From 4ea7d0180388e5c55f317dbd3e8e511dd2c55187 Mon Sep 17 00:00:00 2001 From: evoskuil Date: Thu, 30 Mar 2017 13:46:00 -0700 Subject: [PATCH] Problem: send_failure() util name undergeneralized (for read success). --- src/curve_server.cpp | 30 +++++++++++++++--------------- src/gssapi_server.cpp | 30 +++++++++++++++--------------- src/msg.hpp | 14 ++++++++------ src/null_mechanism.cpp | 28 ++++++++++++++-------------- src/plain_server.cpp | 32 ++++++++++++++++---------------- 5 files changed, 68 insertions(+), 66 deletions(-) diff --git a/src/curve_server.cpp b/src/curve_server.cpp index c8888a8c..77a56c72 100644 --- a/src/curve_server.cpp +++ b/src/curve_server.cpp @@ -580,7 +580,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Version frame rc = msg.init_size (3); @@ -589,7 +589,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Request ID frame rc = msg.init_size (1); @@ -598,7 +598,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Domain frame rc = msg.init_size (options.zap_domain.length ()); @@ -607,7 +607,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Address frame rc = msg.init_size (peer_address.length ()); @@ -616,7 +616,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Identity frame rc = msg.init_size (options.identity_size); @@ -625,7 +625,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Mechanism frame rc = msg.init_size (5); @@ -634,7 +634,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Credentials frame rc = msg.init_size (crypto_box_PUBLICKEYBYTES); @@ -642,7 +642,7 @@ int zmq::curve_server_t::send_zap_request (const uint8_t *key) memcpy (msg.data (), key, crypto_box_PUBLICKEYBYTES); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); return 0; } @@ -661,12 +661,12 @@ int zmq::curve_server_t::receive_and_process_zap_reply () for (int i = 0; i < 7; i++) { rc = session->read_zap_msg (&msg [i]); if (rc == -1) - return send_failure (msg); + return close_and_return (msg, -1); if ((msg [i].flags () & msg_t::more) == (i < 6? 0: msg_t::more)) { // Temporary support for security debugging puts ("CURVE I: ZAP handler sent incomplete reply message"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } } @@ -675,7 +675,7 @@ int zmq::curve_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("CURVE I: ZAP handler sent malformed reply message"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Version frame @@ -683,7 +683,7 @@ int zmq::curve_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("CURVE I: ZAP handler sent bad version number"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Request id frame @@ -691,7 +691,7 @@ int zmq::curve_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("CURVE I: ZAP handler sent bad request ID"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Status code frame @@ -699,7 +699,7 @@ int zmq::curve_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("CURVE I: ZAP handler rejected client authentication"); errno = EACCES; - return send_failure (msg); + return close_and_return (msg, -1); } // Save status code @@ -713,7 +713,7 @@ int zmq::curve_server_t::receive_and_process_zap_reply () msg [6].size (), true); if (rc != 0) - return send_failure (msg); + return close_and_return (msg, -1); // Close all reply frames for (int i = 0; i < 7; i++) { diff --git a/src/gssapi_server.cpp b/src/gssapi_server.cpp index dfa6685c..a7b90b74 100644 --- a/src/gssapi_server.cpp +++ b/src/gssapi_server.cpp @@ -161,7 +161,7 @@ int zmq::gssapi_server_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Version frame rc = msg.init_size (3); @@ -170,7 +170,7 @@ int zmq::gssapi_server_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Request ID frame rc = msg.init_size (1); @@ -179,7 +179,7 @@ int zmq::gssapi_server_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Domain frame rc = msg.init_size (options.zap_domain.length ()); @@ -188,7 +188,7 @@ int zmq::gssapi_server_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Address frame rc = msg.init_size (peer_address.length ()); @@ -197,7 +197,7 @@ int zmq::gssapi_server_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Identity frame rc = msg.init_size (options.identity_size); @@ -206,7 +206,7 @@ int zmq::gssapi_server_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Mechanism frame rc = msg.init_size (6); @@ -215,7 +215,7 @@ int zmq::gssapi_server_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Principal frame gss_buffer_desc principal; @@ -227,7 +227,7 @@ int zmq::gssapi_server_t::send_zap_request () rc = session->write_zap_msg (&msg); gss_release_buffer(&min_stat, &principal); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); return 0; } @@ -246,35 +246,35 @@ int zmq::gssapi_server_t::receive_and_process_zap_reply () for (int i = 0; i < 7; i++) { rc = session->read_zap_msg (&msg [i]); if (rc == -1) - return send_failure (msg); + return close_and_return (msg, -1); if ((msg [i].flags () & msg_t::more) == (i < 6? 0: msg_t::more)) { errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } } // Address delimiter frame if (msg [0].size () > 0) { errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Version frame if (msg [1].size () != 3 || memcmp (msg [1].data (), "1.0", 3)) { errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Request id frame if (msg [2].size () != 1 || memcmp (msg [2].data (), "1", 1)) { errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Status code frame if (msg [3].size () != 3 || memcmp (msg [3].data (), "200", 3)) { errno = EACCES; - return send_failure (msg); + return close_and_return (msg, -1); } // Save user id @@ -285,7 +285,7 @@ int zmq::gssapi_server_t::receive_and_process_zap_reply () msg [6].size (), true); if (rc != 0) - return send_failure (msg); + return close_and_return (msg, -1); // Close all reply frames for (int i = 0; i < 7; i++) { diff --git a/src/msg.hpp b/src/msg.hpp index ec567587..1da6466d 100644 --- a/src/msg.hpp +++ b/src/msg.hpp @@ -247,19 +247,21 @@ namespace zmq } u; }; - inline int send_failure (zmq::msg_t *msg) + inline int close_and_return (zmq::msg_t *msg, int echo) { + // Since we abort on close failure we preserve errno for success case. + int err = errno; const int rc = msg->close (); errno_assert (rc == 0); - return -1; + errno = err; + return echo; } - inline int send_failure (zmq::msg_t msg[], int count) + inline int close_and_return (zmq::msg_t msg [], int count, int echo) { for (int i = 0; i < count; i++) - send_failure (&msg [i]); - - return -1; + close_and_return (&msg [i], 0); + return echo; } } diff --git a/src/null_mechanism.cpp b/src/null_mechanism.cpp index 57ef4217..f9f73e76 100644 --- a/src/null_mechanism.cpp +++ b/src/null_mechanism.cpp @@ -225,7 +225,7 @@ int zmq::null_mechanism_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Version frame rc = msg.init_size (3); @@ -234,7 +234,7 @@ int zmq::null_mechanism_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Request id frame rc = msg.init_size (1); @@ -243,7 +243,7 @@ int zmq::null_mechanism_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Domain frame rc = msg.init_size (options.zap_domain.length ()); @@ -252,7 +252,7 @@ int zmq::null_mechanism_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Address frame rc = msg.init_size (peer_address.length ()); @@ -261,7 +261,7 @@ int zmq::null_mechanism_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Identity frame rc = msg.init_size (options.identity_size); @@ -270,7 +270,7 @@ int zmq::null_mechanism_t::send_zap_request () msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Mechanism frame rc = msg.init_size (4); @@ -278,7 +278,7 @@ int zmq::null_mechanism_t::send_zap_request () memcpy (msg.data (), "NULL", 4); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); return 0; } @@ -297,12 +297,12 @@ int zmq::null_mechanism_t::receive_and_process_zap_reply () for (int i = 0; i < 7; i++) { rc = session->read_zap_msg (&msg [i]); if (rc == -1) - return send_failure (msg); + return close_and_return (msg, -1); if ((msg [i].flags () & msg_t::more) == (i < 6? 0: msg_t::more)) { // Temporary support for security debugging puts ("NULL I: ZAP handler sent incomplete reply message"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } } @@ -311,7 +311,7 @@ int zmq::null_mechanism_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("NULL I: ZAP handler sent malformed reply message"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Version frame @@ -319,7 +319,7 @@ int zmq::null_mechanism_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("NULL I: ZAP handler sent bad version number"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Request id frame @@ -327,7 +327,7 @@ int zmq::null_mechanism_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("NULL I: ZAP handler sent bad request ID"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Status code frame @@ -335,7 +335,7 @@ int zmq::null_mechanism_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("NULL I: ZAP handler rejected client authentication"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Save status code @@ -349,7 +349,7 @@ int zmq::null_mechanism_t::receive_and_process_zap_reply () msg [6].size (), true); if (rc != 0) - return send_failure (msg); + return close_and_return (msg, -1); // Close all reply frames for (int i = 0; i < 7; i++) { diff --git a/src/plain_server.cpp b/src/plain_server.cpp index cb2caa7d..4d946b56 100644 --- a/src/plain_server.cpp +++ b/src/plain_server.cpp @@ -289,7 +289,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Version frame rc = msg.init_size (3); @@ -298,7 +298,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Request id frame rc = msg.init_size (1); @@ -307,7 +307,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Domain frame rc = msg.init_size (options.zap_domain.length ()); @@ -316,7 +316,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Address frame rc = msg.init_size (peer_address.length ()); @@ -325,7 +325,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Identity frame rc = msg.init_size (options.identity_size); @@ -334,7 +334,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Mechanism frame rc = msg.init_size (5); @@ -343,7 +343,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Username frame rc = msg.init_size (username.length ()); @@ -352,7 +352,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, msg.set_flags (msg_t::more); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); // Password frame rc = msg.init_size (password.length ()); @@ -360,7 +360,7 @@ int zmq::plain_server_t::send_zap_request (const std::string &username, memcpy (msg.data (), password.c_str (), password.length ()); rc = session->write_zap_msg (&msg); if (rc != 0) - return send_failure (&msg); + return close_and_return (&msg, -1); return 0; } @@ -379,12 +379,12 @@ int zmq::plain_server_t::receive_and_process_zap_reply () for (int i = 0; i < 7; i++) { rc = session->read_zap_msg (&msg [i]); if (rc == -1) - return send_failure (msg); + return close_and_return (msg, -1); if ((msg [i].flags () & msg_t::more) == (i < 6? 0: msg_t::more)) { // Temporary support for security debugging puts ("PLAIN I: ZAP handler sent incomplete reply message"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } } @@ -393,7 +393,7 @@ int zmq::plain_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("PLAIN I: ZAP handler sent malformed reply message"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Version frame @@ -401,7 +401,7 @@ int zmq::plain_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("PLAIN I: ZAP handler sent bad version number"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Request id frame @@ -409,7 +409,7 @@ int zmq::plain_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("PLAIN I: ZAP handler sent bad request ID"); errno = EPROTO; - return send_failure (msg); + return close_and_return (msg, -1); } // Status code frame @@ -417,7 +417,7 @@ int zmq::plain_server_t::receive_and_process_zap_reply () // Temporary support for security debugging puts ("PLAIN I: ZAP handler rejected client authentication"); errno = EACCES; - return send_failure (msg); + return close_and_return (msg, -1); } // Save status code @@ -431,7 +431,7 @@ int zmq::plain_server_t::receive_and_process_zap_reply () msg [6].size (), true); if (rc != 0) - return send_failure (msg); + return close_and_return (msg, -1); // Close all reply frames for (int i = 0; i < 7; i++) {