]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
tools: avoid relying on static buffers for service name
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 18 Apr 2016 14:24:34 +0000 (16:24 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 18 Apr 2016 14:25:34 +0000 (16:25 +0200)
src/cli-debug.c
src/cli.c
src/danetool-args.def
src/danetool.c

index 31e03c31d06ba26717dd2a51044a6853a985da79..0c2e31226fd2b84de9624245fc4110af517a933b 100644 (file)
@@ -192,7 +192,7 @@ int main(int argc, char **argv)
        gnutls_session_t state;
        char portname[6];
        socket_st hd;
-       const char *app_proto = NULL;
+       char app_proto[32] = "";
 
        cmd_parser(argc, argv);
 
@@ -236,11 +236,11 @@ int main(int argc, char **argv)
 #endif
 
        if (HAVE_OPT(APP_PROTO)) {
-               app_proto = OPT_ARG(APP_PROTO);
+               snprintf(app_proto, sizeof(app_proto), "%s", OPT_ARG(APP_PROTO));
        }
 
        if (app_proto == NULL) {
-               app_proto = port_to_service(portname, "tcp");
+               snprintf(app_proto, sizeof(app_proto), "%s", port_to_service(portname, "tcp"));
        }
 
        sockets_init();
index a316594d6ae294a178e39b8416e876638984b91d..8d74afed01f3b6204c13ae61dde6c190982b566f 100644 (file)
--- a/src/cli.c
+++ b/src/cli.c
@@ -73,7 +73,7 @@
 int resume, starttls, insecure, ranges, rehandshake, udp, mtu,
     inline_commands;
 const char *hostname = NULL;
-const char *service = NULL;
+char service[32]="";
 int record_max_size;
 int fingerprint;
 int crlf;
@@ -1533,12 +1533,12 @@ static void cmd_parser(int argc, char **argv)
        mtu = OPT_VALUE_MTU;
 
        if (HAVE_OPT(PORT)) {
-               service = OPT_ARG(PORT);
+               snprintf(service, sizeof(service), "%s", OPT_ARG(PORT));
        } else {
                if (HAVE_OPT(STARTTLS_PROTO))
-                       service = starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO));
+                       snprintf(service, sizeof(service), "%s", starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO)));
                else
-                       service = "443";
+                       strcpy(service, "443");
        }
 
        record_max_size = OPT_VALUE_RECORDSIZE;
index b31e298a269756ec109be93aa7cbe289dc509761..74b1d00de9297a06d0f0b99d96187a176f5f5930 100644 (file)
@@ -215,9 +215,13 @@ To read a server's DANE TLSA entry, use:
 $ danetool --check www.example.com --proto tcp --port 443
 @end example
 
-To verify a server's DANE TLSA entry, use:
+To verify an HTTPS server's DANE TLSA entry, use:
 @example
 $ danetool --check www.example.com --proto tcp --port 443 --load-certificate chain.pem
+
+To verify an SMTP server's DANE TLSA entry, use:
+@example
+$ danetool --check www.example.com --proto tcp --starttls-proto=smtp --load-certificate chain.pem
 @end example
 _EOT_;
 };
index bea7bcf74162ce7fe3fa52921d4a6e45b4c6d644..b05c49b78ceadd1c3c896a2c8d14e169682a2125 100644 (file)
@@ -90,7 +90,7 @@ static void cmd_parser(int argc, char **argv)
        int ret, privkey_op = 0;
        common_info_st cinfo;
        const char *proto = "tcp";
-       const char *service = "443";
+       char service[32] = "443";
 
        optionProcess(&danetoolOptions, argc, argv);
 
@@ -159,10 +159,10 @@ static void cmd_parser(int argc, char **argv)
                cinfo.cert = OPT_ARG(LOAD_CERTIFICATE);
 
        if (HAVE_OPT(PORT)) {
-               service = OPT_ARG(PORT);
+               snprintf(service, sizeof(service), "%s", OPT_ARG(PORT));
        } else {
                if (HAVE_OPT(STARTTLS_PROTO))
-                       service = starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO));
+                       snprintf(service, sizeof(service), "%s", starttls_proto_to_service(OPT_ARG(STARTTLS_PROTO)));
        }
 
        if (HAVE_OPT(PROTO))