Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Return -1 on error from all configuration functions, never exit()

Browse Source 
And use all those return values.

Since we support include files now, we should be able to report in which
include file the error has occured. This is not possible if functions
just bail out calling exit(), because the user has to scroll back stderr
lines to find which include file has failed loading (a line starting
with 'Conf: ').

Plus, calling exit() on errors reduces unit testability of functions.

Also, handle all possible out of memory conditions in opts.c.
pull/48/head
Soner Tari 3 years ago
parent c38c065923
commit 206734e4b6
4 changed files with 813 additions and 549 deletions
Show Stats Download Patch File Download Diff File

145
src/main.c
Unescape Escape View File

@ -355,6 +355,18 @@ main_check_opts(opts_t *opts, const char *argv0)
}
}
/*
* Handle out of memory conditions in early stages of main().
* Print error message and exit with failure status code.
* Does not return.
*/
static void NONNULL(1) NORET
oom_die(const char *argv0)
{
fprintf(stderr, "%s: out of memory\n", argv0);
exit(EXIT_FAILURE);
}
/*
* Main entry point.
*/
@ -389,40 +401,40 @@ main(int argc, char *argv[])
"dD::VhW:w:q:f:o:X:Y:y:JnQ")) != -1) {
switch (ch) {
case 'f':
if (global->conffile)
free(global->conffile);
global->conffile = strdup(optarg);
if (!global->conffile)
oom_die(argv0);
if (global_load_conffile(global, argv0, &natengine, tmp_global_opts) == -1) {
if (global_load_conffile(global, argv0, optarg, &natengine, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
}
break;
case 'o':
if (global_set_option(global, argv0, optarg, &natengine, tmp_global_opts) == -1) {
if (global_set_option(global, argv0, optarg, &natengine, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
}
break;
case 'c':
opts_set_cacrt(global->opts, argv0, optarg, tmp_global_opts);
if (opts_set_cacrt(global->opts, argv0, optarg, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
break;
case 'k':
opts_set_cakey(global->opts, argv0, optarg, tmp_global_opts);
if (opts_set_cakey(global->opts, argv0, optarg, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
break;
case 'C':
opts_set_chain(global->opts, argv0, optarg, tmp_global_opts);
if (opts_set_chain(global->opts, argv0, optarg, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
break;
case 'K':
global_set_leafkey(global, argv0, optarg);
if (global_set_leafkey(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 't':
global_set_leafcertdir(global, argv0, optarg);
if (global_set_leafcertdir(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'A':
global_set_defaultleafcert(global, argv0, optarg);
if (global_set_defaultleafcert(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'q':
opts_set_leafcrlurl(global->opts, optarg, tmp_global_opts);
if (opts_set_leafcrlurl(global->opts, argv0, optarg, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
break;
case 'O':
opts_set_deny_ocsp(global->opts);
@ -431,19 +443,23 @@ main(int argc, char *argv[])
opts_set_passthrough(global->opts);
break;
case 'a':
opts_set_clientcrt(global->opts, argv0, optarg, tmp_global_opts);
if (opts_set_clientcrt(global->opts, argv0, optarg, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
break;
case 'b':
opts_set_clientkey(global->opts, argv0, optarg, tmp_global_opts);
if (opts_set_clientkey(global->opts, argv0, optarg, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
break;
#ifndef OPENSSL_NO_DH
case 'g':
opts_set_dh(global->opts, argv0, optarg, tmp_global_opts);
if (opts_set_dh(global->opts, argv0, optarg, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
break;
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
case 'G':
opts_set_ecdhcurve(global->opts, argv0, optarg);
if (opts_set_ecdhcurve(global->opts, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
#endif /* !OPENSSL_NO_ECDH */
#ifdef SSL_OP_NO_COMPRESSION
@ -452,20 +468,25 @@ main(int argc, char *argv[])
break;
#endif /* SSL_OP_NO_COMPRESSION */
case 's':
opts_set_ciphers(global->opts, argv0, optarg);
if (opts_set_ciphers(global->opts, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'U':
opts_set_ciphersuites(global->opts, argv0, optarg);
if (opts_set_ciphersuites(global->opts, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'r':
opts_force_proto(global->opts, argv0, optarg);
if (opts_force_proto(global->opts, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'R':
opts_disable_proto(global->opts, argv0, optarg);
if (opts_disable_proto(global->opts, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
#ifndef OPENSSL_NO_ENGINE
case 'x':
global_set_openssl_engine(global, argv0, optarg);
if (global_set_openssl_engine(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
#endif /* !OPENSSL_NO_ENGINE */
case 'e':
@ -480,54 +501,69 @@ main(int argc, char *argv[])
exit(EXIT_SUCCESS);
break;
case 'u':
global_set_user(global, argv0, optarg);
if (global_set_user(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'm':
global_set_group(global, argv0, optarg);
if (global_set_group(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'p':
global_set_pidfile(global, argv0, optarg);
if (global_set_pidfile(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'j':
global_set_jaildir(global, argv0, optarg);
if (global_set_jaildir(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'l':
global_set_connectlog(global, argv0, optarg);
if (global_set_connectlog(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'J':
global_set_statslog(global);
break;
case 'L':
global_set_contentlog(global, argv0, optarg);
if (global_set_contentlog(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'S':
global_set_contentlogdir(global, argv0, optarg);
if (global_set_contentlogdir(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'F':
global_set_contentlogpathspec(global, argv0, optarg);
if (global_set_contentlogpathspec(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'X':
global_set_pcaplog(global, argv0, optarg);
if (global_set_pcaplog(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'Y':
global_set_pcaplogdir(global, argv0, optarg);
if (global_set_pcaplogdir(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'y':
global_set_pcaplogpathspec(global, argv0, optarg);
if (global_set_pcaplogpathspec(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
#ifndef WITHOUT_MIRROR
case 'I':
global_set_mirrorif(global, argv0, optarg);
if (global_set_mirrorif(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'T':
global_set_mirrortarget(global, argv0, optarg);
if (global_set_mirrortarget(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
#endif /* !WITHOUT_MIRROR */
case 'W':
global_set_certgendir_writeall(global, argv0, optarg);
if (global_set_certgendir_writeall(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'w':
global_set_certgendir_writegencerts(global, argv0, optarg);
if (global_set_certgendir_writegencerts(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
#ifdef HAVE_LOCAL_PROCINFO
case 'i':
@ -535,7 +571,8 @@ main(int argc, char *argv[])
break;
#endif /* HAVE_LOCAL_PROCINFO */
case 'M':
global_set_masterkeylog(global, argv0, optarg);
if (global_set_masterkeylog(global, argv0, optarg) == -1)
exit(EXIT_FAILURE);
break;
case 'd':
global_set_daemon(global);
@ -543,7 +580,8 @@ main(int argc, char *argv[])
case 'D':
global_set_debug(global);
if (optarg) {
global_set_debug_level(optarg);
if (global_set_debug_level(optarg) == -1)
exit(EXIT_FAILURE);
}
break;
case 'n':
@ -568,7 +606,8 @@ main(int argc, char *argv[])
}
argc -= optind;
argv += optind;
proxyspec_parse(&argc, &argv, natengine, global, argv0, tmp_global_opts);
if (proxyspec_parse(&argc, &argv, natengine, global, argv0, tmp_global_opts) == -1)
exit(EXIT_FAILURE);
// We don't need the tmp opts used to clone global opts into proxyspecs anymore
tmp_global_opts_free(tmp_global_opts);
@ -577,10 +616,8 @@ main(int argc, char *argv[])
for (proxyspec_t *spec = global->spec; spec; spec = spec->next) {
if (spec->opts->filter_rules) {
spec->opts->filter = opts_set_filter(spec->opts->filter_rules);
if (!spec->opts->filter) {
fprintf(stderr, "%s: out of memory\n", argv0);
exit(EXIT_FAILURE);
}
if (!spec->opts->filter)
oom_die(argv0);
}
}
@ -830,20 +867,18 @@ main(int argc, char *argv[])
/* debug log, part 2 */
if (OPTS_DEBUG(global)) {
char *s = opts_proto_dbg_dump(global->opts);
if (!s) {
fprintf(stderr, "%s: out of memory\n", argv0);
exit(EXIT_FAILURE);
}
if (!s)
oom_die(argv0);
log_dbg_printf("Global %s\n", s);
free(s);
log_dbg_printf("proxyspecs:\n");
for (proxyspec_t *spec = global->spec; spec; spec = spec->next) {
char *specstr = proxyspec_str(spec);
if (!specstr) {
fprintf(stderr, "%s: out of memory\n", argv0);
exit(EXIT_FAILURE);
}
if (!specstr)
oom_die(argv0);
log_dbg_printf("- %s\n", specstr);
free(specstr);
}

1039
src/opts.c
View File

File diff suppressed because it is too large Load Diff

94
src/opts.h
Unescape Escape View File

@ -378,42 +378,41 @@ typedef struct userdbkeys {
} userdbkeys_t;
#endif /* !WITHOUT_USERAUTH */
void NORET oom_die(const char *) NONNULL(1);
cert_t *opts_load_cert_chain_key(const char *) NONNULL(1);
void opts_unset_divert(opts_t *) NONNULL(1);
void proxyspec_free(proxyspec_t *);
proxyspec_t *proxyspec_new(global_t *, const char *, tmp_global_opts_t *);
void proxyspec_set_proto(proxyspec_t *, const char *);
void proxyspec_parse(int *, char **[], const char *, global_t *, const char *, tmp_global_opts_t *);
char *proxyspec_str(proxyspec_t *) NONNULL(1) MALLOC;
proxyspec_t *proxyspec_new(global_t *, const char *, tmp_global_opts_t *) MALLOC WUNRES;
int proxyspec_set_proto(proxyspec_t *, const char *) NONNULL(1,2) WUNRES;
int proxyspec_parse(int *, char **[], const char *, global_t *, const char *, tmp_global_opts_t *) WUNRES;
char *proxyspec_str(proxyspec_t *) NONNULL(1) MALLOC WUNRES;
opts_t *opts_new(void) MALLOC;
opts_t *opts_new(void) MALLOC WUNRES;
void opts_free(opts_t *) NONNULL(1);
void opts_free_filter_rules(opts_t *) NONNULL(1);
char *filter_rule_str(filter_rule_t *);
char *opts_proto_dbg_dump(opts_t *) NONNULL(1);
void opts_set_cacrt(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3);
void opts_set_cakey(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3);
void opts_set_chain(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3);
void opts_set_leafcrlurl(opts_t *, const char *, tmp_global_opts_t *) NONNULL(1,2);
int opts_set_cacrt(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3) WUNRES;
int opts_set_cakey(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3) WUNRES;
int opts_set_chain(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3) WUNRES;
int opts_set_leafcrlurl(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3) WUNRES;
void opts_set_deny_ocsp(opts_t *) NONNULL(1);
void opts_set_passthrough(opts_t *) NONNULL(1);
void opts_set_clientcrt(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3);
void opts_set_clientkey(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3);
int opts_set_clientcrt(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3) WUNRES;
int opts_set_clientkey(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3) WUNRES;
#ifndef OPENSSL_NO_DH
void opts_set_dh(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3);
int opts_set_dh(opts_t *, const char *, const char *, tmp_global_opts_t *) NONNULL(1,2,3) WUNRES;
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
void opts_set_ecdhcurve(opts_t *, const char *, const char *) NONNULL(1,2,3);
int opts_set_ecdhcurve(opts_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
#endif /* !OPENSSL_NO_ECDH */
void opts_unset_sslcomp(opts_t *) NONNULL(1);
void opts_force_proto(opts_t *, const char *, const char *) NONNULL(1,2,3);
void opts_disable_proto(opts_t *, const char *, const char *) NONNULL(1,2,3);
void opts_set_ciphers(opts_t *, const char *, const char *) NONNULL(1,2,3);
void opts_set_ciphersuites(opts_t *, const char *, const char *) NONNULL(1,2,3);
void opts_set_passsite(opts_t *, char *, int);
int opts_force_proto(opts_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int opts_disable_proto(opts_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int opts_set_ciphers(opts_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int opts_set_ciphersuites(opts_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int opts_set_passsite(opts_t *, char *, int) WUNRES;
filter_ip_t *opts_find_ip(filter_ip_t *, char *) NONNULL(2);
#ifndef WITHOUT_USERAUTH
@ -431,47 +430,40 @@ int global_has_ssl_spec(global_t *) NONNULL(1) WUNRES;
int global_has_dns_spec(global_t *) NONNULL(1) WUNRES;
int global_has_userauth_spec(global_t *) NONNULL(1) WUNRES;
int global_has_cakey_spec(global_t *) NONNULL(1) WUNRES;
void global_set_user(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_group(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_jaildir(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_pidfile(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_connectlog(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_contentlog(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_contentlogdir(global_t *, const char *, const char *)
NONNULL(1,2,3);
void global_set_contentlogpathspec(global_t *, const char *, const char *)
NONNULL(1,2,3);
int global_set_user(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_group(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_jaildir(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_pidfile(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_connectlog(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_contentlog(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_contentlogdir(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_contentlogpathspec(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
#ifdef HAVE_LOCAL_PROCINFO
void global_set_lprocinfo(global_t *) NONNULL(1);
#endif /* HAVE_LOCAL_PROCINFO */
void global_set_masterkeylog(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_pcaplog(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_pcaplogdir(global_t *, const char *, const char *)
NONNULL(1,2,3);
void global_set_pcaplogpathspec(global_t *, const char *, const char *)
NONNULL(1,2,3);
int global_set_masterkeylog(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_pcaplog(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_pcaplogdir(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_pcaplogpathspec(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
#ifndef WITHOUT_MIRROR
void global_set_mirrorif(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_mirrortarget(global_t *, const char *, const char *) NONNULL(1,2,3);
int global_set_mirrorif(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_mirrortarget(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
#endif /* !WITHOUT_MIRROR */
void global_set_daemon(global_t *) NONNULL(1);
void global_set_debug(global_t *) NONNULL(1);
void global_set_debug_level(const char *) NONNULL(1);
int global_set_debug_level(const char *) NONNULL(1) WUNRES;
void global_set_statslog(global_t *) NONNULL(1);
int is_yesno(const char *);
int get_name_value(char **, char **, const char, int);
int global_set_option(global_t *, const char *, const char *, char **, tmp_global_opts_t *) NONNULL(1,2,3,5);
void global_set_leafkey(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_leafcertdir(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_defaultleafcert(global_t *, const char *, const char *) NONNULL(1,2,3);
void global_set_certgendir_writeall(global_t *, const char *, const char *)
NONNULL(1,2,3);
void global_set_certgendir_writegencerts(global_t *, const char *, const char *)
NONNULL(1,2,3);
void global_set_openssl_engine(global_t *, const char *, const char *)
NONNULL(1,2,3);
int global_load_conffile(global_t *, const char *, char **, tmp_global_opts_t *) NONNULL(1,2,4);
int is_yesno(const char *) WUNRES;
int get_name_value(char **, char **, const char, int) WUNRES;
int global_set_option(global_t *, const char *, const char *, char **, tmp_global_opts_t *) NONNULL(1,2,3,5) WUNRES;
int global_set_leafkey(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_leafcertdir(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_defaultleafcert(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_certgendir_writeall(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_certgendir_writegencerts(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_set_openssl_engine(global_t *, const char *, const char *) NONNULL(1,2,3) WUNRES;
int global_load_conffile(global_t *, const char *, const char *, char **, tmp_global_opts_t *) NONNULL(1,2,4) WUNRES;
#endif /* !OPTS_H */
/* vim: set noet ft=c: */

84
tests/check/opts.t.c
Unescape Escape View File

@ -102,7 +102,7 @@ START_TEST(proxyspec_parse_01)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -133,7 +133,7 @@ START_TEST(proxyspec_parse_02)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -164,9 +164,11 @@ START_TEST(proxyspec_parse_03)
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
close(2);
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
global_free(global);
tmp_global_opts_free(tmp_global_opts);
if (rv == -1)
exit(EXIT_FAILURE);
}
END_TEST
@ -180,9 +182,11 @@ START_TEST(proxyspec_parse_04)
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
close(2);
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
global_free(global);
tmp_global_opts_free(tmp_global_opts);
if (rv == -1)
exit(EXIT_FAILURE);
}
END_TEST
@ -196,7 +200,7 @@ START_TEST(proxyspec_parse_05)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(!spec->ssl, "SSL");
@ -226,7 +230,7 @@ START_TEST(proxyspec_parse_06)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -256,7 +260,7 @@ START_TEST(proxyspec_parse_07)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(!spec->ssl, "SSL");
@ -286,7 +290,7 @@ START_TEST(proxyspec_parse_08)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -315,9 +319,11 @@ START_TEST(proxyspec_parse_09)
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
close(2);
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
global_free(global);
tmp_global_opts_free(tmp_global_opts);
if (rv == -1)
exit(EXIT_FAILURE);
}
END_TEST
@ -331,9 +337,11 @@ START_TEST(proxyspec_parse_10)
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
close(2);
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
global_free(global);
tmp_global_opts_free(tmp_global_opts);
if (rv == -1)
exit(EXIT_FAILURE);
}
END_TEST
@ -347,7 +355,7 @@ START_TEST(proxyspec_parse_11)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -377,9 +385,11 @@ START_TEST(proxyspec_parse_12)
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
close(2);
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
global_free(global);
tmp_global_opts_free(tmp_global_opts);
if (rv == -1)
exit(EXIT_FAILURE);
}
END_TEST
@ -394,7 +404,7 @@ START_TEST(proxyspec_parse_13)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -435,7 +445,7 @@ START_TEST(proxyspec_parse_14)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -478,7 +488,7 @@ START_TEST(proxyspec_parse_15)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(!spec->ssl, "SSL");
@ -507,7 +517,7 @@ START_TEST(proxyspec_parse_16)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(spec->ssl, "not SSL");
@ -548,9 +558,11 @@ START_TEST(proxyspec_parse_17)
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
close(2);
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
global_free(global);
tmp_global_opts_free(tmp_global_opts);
if (rv == -1)
exit(EXIT_FAILURE);
}
END_TEST
@ -564,7 +576,7 @@ START_TEST(proxyspec_parse_18)
tmp_global_opts_t *tmp_global_opts = malloc(sizeof(tmp_global_opts_t));
memset(tmp_global_opts, 0, sizeof(tmp_global_opts_t));
proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
UNUSED int rv = proxyspec_parse(&argc, &argv, NATENGINE, global, "sslproxy", tmp_global_opts);
spec = global->spec;
fail_unless(!!spec, "failed to parse spec");
fail_unless(!spec->ssl, "SSL");
@ -599,63 +611,63 @@ START_TEST(proxyspec_set_proto_01)
global_t *global = global_new();
proxyspec_t *spec = proxyspec_new(global, "sslproxy", NULL);
proxyspec_set_proto(spec, "tcp");
UNUSED int rv = proxyspec_set_proto(spec, "tcp");
fail_unless(!spec->ssl, "ssl set in tcp spec");
fail_unless(!spec->http, "http set in tcp spec");
fail_unless(!spec->upgrade, "upgrade set in tcp spec");
fail_unless(!spec->pop3, "pop3 set in tcp spec");
fail_unless(!spec->smtp, "smtp set in tcp spec");
proxyspec_set_proto(spec, "ssl");
rv = proxyspec_set_proto(spec, "ssl");
fail_unless(spec->ssl, "ssl not set in ssl spec");
fail_unless(!spec->http, "http set in ssl spec");
fail_unless(!spec->upgrade, "upgrade set in ssl spec");
fail_unless(!spec->pop3, "pop3 set in ssl spec");
fail_unless(!spec->smtp, "smtp set in ssl spec");
proxyspec_set_proto(spec, "http");
rv = proxyspec_set_proto(spec, "http");
fail_unless(!spec->ssl, "ssl set in http spec");
fail_unless(spec->http, "http not set in http spec");
fail_unless(!spec->upgrade, "upgrade set in http spec");
fail_unless(!spec->pop3, "pop3 set in http spec");
fail_unless(!spec->smtp, "smtp set in http spec");
proxyspec_set_proto(spec, "https");
rv = proxyspec_set_proto(spec, "https");
fail_unless(spec->ssl, "ssl not set in https spec");
fail_unless(spec->http, "http not set in https spec");
fail_unless(!spec->upgrade, "upgrade set in https spec");
fail_unless(!spec->pop3, "pop3 set in https spec");
fail_unless(!spec->smtp, "smtp set in https spec");
proxyspec_set_proto(spec, "autossl");
rv = proxyspec_set_proto(spec, "autossl");
fail_unless(!spec->ssl, "ssl set in autossl spec");
fail_unless(!spec->http, "http set in autossl spec");
fail_unless(spec->upgrade, "upgrade not set in autossl spec");
fail_unless(!spec->pop3, "pop3 set in autossl spec");
fail_unless(!spec->smtp, "smtp set in autossl spec");
proxyspec_set_proto(spec, "pop3");
rv = proxyspec_set_proto(spec, "pop3");
fail_unless(!spec->ssl, "ssl set in pop3 spec");
fail_unless(!spec->http, "http set in pop3 spec");
fail_unless(!spec->upgrade, "upgrade set in pop3 spec");
fail_unless(spec->pop3, "pop3 not set in pop3 spec");
fail_unless(!spec->smtp, "smtp set in pop3 spec");
proxyspec_set_proto(spec, "pop3s");
rv = proxyspec_set_proto(spec, "pop3s");
fail_unless(spec->ssl, "ssl not set in pop3s spec");
fail_unless(!spec->http, "http set in pop3s spec");
fail_unless(!spec->upgrade, "upgrade set in pop3s spec");
fail_unless(spec->pop3, "pop3 not set in pop3s spec");
fail_unless(!spec->smtp, "smtp set in pop3s spec");
proxyspec_set_proto(spec, "smtp");
rv = proxyspec_set_proto(spec, "smtp");
fail_unless(!spec->ssl, "ssl set in smtp spec");
fail_unless(!spec->http, "http set in smtp spec");
fail_unless(!spec->upgrade, "upgrade set in smtp spec");
fail_unless(!spec->pop3, "pop3 set in smtp spec");
fail_unless(spec->smtp, "smtp not set in smtp spec");
proxyspec_set_proto(spec, "smtps");
rv = proxyspec_set_proto(spec, "smtps");
fail_unless(spec->ssl, "ssl not set in smtps spec");
fail_unless(!spec->http, "http set in smtps spec");
fail_unless(!spec->upgrade, "upgrade set in smtps spec");
@ -686,7 +698,7 @@ START_TEST(opts_set_passsite_01)
opts_t *opts = opts_new();
char *s = strdup("example.com");
opts_set_passsite(opts, s, 0);
UNUSED int rv = opts_set_passsite(opts, s, 0);
free(s);
fail_unless(!strcmp(opts->filter_rules->site, "example.com"), "site not example.com");
@ -716,7 +728,7 @@ START_TEST(opts_set_passsite_02)
opts_t *opts = opts_new();
char *s = strdup("example.com 192.168.0.1");
opts_set_passsite(opts, s, 0);
UNUSED int rv = opts_set_passsite(opts, s, 0);
free(s);
fail_unless(!strcmp(opts->filter_rules->site, "example.com"), "site not example.com");
@ -749,7 +761,7 @@ START_TEST(opts_set_passsite_03)
opts->user_auth = 1;
char *s = strdup("example.com root");
opts_set_passsite(opts, s, 0);
UNUSED int rv = opts_set_passsite(opts, s, 0);
free(s);
fail_unless(!strcmp(opts->filter_rules->site, "example.com"), "site not example.com");
@ -775,7 +787,7 @@ START_TEST(opts_set_passsite_04)
opts->user_auth = 1;
char *s = strdup("*.google.com * android");
opts_set_passsite(opts, s, 0);
UNUSED int rv = opts_set_passsite(opts, s, 0);
free(s);
fail_unless(!strcmp(opts->filter_rules->site, "*.google.com"), "site not *.google.com");
@ -803,18 +815,18 @@ START_TEST(opts_set_passsite_05)
// Dup string using strdup(), otherwise strtok_r() in opts_set_passsite() will cause segmentation fault
s = strdup("example.com");
opts_set_passsite(opts, s, 0);
UNUSED int rv = opts_set_passsite(opts, s, 0);
free(s);
fail_unless(!opts->filter_rules->next, "next set");
s = strdup("example.com *");
opts_set_passsite(opts, s, 1);
rv = opts_set_passsite(opts, s, 1);
free(s);
fail_unless(opts->filter_rules->next, "next not set");
fail_unless(!opts->filter_rules->next->next, "next->next set");
s = strdup("example.com 192.168.0.1");
opts_set_passsite(opts, s, 2);
rv = opts_set_passsite(opts, s, 2);
free(s);
fail_unless(opts->filter_rules->next, "next not set");
fail_unless(opts->filter_rules->next->next, "next->next not set");
@ -824,7 +836,7 @@ START_TEST(opts_set_passsite_05)
opts->user_auth = 1;
// Use root user, opts_set_passsite() calls sys_isuser() to validate the user
s = strdup("example.com root");
opts_set_passsite(opts, s, 3);
rv = opts_set_passsite(opts, s, 3);
free(s);
fail_unless(opts->filter_rules->next, "next not set");
fail_unless(opts->filter_rules->next->next, "next->next not set");
@ -832,7 +844,7 @@ START_TEST(opts_set_passsite_05)
fail_unless(!opts->filter_rules->next->next->next->next, "next->next->next->next set");
s = strdup("*.google.com * android");
opts_set_passsite(opts, s, 4);
rv = opts_set_passsite(opts, s, 4);
free(s);
#endif /* !WITHOUT_USERAUTH */
ps = filter_rule_str(opts->filter_rules);

Write Preview
Loading…
Cancel
Save