From e7bc37918c917b4818df14ff3f310c5868520e54 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 4 Jun 2019 16:51:30 +0200 Subject: [PATCH] Don't use assert() for error handling It is excessively harsh in its output, and it can be completely compiled out which will give an incorrect behaviour. --- tcp.c | 49 +++++++++++++++++++++++++++++++++---------------- 1 file changed, 33 insertions(+), 16 deletions(-) diff --git a/tcp.c b/tcp.c index 3f8b112..1b16886 100644 --- a/tcp.c +++ b/tcp.c @@ -40,9 +40,6 @@ #include "ssl.h" #include "asn.h" - -#define CHECK(x) assert((x)>=0) - #ifdef _WIN32 #define socklen_t int #define TCP_CLOSE(_sck) closesocket(_sck) @@ -328,6 +325,17 @@ cert_verify_callback(gnutls_session_t session) return utils_cert_handle_exception(session, status, hostname_mismatch, g_last_server_name); } +static void +gnutls_fatal(const char *text, int status) +{ + logger(Core, Error, "%s: %s", text, gnutls_strerror(status)); + /* TODO: Lookup if exit(1) is just plain wrong, its used here to breakout of + fallback code path for connection, eg. if TLS fails, a retry with plain + RDP is made. + */ + exit(1); +} + /* Establish a SSL/TLS 1.0 connection */ RD_BOOL tcp_tls_connect(void) @@ -340,18 +348,33 @@ tcp_tls_connect(void) if (!g_ssl_initialized) { gnutls_global_init(); - CHECK(gnutls_init(&g_tls_session, GNUTLS_CLIENT)); + err = gnutls_init(&g_tls_session, GNUTLS_CLIENT); + if (err < 0) { + gnutls_fatal("Could not initialize GnuTLS", err); + } g_ssl_initialized = True; } /* It is recommended to use the default priorities */ - //CHECK(gnutls_set_default_priority(g_tls_session)); + //err = gnutls_set_default_priority(g_tls_session); // Use compatible priority to overcome key validation error // THIS IS TEMPORARY - CHECK(gnutls_priority_set_direct(g_tls_session, "NORMAL:%COMPAT", NULL)); - CHECK(gnutls_certificate_allocate_credentials(&xcred)); - CHECK(gnutls_credentials_set(g_tls_session, GNUTLS_CRD_CERTIFICATE, xcred)); - CHECK(gnutls_certificate_set_x509_system_trust(xcred)); + err = gnutls_priority_set_direct(g_tls_session, "NORMAL:%COMPAT", NULL); + if (err < 0) { + gnutls_fatal("Could not set GnuTLS priority setting", err); + } + err = gnutls_certificate_allocate_credentials(&xcred); + if (err < 0) { + gnutls_fatal("Could not allocate TLS certificate structure", err); + } + err = gnutls_credentials_set(g_tls_session, GNUTLS_CRD_CERTIFICATE, xcred); + if (err < 0) { + gnutls_fatal("Could not set TLS certificate structure", err); + } + err = gnutls_certificate_set_x509_system_trust(xcred); + if (err < 0) { + gnutls_fatal("Could not load system trust database", err); + } gnutls_certificate_set_verify_function(xcred, cert_verify_callback); gnutls_transport_set_int(g_tls_session, g_sock); gnutls_handshake_set_timeout(g_tls_session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); @@ -366,13 +389,7 @@ tcp_tls_connect(void) if (err == GNUTLS_E_CERTIFICATE_ERROR) { - logger(Core, Error, "%s(): Certificate error during TLS handshake", __func__); - - /* TODO: Lookup if exit(1) is just plain wrong, its used here to breakout of - fallback code path for connection, eg. if TLS fails, a retry with plain - RDP is made. - */ - exit(1); + gnutls_fatal("Certificate error during TLS handshake", err); } /* Handshake failed with unknown error, lets log */