Skip to content

Commit

Permalink
rework checks and add some missing checks
Browse files Browse the repository at this point in the history
  • Loading branch information
@radkesvat
radkesvat committed May 26, 2024
1 parent 379855a commit 0745776
Show file tree
Hide file tree
Showing 7 changed files with 33 additions and 57 deletions.
13 changes: 4 additions & 9 deletions tunnels/client/openssl/openssl_client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,14 +70,9 @@ static void flushWriteQueue(tunnel_t *self, context_t *c)
{
oss_client_con_state_t *cstate = CSTATE(c);

while (contextQueueLen(cstate->queue) > 0)
while (contextQueueLen(cstate->queue) > 0 && isAlive(c->line))
{
self->upStream(self, contextQueuePop(cstate->queue));

if (! isAlive(c->line))
{
return;
}
}
}

Expand All @@ -98,7 +93,7 @@ static void upStream(tunnel_t *self, context_t *c)
enum sslstatus status;
int len = (int) bufLen(c->payload);

while (len > 0)
while (len > 0 && isAlive(c->line))
{
int n = SSL_write(cstate->ssl, rawBuf(c->payload), len);
status = getSslStatus(cstate->ssl, n);
Expand Down Expand Up @@ -242,7 +237,7 @@ static void downStream(tunnel_t *self, context_t *c)

int len = (int) bufLen(c->payload);

while (len > 0)
while (len > 0 && isAlive(c->line))
{
n = BIO_write(cstate->rbio, rawBuf(c->payload), len);

Expand Down Expand Up @@ -321,7 +316,7 @@ static void downStream(tunnel_t *self, context_t *c)
reuseBuffer(getContextBufferPool(c), buf);
}

if (!cstate->handshake_completed && SSL_is_init_finished(cstate->ssl) )
if (! cstate->handshake_completed && SSL_is_init_finished(cstate->ssl))
{
LOGD("OpensslClient: Tls handshake complete");
cstate->handshake_completed = true;
Expand Down
41 changes: 17 additions & 24 deletions tunnels/client/reality/reality_client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,38 +72,31 @@ static enum sslstatus getSslStatus(SSL *ssl, int n)
static void cleanup(tunnel_t *self, context_t *c)
{
reality_client_con_state_t *cstate = CSTATE(c);
if (cstate != NULL)
if (cstate->handshake_completed)
{
if (cstate->handshake_completed)
{
destroyBufferStream(cstate->read_stream);
}
EVP_CIPHER_CTX_free(cstate->encryption_context);
EVP_CIPHER_CTX_free(cstate->decryption_context);
EVP_MD_CTX_free(cstate->sign_context);
EVP_MD_free(cstate->msg_digest);
EVP_PKEY_free(cstate->sign_key);
destroyBufferStream(cstate->read_stream);
}
EVP_CIPHER_CTX_free(cstate->encryption_context);
EVP_CIPHER_CTX_free(cstate->decryption_context);
EVP_MD_CTX_free(cstate->sign_context);
EVP_MD_free(cstate->msg_digest);
EVP_PKEY_free(cstate->sign_key);

SSL_free(cstate->ssl); /* free the SSL object and its BIO's */
destroyContextQueue(cstate->queue);
SSL_free(cstate->ssl); /* free the SSL object and its BIO's */
destroyContextQueue(cstate->queue);

free(cstate);
CSTATE_MUT(c) = NULL;
}
free(cstate);
CSTATE_MUT(c) = NULL;
}

static void flushWriteQueue(tunnel_t *self, context_t *c)
{
reality_client_con_state_t *cstate = CSTATE(c);

while (contextQueueLen(cstate->queue) > 0)
while (contextQueueLen(cstate->queue) > 0 && isAlive(c->line))
{
self->upStream(self, contextQueuePop(cstate->queue));

if (! isAlive(c->line))
{
return;
}
}
}

Expand Down Expand Up @@ -139,7 +132,7 @@ static void upStream(tunnel_t *self, context_t *c)
}
else
{
while (bufLen(buf) > 0)
while (bufLen(buf) > 0 && isAlive(c->line))
{
const uint16_t remain = (uint16_t) min(bufLen(buf), chunk_size);
shift_buffer_t *chunk = shallowSliceBuffer(buf, remain);
Expand Down Expand Up @@ -253,15 +246,15 @@ static void downStream(tunnel_t *self, context_t *c)
bufferStreamPush(cstate->read_stream, c->payload);
c->payload = NULL;
uint8_t tls_header[1 + 2 + 2];
while (bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen)
while (bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen && isAlive(c->line))
{
bufferStreamViewBytesAt(cstate->read_stream, 0, tls_header, kTLSHeaderlen);
uint16_t length = ntohs(*(uint16_t *) (tls_header + 3));
if ((int) bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen + length)
{
shift_buffer_t *buf = bufferStreamRead(cstate->read_stream, kTLSHeaderlen + length);
bool is_tls_applicationdata = ((uint8_t *) rawBuf(buf))[0] == kTLS12ApplicationData;
bool is_tls_33 = ((uint16_t *) (((uint8_t *) rawBuf(buf)) + 1))[0] == kTLSVersion12;
bool is_tls_33 = ((uint16_t *) (((uint8_t *) rawBuf(buf)) + 1))[0] == kTLSVersion12;

shiftr(buf, kTLSHeaderlen);

Expand Down Expand Up @@ -294,7 +287,7 @@ static void downStream(tunnel_t *self, context_t *c)

int len = (int) bufLen(c->payload);

while (len > 0)
while (len > 0 && isAlive(c->line))
{
n = BIO_write(cstate->rbio, rawBuf(c->payload), len);

Expand Down
2 changes: 0 additions & 2 deletions tunnels/client/reverse/reverse_client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ static void upStream(tunnel_t *self, context_t *c)
}
else
{

if (c->fin)
{
const unsigned int tid = c->line->tid;
Expand Down Expand Up @@ -176,7 +175,6 @@ static void startReverseClient(htimer_t *timer)
tunnel_t *self = hevent_userdata(timer);
for (unsigned int i = 0; i < workers_count; i++)
{

initiateConnect(self, i, true);
}

Expand Down
13 changes: 4 additions & 9 deletions tunnels/client/wolfssl/wolfssl_client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,14 +70,9 @@ static void flushWriteQueue(tunnel_t *self, context_t *c)
{
wssl_client_con_state_t *cstate = CSTATE(c);

while (contextQueueLen(cstate->queue) > 0)
while (contextQueueLen(cstate->queue) > 0 && isAlive(c->line))
{
self->upStream(self, contextQueuePop(cstate->queue));

if (! isAlive(c->line))
{
return;
}
}
}

Expand All @@ -98,7 +93,7 @@ static void upStream(tunnel_t *self, context_t *c)
enum sslstatus status;
int len = (int) bufLen(c->payload);

while (len > 0)
while (len > 0 && isAlive(c->line))
{
int n = SSL_write(cstate->ssl, rawBuf(c->payload), len);
status = getSslStatus(cstate->ssl, n);
Expand Down Expand Up @@ -242,7 +237,7 @@ static void downStream(tunnel_t *self, context_t *c)

int len = (int) bufLen(c->payload);

while (len > 0)
while (len > 0 && isAlive(c->line))
{
n = BIO_write(cstate->rbio, rawBuf(c->payload), len);

Expand Down Expand Up @@ -446,7 +441,7 @@ tunnel_t *newWolfSSLClient(node_instance_context_t *instance_info)

getBoolFromJsonObjectOrDefault(&(state->verify), settings, "verify", true);

getStringFromJsonObjectOrDefault(&(state->alpn), settings, "alpn","http/1.1");
getStringFromJsonObjectOrDefault(&(state->alpn), settings, "alpn", "http/1.1");

ssl_param->verify_peer = state->verify ? 1 : 0;
ssl_param->endpoint = kSslClient;
Expand Down
4 changes: 2 additions & 2 deletions tunnels/server/openssl/openssl_server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ static void upStream(tunnel_t *self, context_t *c)
int n;
unsigned int len = bufLen(c->payload);

while (len > 0)
while (len > 0 && isAlive(c->line))
{
n = BIO_write(cstate->rbio, rawBuf(c->payload), (int) len);

Expand Down Expand Up @@ -457,7 +457,7 @@ static void downStream(tunnel_t *self, context_t *c)
exit(1);
}
int len = (int) bufLen(c->payload);
while (len)
while (len > 0 && isAlive(c->line))
{
int n = SSL_write(cstate->ssl, rawBuf(c->payload), len);
status = getSslstatus(cstate->ssl, n);
Expand Down
13 changes: 4 additions & 9 deletions tunnels/server/reality/reality_server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ static void upStream(tunnel_t *self, context_t *c)
uint8_t tls_header[1 + 2 + 2];

bufferStreamPush(cstate->read_stream, newShallowShiftBuffer(buf));
while (bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen)
while (bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen && isAlive(c->line))
{
bufferStreamViewBytesAt(cstate->read_stream, 0, tls_header, kTLSHeaderlen);
uint16_t length = ntohs(*(uint16_t *) (tls_header + 3));
Expand Down Expand Up @@ -169,15 +169,15 @@ static void upStream(tunnel_t *self, context_t *c)
c->payload = NULL;
authorized:;
uint8_t tls_header[1 + 2 + 2];
while (bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen)
while (bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen && isAlive(c->line))
{
bufferStreamViewBytesAt(cstate->read_stream, 0, tls_header, kTLSHeaderlen);
uint16_t length = ntohs(*(uint16_t *) (tls_header + 3));
if ((int) bufferStreamLen(cstate->read_stream) >= kTLSHeaderlen + length)
{
shift_buffer_t *buf = bufferStreamRead(cstate->read_stream, kTLSHeaderlen + length);
bool is_tls_applicationdata = ((uint8_t *) rawBuf(buf))[0] == kTLS12ApplicationData;
bool is_tls_33 = ((uint16_t *) (((uint8_t *) rawBuf(buf)) + 1))[0] == kTLSVersion12;
bool is_tls_33 = ((uint16_t *) (((uint8_t *) rawBuf(buf)) + 1))[0] == kTLSVersion12;

shiftr(buf, kTLSHeaderlen);

Expand All @@ -195,11 +195,6 @@ static void upStream(tunnel_t *self, context_t *c)
context_t *plain_data_ctx = newContextFrom(c);
plain_data_ctx->payload = buf;
self->up->upStream(self->up, plain_data_ctx);
if (! isAlive(c->line))
{
destroyContext(c);
return;
}
}
else
{
Expand Down Expand Up @@ -284,7 +279,7 @@ static void downStream(tunnel_t *self, context_t *c)
}
else
{
while (bufLen(buf) > 0)
while (bufLen(buf) > 0 && isAlive(c->line))
{
const uint16_t remain = (uint16_t) min(bufLen(buf), chunk_size);
shift_buffer_t *chunk = shallowSliceBuffer(buf, remain);
Expand Down
4 changes: 2 additions & 2 deletions tunnels/server/wolfssl/wolfssl_server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,7 +181,7 @@ static void upStream(tunnel_t *self, context_t *c)
int n;
int len = (int) bufLen(c->payload);

while (len > 0)
while (len > 0 && isAlive(c->line))
{
n = BIO_write(cstate->rbio, rawBuf(c->payload), len);

Expand Down Expand Up @@ -447,7 +447,7 @@ static void downStream(tunnel_t *self, context_t *c)
exit(1);
}
int len = (int) bufLen(c->payload);
while (len)
while (len && isAlive(c->line))
{
int n = SSL_write(cstate->ssl, rawBuf(c->payload), len);
status = getSslstatus(cstate->ssl, n);
Expand Down

0 comments on commit 0745776

Please sign in to comment.