From 6d316999ff9786c9632edd61e4f4c8fd579dbae5 Mon Sep 17 00:00:00 2001 From: Paul Adelsbach Date: Fri, 24 Apr 2026 11:24:06 -0700 Subject: [PATCH] Misc fenrir fixes --- dtls/server-dtls-ipv6.c | 18 +++++++++++++++++- dtls/server-dtls-nonblocking.c | 17 +++++++++++++++++ psk/server-psk-threaded.c | 5 +++-- tls/client-tls13-resume.c | 2 +- 4 files changed, 38 insertions(+), 4 deletions(-) diff --git a/dtls/server-dtls-ipv6.c b/dtls/server-dtls-ipv6.c index 2fd9b1d0d..a154c9e90 100644 --- a/dtls/server-dtls-ipv6.c +++ b/dtls/server-dtls-ipv6.c @@ -118,6 +118,8 @@ int main(int argc, char** argv) if ((listenfd = socket(AF_INET6, SOCK_DGRAM, 0)) < 0 ) { printf("Cannot create socket.\n"); cleanup = 1; + cont = 1; + break; } printf("Socket allocated\n"); @@ -135,6 +137,8 @@ int main(int argc, char** argv) printf("Setsockopt SO_REUSEADDR failed.\n"); cleanup = 1; cont = 1; + close(listenfd); + break; } /*Bind Socket*/ @@ -142,6 +146,8 @@ int main(int argc, char** argv) printf("Bind failed.\n"); cleanup = 1; cont = 1; + close(listenfd); + break; } printf("Awaiting client connection on port %d\n", SERV_PORT); @@ -151,7 +157,8 @@ int main(int argc, char** argv) (struct sockaddr*)&cliaddr, &cliLen); if (bytesReceived < 0) { - printf("No clients in que, enter idle state\n"); + printf("No clients in queue, enter idle state\n"); + close(listenfd); continue; } else if (bytesReceived > 0) { @@ -160,12 +167,16 @@ int main(int argc, char** argv) printf("Udp connect failed.\n"); cleanup = 1; cont = 1; + close(listenfd); + break; } } else { printf("Recvfrom failed.\n"); cleanup = 1; cont = 1; + close(listenfd); + break; } printf("Connected!\n"); @@ -174,6 +185,8 @@ int main(int argc, char** argv) printf("wolfSSL_new error.\n"); cleanup = 1; cont = 1; + close(listenfd); + break; } /* set the session ssl to client connection port */ @@ -185,6 +198,8 @@ int main(int argc, char** argv) printf("error = %d, %s\n", e, wolfSSL_ERR_reason_error_string(e)); printf("SSL_accept failed.\n"); + wolfSSL_free(ssl); + close(listenfd); continue; } if ((recvLen = wolfSSL_read(ssl, buff, sizeof(buff)-1)) > 0) { @@ -215,6 +230,7 @@ int main(int argc, char** argv) wolfSSL_set_fd(ssl, 0); wolfSSL_shutdown(ssl); wolfSSL_free(ssl); + close(listenfd); printf("Client left cont to idle state\n"); cont = 0; diff --git a/dtls/server-dtls-nonblocking.c b/dtls/server-dtls-nonblocking.c index b1b84838d..2a2f02a9d 100644 --- a/dtls/server-dtls-nonblocking.c +++ b/dtls/server-dtls-nonblocking.c @@ -147,6 +147,7 @@ int main(int argc, char** argv) if ((listenfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0 ) { printf("Cannot create socket.\n"); cont = 1; + break; } printf("Socket allocated\n"); @@ -162,6 +163,11 @@ int main(int argc, char** argv) cleanup = 1; } + if (cleanup == 1) { + close(listenfd); + break; + } + /* Clear servAddr each loop */ memset((char *)&servAddr, 0, sizeof(servAddr)); @@ -176,6 +182,8 @@ int main(int argc, char** argv) if (res < 0) { printf("Setsockopt SO_REUSEADDR failed.\n"); cont = 1; + close(listenfd); + break; } /*Bind Socket*/ @@ -183,6 +191,8 @@ int main(int argc, char** argv) (struct sockaddr *)&servAddr, sizeof(servAddr)) < 0) { printf("Bind failed.\n"); cont = 1; + close(listenfd); + break; } printf("Awaiting client connection on port %d\n", SERV_PORT); @@ -192,12 +202,17 @@ int main(int argc, char** argv) do { if (cleanup == 1) { cont = 1; + close(listenfd); break; } bytesRecvd = (int)recvfrom(listenfd, (char*)b, sizeof(b), MSG_PEEK, (struct sockaddr*)&cliAddr, &clilen); } while (bytesRecvd <= 0); + if (cont == 1) { + break; + } + if (bytesRecvd > 0) { if (connect(listenfd, (const struct sockaddr*)&cliAddr, sizeof(cliAddr)) != 0) { @@ -217,6 +232,8 @@ int main(int argc, char** argv) if (( ssl = wolfSSL_new(ctx)) == NULL) { printf("wolfSSL_new error.\n"); cont = 1; + close(listenfd); + break; } /* set clilen to |cliAddr| */ diff --git a/psk/server-psk-threaded.c b/psk/server-psk-threaded.c index 42f036f71..c0df787c8 100644 --- a/psk/server-psk-threaded.c +++ b/psk/server-psk-threaded.c @@ -82,8 +82,9 @@ void* wolfssl_thread(void* fd) /* create WOLFSSL object */ if ((ssl = wolfSSL_new(ctx)) == NULL) { - printf("Fatal error : wolfSSL_new error"); - /* place signal for forced error exit here */ + printf("Fatal error : wolfSSL_new error\n"); + close(connfd); + pthread_exit(NULL); } wolfSSL_set_fd(ssl, connfd); diff --git a/tls/client-tls13-resume.c b/tls/client-tls13-resume.c index c02756fe3..d110622e9 100644 --- a/tls/client-tls13-resume.c +++ b/tls/client-tls13-resume.c @@ -358,7 +358,7 @@ int main(int argc, char** argv) } #ifdef HAVE_SECRET_CALLBACK - wolfSSL_FreeArrays(ssl); + wolfSSL_FreeArrays(sslRes); #endif