Bug Summary

File:doc/examples/ex-serv-x509.c
Location:line 135, column 44
Description:Pass-by-value argument in function call is undefined

Annotated Source Code

1/* This example code is placed in the public domain. */
2
3#ifdef HAVE_CONFIG_H1
4#include <config.h>
5#endif
6
7#include <stdio.h>
8#include <stdlib.h>
9#include <errno(*__errno_location ()).h>
10#include <sys/types.h>
11#include <sys/socket.h>
12#include <arpa/inet.h>
13#include <netinet/in.h>
14#include <string.h>
15#include <unistd.h>
16#include <gnutls/gnutls.h>
17
18#define KEYFILE"key.pem" "key.pem"
19#define CERTFILE"cert.pem" "cert.pem"
20#define CAFILE"ca.pem" "ca.pem"
21#define CRLFILE"crl.pem" "crl.pem"
22
23/* This is a sample TLS 1.0 echo server, using X.509 authentication.
24 */
25
26#define MAX_BUF1024 1024
27#define PORT5556 5556 /* listen to 5556 port */
28
29/* These are global */
30gnutls_certificate_credentials_t x509_cred;
31gnutls_priority_t priority_cache;
32
33static gnutls_session_t
34initialize_tls_session (void)
35{
36 gnutls_session_t session;
37
38 gnutls_init (&session, GNUTLS_SERVER1);
39
40 gnutls_priority_set (session, priority_cache);
41
42 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred);
43
44 /* We don't request any certificate from the client.
45 * If we did we would need to verify it.
46 */
47 gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE);
48
49 return session;
50}
51
52static gnutls_dh_params_t dh_params;
53
54static int
55generate_dh_params (void)
56{
57 int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LOW);
58
59 /* Generate Diffie-Hellman parameters - for use with DHE
60 * kx algorithms. When short bit length is used, it might
61 * be wise to regenerate parameters often.
62 */
63 gnutls_dh_params_init (&dh_params);
64 gnutls_dh_params_generate2 (dh_params, bits);
65
66 return 0;
67}
68
69int
70main (void)
71{
72 int listen_sd;
73 int sd, ret;
74 struct sockaddr_in sa_serv;
75 struct sockaddr_in sa_cli;
76 int client_len;
77 char topbuf[512];
78 gnutls_session_t session;
79 char buffer[MAX_BUF1024 + 1];
80 int optval = 1;
81
82 /* this must be called once in the program
83 */
84 gnutls_global_init ();
85
86 gnutls_certificate_allocate_credentials (&x509_cred);
87 gnutls_certificate_set_x509_trust_file (x509_cred, CAFILE"ca.pem",
88 GNUTLS_X509_FMT_PEM);
89
90 gnutls_certificate_set_x509_crl_file (x509_cred, CRLFILE"crl.pem",
91 GNUTLS_X509_FMT_PEM);
92
93 ret = gnutls_certificate_set_x509_key_file (x509_cred, CERTFILE"cert.pem", KEYFILE"key.pem",
94 GNUTLS_X509_FMT_PEM);
95 if (ret < 0)
1
Taking false branch
96 {
97 printf("No certificate or key were found\n");
98 exit(1);
99 }
100
101 generate_dh_params ();
102
103 gnutls_priority_init (&priority_cache, "PERFORMANCE:%SERVER_PRECEDENCE", NULL((void*)0));
104
105
106 gnutls_certificate_set_dh_params (x509_cred, dh_params);
107
108 /* Socket operations
109 */
110 listen_sd = socket (AF_INET2, SOCK_STREAMSOCK_STREAM, 0);
111
112 memset (&sa_serv, '\0', sizeof (sa_serv));
113 sa_serv.sin_family = AF_INET2;
114 sa_serv.sin_addr.s_addr = INADDR_ANY((in_addr_t) 0x00000000);
115 sa_serv.sin_port = htons (PORT5556); /* Server Port number */
116
117 setsockopt (listen_sd, SOL_SOCKET1, SO_REUSEADDR2, (void *) &optval,
118 sizeof (int));
119
120 bind (listen_sd, (struct sockaddr *) & sa_serv, sizeof (sa_serv));
121
122 listen (listen_sd, 1024);
123
124 printf ("Server ready. Listening to port '%d'.\n\n", PORT5556);
125
126 client_len = sizeof (sa_cli);
127 for (;;)
2
Loop condition is true. Entering loop body
128 {
129 session = initialize_tls_session ();
130
131 sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len);
132
133 printf ("- connection from %s, port %d\n",
134 inet_ntop (AF_INET2, &sa_cli.sin_addr, topbuf,
135 sizeof (topbuf)), ntohs (sa_cli.sin_port));
3
Pass-by-value argument in function call is undefined
136
137 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
138
139 do
140 {
141 ret = gnutls_handshake (session);
142 }
143 while (gnutls_error_is_fatal (ret) == 0);
144
145 if (ret < 0)
146 {
147 close (sd);
148 gnutls_deinit (session);
149 fprintf (stderrstderr, "*** Handshake has failed (%s)\n\n",
150 gnutls_strerror (ret));
151 continue;
152 }
153 printf ("- Handshake was completed\n");
154
155 /* see the Getting peer's information example */
156 /* print_info(session); */
157
158 for (;;)
159 {
160 memset (buffer, 0, MAX_BUF1024 + 1);
161 ret = gnutls_record_recv (session, buffer, MAX_BUF1024);
162
163 if (ret == 0)
164 {
165 printf ("\n- Peer has closed the GnuTLS connection\n");
166 break;
167 }
168 else if (ret < 0)
169 {
170 fprintf (stderrstderr, "\n*** Received corrupted "
171 "data(%d). Closing the connection.\n\n", ret);
172 break;
173 }
174 else if (ret > 0)
175 {
176 /* echo data back to the client
177 */
178 gnutls_record_send (session, buffer, strlen (buffer));
179 }
180 }
181 printf ("\n");
182 /* do not wait for the peer to close the connection.
183 */
184 gnutls_bye (session, GNUTLS_SHUT_WR);
185
186 close (sd);
187 gnutls_deinit (session);
188
189 }
190 close (listen_sd);
191
192 gnutls_certificate_free_credentials (x509_cred);
193 gnutls_priority_deinit (priority_cache);
194
195 gnutls_global_deinit ();
196
197 return 0;
198
199}