<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style data-premailer="ignore" type="text/css">

a { color: #1068bf; }

</style>

<style>img {

max-width: 100%; height: auto;

}

body {

font-size: 0.875rem;

}

body {

-webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px;

}

body {

font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Noto Sans", Ubuntu, Cantarell, "Helvetica Neue", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji"; font-size: inherit;

}

</style>

</head>

<body style='font-size: inherit; -webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Noto Sans", Ubuntu, Cantarell, "Helvetica Neue", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";'>

<div class="content">

<p class="details" style="font-style: italic; color: #666;">

<a href="https://gitlab.com/slomo" style="color: #1068bf;">Sebastian Dröge</a> created an issue: <a href="https://gitlab.com/gnutls/gnutls/-/issues/1412" style="color: #1068bf;">#1412</a>

</p>

<div class="md" style="color: #303030; word-wrap: break-word;">

<p dir="auto" style="color: #303030; margin: 0 0 16px;" align="initial">When providing credentials without a private key then <code style='font-size: 90%; color: #1f1f1f; word-wrap: break-word; background-color: #f0f0f0; border-radius: 4px; margin-top: 0; font-weight: inherit; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; white-space: pre-wrap; overflow-wrap: break-word; word-break: keep-all; padding: 2px 4px;'>gnutls_handshake()</code> will segfault. This is obviously an application bug but it would be great if GnuTLS could also catch this in a better way, either with an actual assertion or with a handshake error.</p>

<p dir="auto" style="color: #303030; margin: 0 0 16px;" align="initial">valgrind reports the following with the attached server application (based on the echo server example from the docs):</p>

<div class="gl-relative markdown-code-block js-markdown-code">

<pre class="code highlight js-syntax-highlight language-plaintext" lang="plaintext" data-canonical-lang="" v-pre="true" style='display: block; font-size: 13px; color: #303030; line-height: 1.6em; overflow-x: auto; border-radius: 4px; position: relative; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; word-break: break-all; word-wrap: break-word; background-color: #fafafa; margin: 0 0 16px; padding: 12px; border: 1px solid #dbdbdb;'><code style='font-size: inherit; color: inherit; word-wrap: normal; word-break: keep-all; background-color: inherit; border-radius: 4px; white-space: pre; margin-top: 0; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; overflow-wrap: normal; padding: unset;'><span id="LC1" class="line" lang="plaintext" style="margin-top: 0;">==427258== Invalid read of size 4</span>

<span id="LC2" class="line" lang="plaintext">==427258==    at 0x490617D: _gnutls_privkey_compatible_with_sig (privkey.c:1966)</span>

<span id="LC3" class="line" lang="plaintext">==427258==    by 0x499BD22: _gnutls_session_get_sign_algo (signature.c:381)</span>

<span id="LC4" class="line" lang="plaintext">==427258==    by 0x49A94BC: cert_select_sign_algorithm (cert.c:1591)</span>

<span id="LC5" class="line" lang="plaintext">==427258==    by 0x49AC308: _gnutls_select_server_cert (cert.c:1643)</span>

<span id="LC6" class="line" lang="plaintext">==427258==    by 0x49B778D: _gnutls_figure_common_ciphersuite (ciphersuites.c:1526)</span>

<span id="LC7" class="line" lang="plaintext">==427258==    by 0x48D01C1: _gnutls_server_select_suite (handshake.c:1158)</span>

<span id="LC8" class="line" lang="plaintext">==427258==    by 0x48D2FBC: read_client_hello (handshake.c:862)</span>

<span id="LC9" class="line" lang="plaintext">==427258==    by 0x48D2FBC: _gnutls_recv_handshake (handshake.c:1641)</span>

<span id="LC10" class="line" lang="plaintext">==427258==    by 0x48D6368: handshake_server (handshake.c:3496)</span>

<span id="LC11" class="line" lang="plaintext">==427258==    by 0x48D6368: gnutls_handshake (handshake.c:2886)</span>

<span id="LC12" class="line" lang="plaintext">==427258==    by 0x1097B0: main (test.c:127)</span>

<span id="LC13" class="line" lang="plaintext">==427258==  Address 0x4 is not stack'd, malloc'd or (recently) free'd</span></code></pre>

<copy-code></copy-code>

</div>

<p dir="auto" style="color: #303030; margin: 0 0 16px;" align="initial">Testcase application</p>

<div class="gl-relative markdown-code-block js-markdown-code" style="margin-bottom: 0;">

<pre class="code highlight js-syntax-highlight language-cpp" lang="cpp" v-pre="true" style='display: block; font-size: 13px; color: #303030; line-height: 1.6em; overflow-x: auto; border-radius: 4px; position: relative; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; word-break: break-all; word-wrap: break-word; background-color: #fafafa; margin: 0 0 16px; padding: 12px; border: 1px solid #dbdbdb;'><code style='font-size: inherit; color: inherit; word-wrap: normal; word-break: keep-all; background-color: inherit; border-radius: 4px; white-space: pre; margin-top: 0; font-family: "Menlo", "DejaVu Sans Mono", "Liberation Mono", "Consolas", "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; overflow-wrap: normal; padding: unset;'><span id="LC1" class="line" lang="cpp" style="margin-top: 0;"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><arpa/inet.h></span></span>

<span id="LC2" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><assert.h></span></span>

<span id="LC3" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><errno.h></span></span>

<span id="LC4" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><gnutls/gnutls.h></span></span>

<span id="LC5" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><gnutls/urls.h></span></span>

<span id="LC6" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><gnutls/x509.h></span></span>

<span id="LC7" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><netinet/in.h></span></span>

<span id="LC8" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><stdio.h></span></span>

<span id="LC9" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><stdlib.h></span></span>

<span id="LC10" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><string.h></span></span>

<span id="LC11" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><sys/socket.h></span></span>

<span id="LC12" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><sys/types.h></span></span>

<span id="LC13" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#include</span> <span class="cpf"><unistd.h></span></span>

<span id="LC14" class="line" lang="cpp"></span>

<span id="LC15" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#define CHECK(x) assert((x) >= 0)</span></span>

<span id="LC16" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#define LOOP_CHECK(rval, cmd)                                                  \</span></span>

<span id="LC17" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">  do {                                                                         \</span></span>

<span id="LC18" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">    rval = cmd;                                                                \</span></span>

<span id="LC19" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">  } while (rval == GNUTLS_E_AGAIN || rval == GNUTLS_E_INTERRUPTED)</span></span>

<span id="LC20" class="line" lang="cpp"></span>

<span id="LC21" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#define MAX_BUF 1024</span></span>

<span id="LC22" class="line" lang="cpp"><span class="cp" style="margin-top: 0;">#define PORT 5556</span></span>

<span id="LC23" class="line" lang="cpp"></span>

<span id="LC24" class="line" lang="cpp"><span class="k" style="margin-top: 0;">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">cert_data</span><span class="p">[]</span> <span class="o">=</span> <span class="s">"-----BEGIN CERTIFICATE----- \</span></span>

<span id="LC25" class="line" lang="cpp"><span class="s" style="margin-top: 0;">MIIEQDCCAqigAwIBAgIRAO5XT7tkYlNt77CBj2H5HiEwDQYJKoZIhvcNAQELBQAw \</span></span>

<span id="LC26" class="line" lang="cpp"><span class="s" style="margin-top: 0;">czEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSQwIgYDVQQLDBtqbWFs \</span></span>

<span id="LC27" class="line" lang="cpp"><span class="s" style="margin-top: 0;">dmVzQHBvcC1vcyAoSm9hbyBBbHZlcykxKzApBgNVBAMMIm1rY2VydCBqbWFsdmVz \</span></span>

<span id="LC28" class="line" lang="cpp"><span class="s" style="margin-top: 0;">QHBvcC1vcyAoSm9hbyBBbHZlcykwHhcNMjIwOTIyMTIyNTMzWhcNMjQxMjIyMTMy \</span></span>

<span id="LC29" class="line" lang="cpp"><span class="s" style="margin-top: 0;">NTMzWjBPMScwJQYDVQQKEx5ta2NlcnQgZGV2ZWxvcG1lbnQgY2VydGlmaWNhdGUx \</span></span>

<span id="LC30" class="line" lang="cpp"><span class="s" style="margin-top: 0;">JDAiBgNVBAsMG2ptYWx2ZXNAcG9wLW9zIChKb2FvIEFsdmVzKTCCASIwDQYJKoZI \</span></span>

<span id="LC31" class="line" lang="cpp"><span class="s" style="margin-top: 0;">hvcNAQEBBQADggEPADCCAQoCggEBAJPz8CCFHtNsSzbc64tR/7B1Kf1xuxDz0cBS \</span></span>

<span id="LC32" class="line" lang="cpp"><span class="s" style="margin-top: 0;">vAlEYzfaBrPmgV3zoaIgKnW9u8EWwvRXzhVLfMnO/x8jfIRmSDDK1M+fXmriIDkx \</span></span>

<span id="LC33" class="line" lang="cpp"><span class="s" style="margin-top: 0;">5cbWnCN2GQ81P/GdvsGpx2XWBpKTCYQm/6EvdvAsg0+GWrgSxo4hFg59YLaWeWHj \</span></span>

<span id="LC34" class="line" lang="cpp"><span class="s" style="margin-top: 0;">PTSKABM9C63X9UnQKvP25rYkJ42znnkmqmGXCe1iPk1xZvDfqcbZ1sZXlMV2dS9M \</span></span>

<span id="LC35" class="line" lang="cpp"><span class="s" style="margin-top: 0;">CRu6Dwqo7N3hVbwM/vZ4X7vWH6JRT8Soz6CijWDcAVvusrxx0QyNQg4nuQznZrnW \</span></span>

<span id="LC36" class="line" lang="cpp"><span class="s" style="margin-top: 0;">nQbjmEQf4MCO4OCd5uh5rXcxvdYZbpMx25EujMbh0OWfecC+GH8CAwEAAaNzMHEw \</span></span>

<span id="LC37" class="line" lang="cpp"><span class="s" style="margin-top: 0;">DgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB8GA1UdIwQYMBaA \</span></span>

<span id="LC38" class="line" lang="cpp"><span class="s" style="margin-top: 0;">FIwNqPZz6OxXFjHo/y0pAHyU3Q2TMCkGA1UdEQQiMCCCCWxvY2FsaG9zdIINZHMu \</span></span>

<span id="LC39" class="line" lang="cpp"><span class="s" style="margin-top: 0;">YWl2ZXJvLmxhbocEfwAAATANBgkqhkiG9w0BAQsFAAOCAYEAiPa2QzuPK9FckgW+ \</span></span>

<span id="LC40" class="line" lang="cpp"><span class="s" style="margin-top: 0;">FBu0fwsjBY+DOhhLzj7Su2eEg0hQDuV8A8hwbj6lfvY0UGOh6Tb6fjs/daUaQLcK \</span></span>

<span id="LC41" class="line" lang="cpp"><span class="s" style="margin-top: 0;">k5och7JbHiauch5hVx2xmXCcJu55sLW9UcJHOSvP+jalUm1BqlMWHIAcbFwajOWV \</span></span>

<span id="LC42" class="line" lang="cpp"><span class="s" style="margin-top: 0;">tXENgRleSkFmw2uoi66lQq8QBHDosUKJukZQnweXihWXoZ2pWPkaOY3cBc2DYpBM \</span></span>

<span id="LC43" class="line" lang="cpp"><span class="s" style="margin-top: 0;">8ioyW6mdyG1Ot4vT5En+WauGJCFKAzvPtM74HNp9kw+ddLqPamTTbMtm78gi8B7E \</span></span>

<span id="LC44" class="line" lang="cpp"><span class="s" style="margin-top: 0;">eHPYBedjEvaroY5lw1iU6n5VNiF61Ygc3vC4QSCIBNOOMUEXwK0c3gzF9DrpCBXY \</span></span>

<span id="LC45" class="line" lang="cpp"><span class="s" style="margin-top: 0;">ezVYCmgnM5FfeJ/l25DhpPdUTD+MJJ3dZd+AB4Kx7a0dI5xWelaZCExa+yr8UWYd \</span></span>

<span id="LC46" class="line" lang="cpp"><span class="s" style="margin-top: 0;">hsrOnFMTWHMjlx+kzWxC4U+bHAxX4buQpq37l9GyASldbLGdqA86Dnaxit3nhZPb \</span></span>

<span id="LC47" class="line" lang="cpp"><span class="s" style="margin-top: 0;">GO+ToIks+22GnP8wLvWWTZc3wV90RhRDy5GkZzDX7K8J1/C0 \</span></span>

<span id="LC48" class="line" lang="cpp"><span class="s" style="margin-top: 0;">-----END CERTIFICATE-----"</span><span class="p">;</span></span>

<span id="LC49" class="line" lang="cpp"></span>

<span id="LC50" class="line" lang="cpp"><span class="k" style="margin-top: 0;">static</span> <span class="k">const</span> <span class="n">gnutls_datum_t</span> <span class="n">cert_pem</span> <span class="o">=</span> <span class="p">{</span></span>

<span id="LC51" class="line" lang="cpp">    <span class="p" style="margin-top: 0;">.</span><span class="n">data</span> <span class="o">=</span> <span class="p">(</span><span class="kt">unsigned</span> <span class="kt">char</span> <span class="o">*</span><span class="p">)</span><span class="n">cert_data</span><span class="p">,</span></span>

<span id="LC52" class="line" lang="cpp">    <span class="p" style="margin-top: 0;">.</span><span class="n">size</span> <span class="o">=</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">cert_data</span><span class="p">),</span></span>

<span id="LC53" class="line" lang="cpp"><span class="p" style="margin-top: 0;">};</span></span>

<span id="LC54" class="line" lang="cpp"></span>

<span id="LC55" class="line" lang="cpp"><span class="k" style="margin-top: 0;">static</span> <span class="n">gnutls_x509_crt_t</span> <span class="n">cert</span><span class="p">;</span></span>

<span id="LC56" class="line" lang="cpp"><span class="k" style="margin-top: 0;">static</span> <span class="n">gnutls_privkey_t</span> <span class="n">privkey</span><span class="p">;</span></span>

<span id="LC57" class="line" lang="cpp"><span class="k" style="margin-top: 0;">static</span> <span class="n">gnutls_certificate_credentials_t</span> <span class="n">creds</span><span class="p">;</span></span>

<span id="LC58" class="line" lang="cpp"></span>

<span id="LC59" class="line" lang="cpp"><span class="k" style="margin-top: 0;">static</span> <span class="kt">int</span> <span class="n">retrieve_func</span><span class="p">(</span><span class="n">gnutls_session_t</span> <span class="n">session</span><span class="p">,</span></span>

<span id="LC60" class="line" lang="cpp">                         <span class="k" style="margin-top: 0;">const</span> <span class="n">gnutls_datum_t</span> <span class="o">*</span><span class="n">req_ca_rdn</span><span class="p">,</span> <span class="kt">int</span> <span class="n">nreqs</span><span class="p">,</span></span>

<span id="LC61" class="line" lang="cpp">                         <span class="k" style="margin-top: 0;">const</span> <span class="n">gnutls_pk_algorithm_t</span> <span class="o">*</span><span class="n">pk_algos</span><span class="p">,</span></span>

<span id="LC62" class="line" lang="cpp">                         <span class="kt" style="margin-top: 0;">int</span> <span class="n">pk_algos_length</span><span class="p">,</span> <span class="n">gnutls_pcert_st</span> <span class="o">**</span><span class="n">pcert</span><span class="p">,</span></span>

<span id="LC63" class="line" lang="cpp">                         <span class="kt" style="margin-top: 0;">unsigned</span> <span class="kt">int</span> <span class="o">*</span><span class="n">pcert_length</span><span class="p">,</span> <span class="n">gnutls_privkey_t</span> <span class="o">*</span><span class="n">pkey</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC64" class="line" lang="cpp"></span>

<span id="LC65" class="line" lang="cpp">  <span class="o" style="margin-top: 0;">*</span><span class="n">pcert</span> <span class="o">=</span> <span class="n">malloc</span><span class="p">(</span><span class="k">sizeof</span><span class="p">(</span><span class="n">gnutls_pcert_st</span><span class="p">));</span></span>

<span id="LC66" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_pcert_import_x509</span><span class="p">(</span><span class="o">*</span><span class="n">pcert</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="mi">0</span><span class="p">);</span></span>

<span id="LC67" class="line" lang="cpp">  <span class="o" style="margin-top: 0;">*</span><span class="n">pcert_length</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span></span>

<span id="LC68" class="line" lang="cpp">  <span class="o" style="margin-top: 0;">*</span><span class="n">pkey</span> <span class="o">=</span> <span class="o">*</span><span class="n">pkey</span><span class="p">;</span></span>

<span id="LC69" class="line" lang="cpp">  <span class="k" style="margin-top: 0;">return</span> <span class="mi">0</span><span class="p">;</span></span>

<span id="LC70" class="line" lang="cpp"><span class="p" style="margin-top: 0;">}</span></span>

<span id="LC71" class="line" lang="cpp"></span>

<span id="LC72" class="line" lang="cpp"><span class="kt" style="margin-top: 0;">int</span> <span class="n">main</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC73" class="line" lang="cpp">  <span class="kt" style="margin-top: 0;">int</span> <span class="n">listen_sd</span><span class="p">;</span></span>

<span id="LC74" class="line" lang="cpp">  <span class="kt" style="margin-top: 0;">int</span> <span class="n">sd</span><span class="p">,</span> <span class="n">ret</span><span class="p">;</span></span>

<span id="LC75" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_priority_t</span> <span class="n">priority_cache</span><span class="p">;</span></span>

<span id="LC76" class="line" lang="cpp">  <span class="k" style="margin-top: 0;">struct</span> <span class="nc">sockaddr_in</span> <span class="n">sa_serv</span><span class="p">;</span></span>

<span id="LC77" class="line" lang="cpp">  <span class="k" style="margin-top: 0;">struct</span> <span class="nc">sockaddr_in</span> <span class="n">sa_cli</span><span class="p">;</span></span>

<span id="LC78" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">socklen_t</span> <span class="n">client_len</span><span class="p">;</span></span>

<span id="LC79" class="line" lang="cpp">  <span class="kt" style="margin-top: 0;">char</span> <span class="n">topbuf</span><span class="p">[</span><span class="mi">512</span><span class="p">];</span></span>

<span id="LC80" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_session_t</span> <span class="n">session</span><span class="p">;</span></span>

<span id="LC81" class="line" lang="cpp">  <span class="kt" style="margin-top: 0;">char</span> <span class="n">buffer</span><span class="p">[</span><span class="n">MAX_BUF</span> <span class="o">+</span> <span class="mi">1</span><span class="p">];</span></span>

<span id="LC82" class="line" lang="cpp">  <span class="kt" style="margin-top: 0;">int</span> <span class="n">optval</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span></span>

<span id="LC83" class="line" lang="cpp"></span>

<span id="LC84" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_global_init</span><span class="p">());</span></span>

<span id="LC85" class="line" lang="cpp"></span>

<span id="LC86" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_x509_crt_init</span><span class="p">(</span><span class="o">&</span><span class="n">cert</span><span class="p">));</span></span>

<span id="LC87" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_x509_crt_import</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="o">&</span><span class="n">cert_pem</span><span class="p">,</span> <span class="n">GNUTLS_X509_FMT_PEM</span><span class="p">));</span></span>

<span id="LC88" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_privkey_init</span><span class="p">(</span><span class="o">&</span><span class="n">privkey</span><span class="p">));</span></span>

<span id="LC89" class="line" lang="cpp"></span>

<span id="LC90" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_certificate_allocate_credentials</span><span class="p">(</span><span class="o">&</span><span class="n">creds</span><span class="p">));</span></span>

<span id="LC91" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_certificate_set_retrieve_function2</span><span class="p">(</span><span class="n">creds</span><span class="p">,</span> <span class="n">retrieve_func</span><span class="p">);</span></span>

<span id="LC92" class="line" lang="cpp"></span>

<span id="LC93" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_priority_init</span><span class="p">(</span><span class="o">&</span><span class="n">priority_cache</span><span class="p">,</span> <span class="nb">NULL</span><span class="p">,</span> <span class="nb">NULL</span><span class="p">));</span></span>

<span id="LC94" class="line" lang="cpp"></span>

<span id="LC95" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">listen_sd</span> <span class="o">=</span> <span class="n">socket</span><span class="p">(</span><span class="n">AF_INET</span><span class="p">,</span> <span class="n">SOCK_STREAM</span><span class="p">,</span> <span class="mi">0</span><span class="p">);</span></span>

<span id="LC96" class="line" lang="cpp"></span>

<span id="LC97" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">memset</span><span class="p">(</span><span class="o">&</span><span class="n">sa_serv</span><span class="p">,</span> <span class="sc">'\0'</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">sa_serv</span><span class="p">));</span></span>

<span id="LC98" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">sa_serv</span><span class="p">.</span><span class="n">sin_family</span> <span class="o">=</span> <span class="n">AF_INET</span><span class="p">;</span></span>

<span id="LC99" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">sa_serv</span><span class="p">.</span><span class="n">sin_addr</span><span class="p">.</span><span class="n">s_addr</span> <span class="o">=</span> <span class="n">INADDR_ANY</span><span class="p">;</span></span>

<span id="LC100" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">sa_serv</span><span class="p">.</span><span class="n">sin_port</span> <span class="o">=</span> <span class="n">htons</span><span class="p">(</span><span class="n">PORT</span><span class="p">);</span> <span class="cm">/* Server Port number */</span></span>

<span id="LC101" class="line" lang="cpp"></span>

<span id="LC102" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">setsockopt</span><span class="p">(</span><span class="n">listen_sd</span><span class="p">,</span> <span class="n">SOL_SOCKET</span><span class="p">,</span> <span class="n">SO_REUSEADDR</span><span class="p">,</span> <span class="p">(</span><span class="kt">void</span> <span class="o">*</span><span class="p">)</span><span class="o">&</span><span class="n">optval</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="kt">int</span><span class="p">));</span></span>

<span id="LC103" class="line" lang="cpp"></span>

<span id="LC104" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">bind</span><span class="p">(</span><span class="n">listen_sd</span><span class="p">,</span> <span class="p">(</span><span class="k">struct</span> <span class="nc">sockaddr</span> <span class="o">*</span><span class="p">)</span><span class="o">&</span><span class="n">sa_serv</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">sa_serv</span><span class="p">));</span></span>

<span id="LC105" class="line" lang="cpp"></span>

<span id="LC106" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">listen</span><span class="p">(</span><span class="n">listen_sd</span><span class="p">,</span> <span class="mi">1024</span><span class="p">);</span></span>

<span id="LC107" class="line" lang="cpp"></span>

<span id="LC108" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">printf</span><span class="p">(</span><span class="s">"Server ready. Listening to port '%d'.</span><span class="se">\n\n</span><span class="s">"</span><span class="p">,</span> <span class="n">PORT</span><span class="p">);</span></span>

<span id="LC109" class="line" lang="cpp"></span>

<span id="LC110" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">client_len</span> <span class="o">=</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">sa_cli</span><span class="p">);</span></span>

<span id="LC111" class="line" lang="cpp">  <span class="k" style="margin-top: 0;">for</span> <span class="p">(;;)</span> <span class="p">{</span></span>

<span id="LC112" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_init</span><span class="p">(</span><span class="o">&</span><span class="n">session</span><span class="p">,</span> <span class="n">GNUTLS_SERVER</span><span class="p">));</span></span>

<span id="LC113" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_priority_set</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">priority_cache</span><span class="p">));</span></span>

<span id="LC114" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_credentials_set</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">GNUTLS_CRD_CERTIFICATE</span><span class="p">,</span> <span class="n">creds</span><span class="p">));</span></span>

<span id="LC115" class="line" lang="cpp"></span>

<span id="LC116" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">gnutls_certificate_server_set_request</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">GNUTLS_CERT_IGNORE</span><span class="p">);</span></span>

<span id="LC117" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">gnutls_handshake_set_timeout</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT</span><span class="p">);</span></span>

<span id="LC118" class="line" lang="cpp"></span>

<span id="LC119" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">sd</span> <span class="o">=</span> <span class="n">accept</span><span class="p">(</span><span class="n">listen_sd</span><span class="p">,</span> <span class="p">(</span><span class="k">struct</span> <span class="nc">sockaddr</span> <span class="o">*</span><span class="p">)</span><span class="o">&</span><span class="n">sa_cli</span><span class="p">,</span> <span class="o">&</span><span class="n">client_len</span><span class="p">);</span></span>

<span id="LC120" class="line" lang="cpp"></span>

<span id="LC121" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">printf</span><span class="p">(</span><span class="s">"- connection from %s, port %d</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span></span>

<span id="LC122" class="line" lang="cpp">           <span class="n" style="margin-top: 0;">inet_ntop</span><span class="p">(</span><span class="n">AF_INET</span><span class="p">,</span> <span class="o">&</span><span class="n">sa_cli</span><span class="p">.</span><span class="n">sin_addr</span><span class="p">,</span> <span class="n">topbuf</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">topbuf</span><span class="p">)),</span></span>

<span id="LC123" class="line" lang="cpp">           <span class="n" style="margin-top: 0;">ntohs</span><span class="p">(</span><span class="n">sa_cli</span><span class="p">.</span><span class="n">sin_port</span><span class="p">));</span></span>

<span id="LC124" class="line" lang="cpp"></span>

<span id="LC125" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">gnutls_transport_set_int</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">sd</span><span class="p">);</span></span>

<span id="LC126" class="line" lang="cpp"></span>

<span id="LC127" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">LOOP_CHECK</span><span class="p">(</span><span class="n">ret</span><span class="p">,</span> <span class="n">gnutls_handshake</span><span class="p">(</span><span class="n">session</span><span class="p">));</span></span>

<span id="LC128" class="line" lang="cpp">    <span class="k" style="margin-top: 0;">if</span> <span class="p">(</span><span class="n">ret</span> <span class="o"><</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC129" class="line" lang="cpp">      <span class="n" style="margin-top: 0;">close</span><span class="p">(</span><span class="n">sd</span><span class="p">);</span></span>

<span id="LC130" class="line" lang="cpp">      <span class="n" style="margin-top: 0;">gnutls_deinit</span><span class="p">(</span><span class="n">session</span><span class="p">);</span></span>

<span id="LC131" class="line" lang="cpp">      <span class="n" style="margin-top: 0;">fprintf</span><span class="p">(</span><span class="n">stderr</span><span class="p">,</span> <span class="s">"*** Handshake has failed (%s)</span><span class="se">\n\n</span><span class="s">"</span><span class="p">,</span></span>

<span id="LC132" class="line" lang="cpp">              <span class="n" style="margin-top: 0;">gnutls_strerror</span><span class="p">(</span><span class="n">ret</span><span class="p">));</span></span>

<span id="LC133" class="line" lang="cpp">      <span class="k" style="margin-top: 0;">continue</span><span class="p">;</span></span>

<span id="LC134" class="line" lang="cpp">    <span class="p" style="margin-top: 0;">}</span></span>

<span id="LC135" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">printf</span><span class="p">(</span><span class="s">"- Handshake was completed</span><span class="se">\n</span><span class="s">"</span><span class="p">);</span></span>

<span id="LC136" class="line" lang="cpp"></span>

<span id="LC137" class="line" lang="cpp">    <span class="k" style="margin-top: 0;">for</span> <span class="p">(;;)</span> <span class="p">{</span></span>

<span id="LC138" class="line" lang="cpp">      <span class="n" style="margin-top: 0;">LOOP_CHECK</span><span class="p">(</span><span class="n">ret</span><span class="p">,</span> <span class="n">gnutls_record_recv</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">buffer</span><span class="p">,</span> <span class="n">MAX_BUF</span><span class="p">));</span></span>

<span id="LC139" class="line" lang="cpp"></span>

<span id="LC140" class="line" lang="cpp">      <span class="k" style="margin-top: 0;">if</span> <span class="p">(</span><span class="n">ret</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC141" class="line" lang="cpp">        <span class="n" style="margin-top: 0;">printf</span><span class="p">(</span><span class="s">"</span><span class="se">\n</span><span class="s">- Peer has closed the GnuTLS connection</span><span class="se">\n</span><span class="s">"</span><span class="p">);</span></span>

<span id="LC142" class="line" lang="cpp">        <span class="k" style="margin-top: 0;">break</span><span class="p">;</span></span>

<span id="LC143" class="line" lang="cpp">      <span class="p" style="margin-top: 0;">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="n">ret</span> <span class="o"><</span> <span class="mi">0</span> <span class="o">&&</span> <span class="n">gnutls_error_is_fatal</span><span class="p">(</span><span class="n">ret</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC144" class="line" lang="cpp">        <span class="n" style="margin-top: 0;">fprintf</span><span class="p">(</span><span class="n">stderr</span><span class="p">,</span> <span class="s">"*** Warning: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">gnutls_strerror</span><span class="p">(</span><span class="n">ret</span><span class="p">));</span></span>

<span id="LC145" class="line" lang="cpp">      <span class="p" style="margin-top: 0;">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="n">ret</span> <span class="o"><</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC146" class="line" lang="cpp">        <span class="n" style="margin-top: 0;">fprintf</span><span class="p">(</span><span class="n">stderr</span><span class="p">,</span></span>

<span id="LC147" class="line" lang="cpp">                <span class="s" style="margin-top: 0;">"</span><span class="se">\n</span><span class="s">*** Received corrupted "</span></span>

<span id="LC148" class="line" lang="cpp">                <span class="s" style="margin-top: 0;">"data(%d). Closing the connection.</span><span class="se">\n\n</span><span class="s">"</span><span class="p">,</span></span>

<span id="LC149" class="line" lang="cpp">                <span class="n" style="margin-top: 0;">ret</span><span class="p">);</span></span>

<span id="LC150" class="line" lang="cpp">        <span class="k" style="margin-top: 0;">break</span><span class="p">;</span></span>

<span id="LC151" class="line" lang="cpp">      <span class="p" style="margin-top: 0;">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="n">ret</span> <span class="o">></span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC152" class="line" lang="cpp">        <span class="n" style="margin-top: 0;">CHECK</span><span class="p">(</span><span class="n">gnutls_record_send</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">buffer</span><span class="p">,</span> <span class="n">ret</span><span class="p">));</span></span>

<span id="LC153" class="line" lang="cpp">      <span class="p" style="margin-top: 0;">}</span></span>

<span id="LC154" class="line" lang="cpp">    <span class="p" style="margin-top: 0;">}</span></span>

<span id="LC155" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">printf</span><span class="p">(</span><span class="s">"</span><span class="se">\n</span><span class="s">"</span><span class="p">);</span></span>

<span id="LC156" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">LOOP_CHECK</span><span class="p">(</span><span class="n">ret</span><span class="p">,</span> <span class="n">gnutls_bye</span><span class="p">(</span><span class="n">session</span><span class="p">,</span> <span class="n">GNUTLS_SHUT_WR</span><span class="p">));</span></span>

<span id="LC157" class="line" lang="cpp"></span>

<span id="LC158" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">close</span><span class="p">(</span><span class="n">sd</span><span class="p">);</span></span>

<span id="LC159" class="line" lang="cpp">    <span class="n" style="margin-top: 0;">gnutls_deinit</span><span class="p">(</span><span class="n">session</span><span class="p">);</span></span>

<span id="LC160" class="line" lang="cpp">  <span class="p" style="margin-top: 0;">}</span></span>

<span id="LC161" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">close</span><span class="p">(</span><span class="n">listen_sd</span><span class="p">);</span></span>

<span id="LC162" class="line" lang="cpp"></span>

<span id="LC163" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_x509_crt_deinit</span><span class="p">(</span><span class="n">cert</span><span class="p">);</span></span>

<span id="LC164" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_privkey_deinit</span><span class="p">(</span><span class="n">privkey</span><span class="p">);</span></span>

<span id="LC165" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_certificate_free_credentials</span><span class="p">(</span><span class="n">creds</span><span class="p">);</span></span>

<span id="LC166" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_priority_deinit</span><span class="p">(</span><span class="n">priority_cache</span><span class="p">);</span></span>

<span id="LC167" class="line" lang="cpp"></span>

<span id="LC168" class="line" lang="cpp">  <span class="n" style="margin-top: 0;">gnutls_global_deinit</span><span class="p">();</span></span>

<span id="LC169" class="line" lang="cpp"></span>

<span id="LC170" class="line" lang="cpp">  <span class="k" style="margin-top: 0;">return</span> <span class="mi">0</span><span class="p">;</span></span>

<span id="LC171" class="line" lang="cpp"><span class="p" style="margin-top: 0;">}</span></span></code></pre>

<copy-code></copy-code>

</div>

</div>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/issues/1412" style="color: #1068bf;">view it on GitLab</a>.

<br>

You're receiving this email because of your account on <a target="_blank" rel="noopener noreferrer" href="https://gitlab.com" style="color: #1068bf;">gitlab.com</a>. <a href="https://gitlab.com/-/sent_notifications/f66786f859785ecba57a40a481247fd6/unsubscribe" target="_blank" rel="noopener noreferrer" style="color: #1068bf;">Unsubscribe</a> from this thread · <a href="https://gitlab.com/-/profile/notifications" target="_blank" rel="noopener noreferrer" class="mng-notif-link" style="color: #1068bf;">Manage all notifications</a> · <a href="https://gitlab.com/help" target="_blank" rel="noopener noreferrer" class="help-link" style="color: #1068bf;">Help</a>

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/-/issues/1412"}}</script>

</p>

</div>

</body>

</html>