]> granicus.if.org Git - openssl/commitdiff
Fix infinite loop on s_client starttls xmpp
authorCarlos Alberto Lopez Perez <clopez@igalia.com>
Mon, 6 Aug 2012 00:00:07 +0000 (02:00 +0200)
committerBen Laurie <ben@links.org>
Thu, 5 Sep 2013 16:24:56 +0000 (17:24 +0100)
 * When the host used in "-connect" is not what the remote XMPP server expects
   the server will return an error like this:
     <stream:error>
       <host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/>
     </stream:error>
 * But the actual code will stay on the loop forever because the stop condition
   "/stream:features>" will never happen,
 * Make this more robust: The stop condition should be that BIO_read failed
 * Test if for example with ::

    openssl s_client  -connect random.jabb3r.net:5222 -starttls xmpp

apps/s_client.c

index c38c42e03736f71041643c2ba95903c3c25c814c..9c7f45f33c507f9827a3b71c04218330d43121b2 100644 (file)
@@ -1676,9 +1676,11 @@ SSL_set_tlsext_status_ids(con, ids);
                while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") &&
                                !strstr(mbuf, "<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\""))
                        {
-                       if (strstr(mbuf, "/stream:features>"))
-                               goto shut;
                        seen = BIO_read(sbio,mbuf,BUFSIZZ);
+
+                       if (seen <= 0)
+                               goto shut;
+
                        mbuf[seen] = 0;
                        }
                BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");