summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2016-04-18 16:24:34 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2016-04-18 16:25:34 +0200
commit981d9fd34f9d5ce08e748ad33429489bb13ed90f (patch)
tree529a108bf789df8932f24e10e07ff73cc7bd22cc /src
parentbd819ee7ec69670028c3e118058f77ad104bd809 (diff)
downloadgnutls-981d9fd34f9d5ce08e748ad33429489bb13ed90f.tar.gz
tools: avoid relying on static buffers for service name
Diffstat (limited to 'src')
-rw-r--r--src/cli-debug.c6
-rw-r--r--src/cli.c8
-rw-r--r--src/danetool-args.def6
-rw-r--r--src/danetool.c6
4 files changed, 15 insertions, 11 deletions
diff --git a/src/cli-debug.c b/src/cli-debug.c
index 31e03c31d0..0c2e31226f 100644
--- a/src/cli-debug.c
+++ b/src/cli-debug.c
@@ -192,7 +192,7 @@ int main(int argc, char **argv)
gnutls_session_t state;
char portname[6];
socket_st hd;
- const char *app_proto = NULL;
+ char app_proto[32] = "";
cmd_parser(argc, argv);
@@ -236,11 +236,11 @@ int main(int argc, char **argv)
#endif
if (HAVE_OPT(APP_PROTO)) {
- app_proto = OPT_ARG(APP_PROTO);
+ snprintf(app_proto, sizeof(app_proto), "%s", OPT_ARG(APP_PROTO));
}
if (app_proto == NULL) {
- app_proto = port_to_service(portname, "tcp");
+ snprintf(app_proto, sizeof(app_proto), "%s", port_to_service(portname, "tcp"));
}
sockets_init();
diff --git a/src/cli.c b/src/cli.c
index a316594d6a..8d74afed01 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -73,7 +73,7 @@
int resume, starttls, insecure, ranges, rehandshake, udp, mtu,
inline_commands;
const char *hostname = NULL;
-const char *service = NULL;
+char service[32]="";
int record_max_size;
int fingerprint;
int crlf;
@@ -1533,12 +1533,12 @@ static void cmd_parser(int argc, char **argv)
mtu = OPT_VALUE_MTU;
if (HAVE_OPT(PORT)) {
- service = OPT_ARG(PORT);
+ snprintf(service, sizeof(service), "%s", OPT_ARG(PORT));
} else {
if (HAVE_OPT(STARTTLS_PROTO))
- service = starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO));
+ snprintf(service, sizeof(service), "%s", starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO)));
else
- service = "443";
+ strcpy(service, "443");
}
record_max_size = OPT_VALUE_RECORDSIZE;
diff --git a/src/danetool-args.def b/src/danetool-args.def
index b31e298a26..74b1d00de9 100644
--- a/src/danetool-args.def
+++ b/src/danetool-args.def
@@ -215,9 +215,13 @@ To read a server's DANE TLSA entry, use:
$ danetool --check www.example.com --proto tcp --port 443
@end example
-To verify a server's DANE TLSA entry, use:
+To verify an HTTPS server's DANE TLSA entry, use:
@example
$ danetool --check www.example.com --proto tcp --port 443 --load-certificate chain.pem
+
+To verify an SMTP server's DANE TLSA entry, use:
+@example
+$ danetool --check www.example.com --proto tcp --starttls-proto=smtp --load-certificate chain.pem
@end example
_EOT_;
};
diff --git a/src/danetool.c b/src/danetool.c
index bea7bcf741..b05c49b78c 100644
--- a/src/danetool.c
+++ b/src/danetool.c
@@ -90,7 +90,7 @@ static void cmd_parser(int argc, char **argv)
int ret, privkey_op = 0;
common_info_st cinfo;
const char *proto = "tcp";
- const char *service = "443";
+ char service[32] = "443";
optionProcess(&danetoolOptions, argc, argv);
@@ -159,10 +159,10 @@ static void cmd_parser(int argc, char **argv)
cinfo.cert = OPT_ARG(LOAD_CERTIFICATE);
if (HAVE_OPT(PORT)) {
- service = OPT_ARG(PORT);
+ snprintf(service, sizeof(service), "%s", OPT_ARG(PORT));
} else {
if (HAVE_OPT(STARTTLS_PROTO))
- service = starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO));
+ snprintf(service, sizeof(service), "%s", starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO)));
}
if (HAVE_OPT(PROTO))
View Lorry Controller Status