GUACAMOLE-504: Don't reveal internals in sendError method.

glyptodon · Feb 9, 2018 · 0dc5306 · 0dc5306
1 parent 5aaea07
commit 0dc5306
Showing 1 changed file with 25 additions and 14 deletions.
diff --git a/guacamole-common/src/main/java/org/apache/guacamole/servlet/GuacamoleHTTPTunnelServlet.java b/guacamole-common/src/main/java/org/apache/guacamole/servlet/GuacamoleHTTPTunnelServlet.java
@@ -149,23 +149,30 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
      * @param response
      *     The HTTP response to use to send the error.
      *
-     * @param guacamoleException
-     *     The exception that caused this error.
+     * @param guacamoleStatusCode
+     *     The GuacamoleStatus code to send.
+     *
+     * @param guacamoleHttpCode
+     *     The numeric HTTP code to send.
+     *
+     * @param message
+     *     The human-readable error message to send.
      *
      * @throws ServletException
      *     If an error prevents sending of the error code.
      */
-    protected void sendError(HttpServletResponse response,
-            GuacamoleException guacamoleException)
+    protected void sendError(HttpServletResponse response, int guacamoleStatusCode,
+            int guacamoleHttpCode, String message)
             throws ServletException {
 
+
         try {
 
             // If response not committed, send error code and message
             if (!response.isCommitted()) {
-                response.addHeader("Guacamole-Status-Code", Integer.toString(guacamoleException.getStatus().getGuacamoleStatusCode()));
-                response.addHeader("Guacamole-Error-Message", guacamoleException.getMessage());
-                response.sendError(guacamoleException.getHttpStatusCode());
+                response.addHeader("Guacamole-Status-Code", Integer.toString(guacamoleStatusCode));
+                response.addHeader("Guacamole-Error-Message", message);
+                response.sendError(guacamoleHttpCode);
             }
 
         }
@@ -253,14 +260,18 @@ else if(query.startsWith(WRITE_PREFIX))
 
         // Catch any thrown guacamole exception and attempt to pass within the
         // HTTP response, logging each error appropriately.
-        catch (GuacamoleClientException e) {
-            logger.warn("HTTP tunnel request rejected: {}", e.getMessage());
-            sendError(response, e);
-        }
         catch (GuacamoleException e) {
-            logger.error("HTTP tunnel request failed: {}", e.getMessage());
-            logger.debug("Internal error in HTTP tunnel.", e);
-            sendError(response, e);
+            if (e instanceof GuacamoleClientException) {
+                logger.warn("HTTP tunnel request rejected: {}", e.getMessage());
+                sendError(response, e.getStatus().getGuacamoleStatusCode(),
+                        e.getStatus().getHttpStatusCode(), e.getMessage());
+            }
+            else {
+                logger.error("HTTP tunnel request failed: {}", e.getMessage());
+                logger.debug("Internal error in HTTP tunnel.", e);
+                sendError(response, e.getStatus().getGuacamoleStatusCode(),
+                        e.getStatus().getHttpStatusCode(), "Internal server error.");
+            }
         }
 
     }