summaryrefslogtreecommitdiff
path: root/lib/pingpong.c
diff options
context:
space:
mode:
authorJulien Chaffraix <julien.chaffraix@gmail.com>2010-11-13 12:01:33 -0800
committerJulien Chaffraix <julien.chaffraix@gmail.com>2010-11-13 14:12:43 -0800
commit8d59d69449c2a86c478699a50d920541aa106201 (patch)
tree15ef9751b2d92dbd511c95d22d70ca61bdeec674 /lib/pingpong.c
parent465865c3cb316907ca1c1ea813cf426a2366dce4 (diff)
downloadcurl-8d59d69449c2a86c478699a50d920541aa106201.tar.gz
security: tighten enum protection_level usage.
While changing Curl_sec_read_msg to accept an enum protection_level instead of an int, I went ahead and fixed the usage of the associated fields. Some code was assuming that prot_clear == 0. Fixed those to use the proper value. Added assertions prior to any code that would set the protection level.
Diffstat (limited to 'lib/pingpong.c')
-rw-r--r--lib/pingpong.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/pingpong.c b/lib/pingpong.c
index bced110ed..01f850677 100644
--- a/lib/pingpong.c
+++ b/lib/pingpong.c
@@ -217,11 +217,13 @@ CURLcode Curl_pp_vsendf(struct pingpong *pp,
#endif /* CURL_DOES_CONVERSIONS */
#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+ DEBUGASSERT(prot_cmd > prot_none && prot_cmd < prot_last);
conn->data_prot = prot_cmd;
#endif
res = Curl_write(conn, conn->sock[FIRSTSOCKET], sptr, write_len,
&bytes_written);
#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+ DEBUGASSERT(data_sec > prot_none && data_sec < prot_last);
conn->data_prot = data_sec;
#endif
@@ -331,13 +333,13 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd,
int res;
#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
enum protection_level prot = conn->data_prot;
-
- conn->data_prot = 0;
+ conn->data_prot = prot_clear;
#endif
DEBUGASSERT((ptr+BUFSIZE-pp->nread_resp) <= (buf+BUFSIZE+1));
res = Curl_read(conn, sockfd, ptr, BUFSIZE-pp->nread_resp,
&gotbytes);
#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+ DEBUGASSERT(prot > prot_none && prot < prot_last);
conn->data_prot = prot;
#endif
if(res == CURLE_AGAIN)