X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=src%2Fconnection.c;h=82b13bf0d04f5a316968bb18577378a2d47f8c47;hb=772b48529c4ed7b7e81846c3b56075aaf97e9ea6;hp=f608339f8014ba0427f515c36a14f1d29a51e894;hpb=1d507eaf013fdffb6c17f0f02f6ee9a91d44aa62;p=tlsproxy%2Ftlsproxy.git diff --git a/src/connection.c b/src/connection.c index f608339..82b13bf 100644 --- a/src/connection.c +++ b/src/connection.c @@ -85,7 +85,7 @@ void handle_connection(int client_socket) { char host[MAX_REQUEST_LINE]; char port[5 + 1]; - int version_minor; /* HTTP/1.x */ + int version_minor; /* x in HTTP/1.x */ int result; /* client_x509_cred is used when talking to the client (acting as a TSL @@ -122,11 +122,9 @@ void handle_connection(int client_socket) { /* Read request line (CONNECT ..) and headers (they are discarded). */ result = read_http_request(client_fd, buffer, sizeof(buffer)); if (result == -1) { - /* Read error. */ LOG(LOG_WARNING, "read_http_request(): client read error"); goto out; } else if (result == -2) { - /* EOF */ LOG(LOG_WARNING, "read_http_request(): client EOF"); send_bad_request(client_fd); goto out; @@ -166,16 +164,15 @@ void handle_connection(int client_socket) { if (global_proxy_host != NULL && global_proxy_port != NULL) { fprintf(server_fd, "CONNECT %s:%s HTTP/1.0\r\n", host, port); fprintf(server_fd, "\r\n"); + fflush(server_fd); /* Read response line from proxy server. */ result = read_http_request(server_fd, buffer, sizeof(buffer)); if (result == -1) { - /* Read error. */ LOG(LOG_WARNING, "read_http_request(): proxy read error"); send_forwarding_failure(client_fd); goto out; } else if (result == -2) { - /* EOF */ LOG(LOG_WARNING, "read_http_request(): proxy EOF"); send_forwarding_failure(client_fd); goto out; @@ -247,7 +244,7 @@ void handle_connection(int client_socket) { /* Make sure the server certificate is valid and known. */ if (verify_tls_connection(server_session, host) != 0) { LOG(LOG_ERROR, "server certificate validation failed!"); - /* We send the error message over our TLS connection to the client, + /* We'll send the error message over our TLS connection to the client, * but with an invalid certificate. No data is transfered from/to the * target server. */ validation_failed = 1; @@ -504,7 +501,7 @@ static int read_http_request(FILE *client_fd, char *request, size_t length) { LOG_PERROR(LOG_WARNING, "read_http_request(): fgets()"); return -1; } - + /* EOF */ return -2; } @@ -528,6 +525,7 @@ static void send_bad_request(FILE *client_fd) { fprintf(client_fd, HTTP_RESPONSE_FORMAT, RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_MSG); + fflush(client_fd); #undef RESPONSE_ERROR #undef RESPONSE_MSG } @@ -537,6 +535,7 @@ static void send_forwarding_failure(FILE *client_fd) { fprintf(client_fd, HTTP_RESPONSE_FORMAT, RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_MSG); + fflush(client_fd); #undef RESPONSE_ERROR #undef RESPONSE_MSG } @@ -584,7 +583,7 @@ static void transfer_data(int client, int server) { fds[1].revents = 0; for (;;) { - int result = poll(fds, 2, -1 /* no timeout */); + int result = poll(fds, 2 /* fd count */, -1 /* no timeout */); if (result < 0) { LOG_PERROR(LOG_ERROR, "transfer_data(): poll()"); return; @@ -629,9 +628,8 @@ static int read_from_write_to(int from, int to) { if (size_read < 0) { LOG_PERROR(LOG_WARNING, "read_from_write_to(): read()"); return -1; - } /* EOF */ - if (size_read == 0) { + } else if (size_read == 0) { return -1; } @@ -673,7 +671,7 @@ static void transfer_data_tls(int client, int server, (long int)buffer_size); for (;;) { - int result = poll(fds, 2, -1 /* no timeout */); + int result = poll(fds, 2 /* fd count */, -1 /* no timeout */); if (result < 0) { LOG_PERROR(LOG_ERROR, "transfer_data(): poll()"); return; @@ -726,9 +724,8 @@ static int read_from_write_to_tls(gnutls_session_t from, LOG(LOG_WARNING, "read_from_write_to_tls(): gnutls_record_recv(): %s", gnutls_strerror((int)size_read)); return -1; - } /* EOF */ - if (size_read == 0) { + } else if (size_read == 0) { return -1; }