - 1 /* '\0' */ - - 4 * 2 /* four %s */ - + (sizeof(RESPONSE_ERROR) - 1 /* '\0' */) * 3 - + sizeof(RESPONSE_MSG) - 1 /* '\0' */ - + 1 /* '\0' */]; - - result = snprintf(buffer, sizeof(buffer), - HTTP_RESPONSE_FORMAT, - RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_ERROR, - RESPONSE_MSG); - if (result < 0) { - LOG_PERROR(ERROR, - "tls_send_invalid_cert_message(): snprintf failed"); - return; - } else if ((size_t)result >= sizeof(buffer)) { - LOG(ERROR, - "tls_send_invalid_cert_message(): snprintf buffer too short"); - return; - } + char buffer[sizeof(HTTP_RESPONSE_FORMAT) + + 3 * sizeof(error) + sizeof(msg)]; + + result = snprintf(buffer, sizeof(buffer), HTTP_RESPONSE_FORMAT, + error, "", error, error, msg); + assert(result > 0 && (size_t)result < sizeof(buffer)); - gnutls_record_send(session, buffer, sizeof(buffer) - 1); - /* don't send trailing '\0' */ -#undef RESPONSE_ERROR -#undef RESPONSE_MSG + gnutls_record_send(session, buffer, strlen(buffer)); }