summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2019-02-26 17:32:48 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2019-02-26 17:32:48 +0000
commit9a86049c38bdb51120eec74cb15c3f88aa8476c4 (patch)
treecf9fb749918d7c8177e6b0cf1230690c158a974f
parent0371e3a614165ee4b2d8995f0b938e1a6e14f476 (diff)
Correctly handle tls_read() and tls_write() failures.
Otherwise a TLS error (for example the remote end sent a fatal alert) is silently ignored. ok bluhm@ tb@
-rw-r--r--usr.bin/nc/netcat.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c
index afa02343d98..048502bd1e5 100644
--- a/usr.bin/nc/netcat.c
+++ b/usr.bin/nc/netcat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: netcat.c,v 1.202 2019/01/10 12:44:54 mestre Exp $ */
+/* $OpenBSD: netcat.c,v 1.203 2019/02/26 17:32:47 jsing Exp $ */
/*
* Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
* Copyright (c) 2015 Bob Beck. All rights reserved.
@@ -1267,9 +1267,11 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
ssize_t n;
ssize_t adjust;
- if (tls)
+ if (tls) {
n = tls_write(tls, buf, *bufpos);
- else {
+ if (n == -1)
+ errx(1, "tls write failed (%s)", tls_error(tls));
+ } else {
n = write(fd, buf, *bufpos);
/* don't treat EAGAIN, EINTR as error */
if (n == -1 && (errno == EAGAIN || errno == EINTR))
@@ -1291,9 +1293,11 @@ fillbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
size_t num = BUFSIZE - *bufpos;
ssize_t n;
- if (tls)
+ if (tls) {
n = tls_read(tls, buf + *bufpos, num);
- else {
+ if (n == -1)
+ errx(1, "tls read failed (%s)", tls_error(tls));
+ } else {
n = read(fd, buf + *bufpos, num);
/* don't treat EAGAIN, EINTR as error */
if (n == -1 && (errno == EAGAIN || errno == EINTR))