conga_ssl SSLClient.cpp SSLClient.h ...

rmccabe Thu, 13 Sep 2007 07:48:19 -0700

CVSROOT:        /cvs/cluster
Module name:    conga
Changes by:     [EMAIL PROTECTED]       2007-09-13 14:48:01


Modified files:
        luci/conga_ssl : SSLClient.cpp SSLClient.h conga_ssl_lib.cpp 

Log message:
        Fix a bug that could cause incomplete reads if the total length that 
ought to be read is > 4096 and the last two non-whitespace characters read are 
"/>"

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/SSLClient.cpp.diff?cvsroot=cluster&r1=1.5&r2=1.6
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/SSLClient.h.diff?cvsroot=cluster&r1=1.3&r2=1.4
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/conga_ssl_lib.cpp.diff?cvsroot=cluster&r1=1.5&r2=1.6

--- conga/luci/conga_ssl/SSLClient.cpp  2007/09/11 16:04:32     1.5
+++ conga/luci/conga_ssl/SSLClient.cpp  2007/09/13 14:48:01     1.6
@@ -279,19 +279,20 @@
 }
 
 String
-SSLClient::recv(unsigned int timeout)
+SSLClient::recv(unsigned int timeout, size_t& buflen)
 {
   if (!_connected)
     throw String("cannot receive, yet: SSL connection not connected");
 
   char buff[4096];
 
+  buflen = sizeof(buff);
   unsigned int beg = time_mil();
   while (time_mil() < beg + timeout) {
     int ret = SSL_read(_ssl, buff, sizeof(buff));
     if (ret > 0) {
       String data(buff, ret);
-      shred(buff, sizeof(buff));
+      memset(buff, 0, sizeof(buff));
       return data;
     } else {
       bool want_read, want_write;
--- conga/luci/conga_ssl/SSLClient.h    2007/09/11 16:04:32     1.3
+++ conga/luci/conga_ssl/SSLClient.h    2007/09/13 14:48:01     1.4
@@ -48,7 +48,7 @@
   bool connect(unsigned int timeout);
 
   String send(const String& msg, unsigned int timeout);
-  String recv(unsigned int timeout);
+  String recv(unsigned int timeout, size_t& buflen);
 
 
   bool peer_has_cert();
--- conga/luci/conga_ssl/conga_ssl_lib.cpp      2007/09/11 16:04:32     1.5
+++ conga/luci/conga_ssl/conga_ssl_lib.cpp      2007/09/13 14:48:01     1.6
@@ -239,25 +239,26 @@
                        int beg = int(time_sec());
                        String xml_in;
                        while (true) {
+                               size_t buflen;
                                String ret;
                                if (int(time_sec()) > beg + timeout)
                                        throw String("timeout");
                                else {
-                                       ret = iter->second->recv(400);
+                                       ret = iter->second->recv(400, buflen);
                                        if (ret == "")
                                                continue;
                                        xml_in += ret;
                                }
 
-                               int start = xml_in.length() - 1;
-                               while (start > 0 && xml_in[start] == '\n' || 
xml_in[start] == '\r')
-                                       start--;
-                               start += 2;
-                               if ((ret.substr(0, 6) == "<?xml " && 
xml_in.substr(start - sizeof("/>"), sizeof("/>") - 1) == "/>") ||
-                                       xml_in.substr(start - 
sizeof("</ricci>"), sizeof("</ricci>") - 1) == "</ricci>")
+                               if (ret.size() < buflen)
                                {
                                        resp = xml_in;
-                                       break;
+                                       try {
+                                               parseXML(xml_in);
+                                               break;
+                                       } catch (...) {
+                                               continue;
+                                       }
                                }
                        }
                }

[Cluster-devel] conga/luci/conga_ssl SSLClient.cpp SSLClient.h ...

Reply via email to