[Git][NTPsec/ntpsec][master] Add error checking to setsockopt() calls that were missing it

Hal Murray gitlab at mg.gitlab.com
Wed Mar 20 06:13:55 UTC 2019 


Hal Murray pushed to branch master at NTPsec / ntpsec


Commits:
88a6abf0 by Matt Selsky at 2019-03-20T05:53:38Z
Add error checking to setsockopt() calls that were missing it

- - - - -


2 changed files:

- ntpd/nts_client.c
- ntpd/nts_server.c


Changes:

=====================================
ntpd/nts_client.c
=====================================
@@ -92,6 +92,7 @@ bool nts_probe(struct peer * peer) {
   SSL     *ssl;
   int      server;
   l_fp     start, finish;
+  int      err;
 
   if (NULL == client_ctx)
     return false;
@@ -106,7 +107,13 @@ bool nts_probe(struct peer * peer) {
     return false;
   }
 
-  setsockopt(server, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
+  err = setsockopt(server, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
+  if (0 > err) {
+    msyslog(LOG_ERR, "NTSc: can't setsockopt: %s", strerror(errno));
+    close(server);
+    nts_ke_probes_bad++;
+    return false;
+  }
 
   // FIXME
   // Not much error checking yet.


=====================================
ntpd/nts_server.c
=====================================
@@ -113,6 +113,7 @@ void* nts_ke_listener(void* arg) {
         uint len = sizeof(addr);
         SSL *ssl;
         l_fp start, finish;
+        int err;
 
         int client = accept(sock, &addr, &len);
         if (client < 0) {
@@ -126,7 +127,13 @@ void* nts_ke_listener(void* arg) {
         get_systime(&start);
         msyslog(LOG_INFO, "NTSs: TCP accept-ed from %s",
             sockporttoa((sockaddr_u *)&addr));
-	setsockopt(client, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
+        err = setsockopt(client, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
+        if (0 > err) {
+            msyslog(LOG_ERR, "NTSs: can't setsockopt: %s", strerror(errno));
+            close(client);
+            nts_ke_serves_bad++;
+            continue;
+        }
 
         /* For high volume servers, this should go in a new thread. */
         ssl = SSL_new(server_ctx);



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/88a6abf013e7a4412b51615fdb4a5374d16c5893

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/88a6abf013e7a4412b51615fdb4a5374d16c5893
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190320/5c9ce556/attachment-0001.html>

More information about the vc mailing list