From 89b2315346b867cca1a8e84328b2e7ca2203c607 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bernhard=20Fr=C3=B6hlich?= Date: Sat, 6 Apr 2013 21:15:03 +0200 Subject: [PATCH 1/3] bug 1161: Added errorhandling --- functions/UploadResults.pl | 99 ++++++++++++++++++++++++++------------ 1 file changed, 68 insertions(+), 31 deletions(-) diff --git a/functions/UploadResults.pl b/functions/UploadResults.pl index 6fb47d5..c2c86e9 100755 --- a/functions/UploadResults.pl +++ b/functions/UploadResults.pl @@ -8,6 +8,7 @@ my $KeyFile = "key_200808.pem"; my $CAfile = "CAcert_roots.pem"; my $TargetHost="secure.cacert.org"; my $TargetScript="cats/cats_import.php"; +my $ConnectInc="/home/cats/public_html/includes/db_connect.inc"; sub url_encode($) { @@ -32,6 +33,9 @@ sub SendRecord($$$$$$) my $BytesRead; my $Result; my $ContentLength; + my $DoClose; + my $HTTPResult; + my $HTTPTextResult; $data = "serial=".url_encode($serial)."&root=".url_encode($root)."&type=".url_encode($type). "&variant=".url_encode($variant)."&date=".url_encode($date)."&OK=Anfrage+abschicken\r\n"; @@ -47,6 +51,7 @@ sub SendRecord($$$$$$) $IsChunked = 0; $ContentLength = 0; + $DoClose = 0; do { $CurLine = Net::SSLeay::ssl_read_CRLF($ssl); die_if_ssl_error("ssl_read_CRLF"); @@ -54,15 +59,22 @@ sub SendRecord($$$$$$) print "ssl_read_CRLF returns nothing\n"; return "BREAK"; } + if (CurLine =~ /^HTTP\/[0-9.]+ (\d+) (.+)/i) { + $HTTPResult = $1; + $HTTPTextResult = $2; + } if ($CurLine =~ /^Transfer-Encoding: chunked/i) { $IsChunked = 1; } if ($CurLine =~ /^Content-Type: text\/html;/i) { $IsHTML = 1; } - if ($CurLine =~ /^Content-Length:\s*(\d)\r\n/) { + if ($CurLine =~ /^Content-Length:\s*(\d+)/) { $ContentLength = $1; } + if ($CurLine =~ /^Connection: close/) { + $DoClose = 1; + } } while($CurLine ne "\r\n"); if ($IsChunked && $IsHTML) { @@ -87,10 +99,10 @@ sub SendRecord($$$$$$) $Result = Net::SSLeay::read($ssl, $ContentLength); } - return $Result; + return ($DoClose, $Result); } -# parse sb_connect.inc for database parameters +# parse db_connect.inc for database parameters sub connect_with_php_inc($) { my ($phpFile) = @_; @@ -134,6 +146,9 @@ while($CurArg < scalar(@ARGV)) { } elsif ($ARGV[$CurArg] eq "--Host") { $CurArg++; $TargetHost = $ARGV[$CurArg]; + } elsif ($ARGV[$CurArg] eq "--ConnectInc") { + $CurArg++; + $ConnectInc = $ARGV[$CurArg]; } $CurArg++; } @@ -142,7 +157,7 @@ Net::SSLeay::load_error_strings(); Net::SSLeay::SSLeay_add_ssl_algorithms(); Net::SSLeay::randomize(); -my $dbh = connect_with_php_inc("/home/cats/public_html/includes/db_connect.inc"); +my $dbh = connect_with_php_inc($ConnectInc); my $sth; my $RecID; my $serial; @@ -151,7 +166,9 @@ my $type; my $variant; my $date; my @OKIDs; +my @FailIDs; my $RowNum; +my $DoClose; $dbh->do("SET time_zone='+00:00'"); $sth = $dbh->prepare("SELECT `lp`.`lp_id`, `lp`.`user_id`, `lp`.`root`, `tt`.`text`, `t`.`topic`, `lp`.`date` ". @@ -168,53 +185,73 @@ $port = 443; $dest_ip = gethostbyname ($TargetHost); $dest_serv_params = sockaddr_in($port, $dest_ip); -socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!"; -connect (S, $dest_serv_params) or die "connect: $!"; -select (S); $| = 1; select (STDOUT); # Eliminate STDIO buffering - -# The network connection is now open, lets fire up SSL - -$ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX $!"); -Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL) - and die_if_ssl_error("ssl ctx set options"); - -# Set accepted CAs -Net::SSLeay::CTX_load_verify_locations($ctx, $CAfile, 0); - -# Add client vertificate -Net::SSLeay::set_cert_and_key($ctx, $CertFile, $KeyFile); - -$ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!"); -Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno -$res = Net::SSLeay::connect($ssl) and die_if_ssl_error("ssl connect"); -#print "Cipher `" . Net::SSLeay::get_cipher($ssl) . "'\n"; -# Still to do here. CRL/OCSP-Checking - # Exchange data $RowNum = 0; +$DoClose = 1; do { ($RecID, $serial, $root, $type, $variant, $date) = $sth->fetchrow_array(); + if ($DoClose) { + socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!"; + connect (S, $dest_serv_params) or die "connect: $!"; + select (S); $| = 1; select (STDOUT); # Eliminate STDIO buffering + + # The network connection is now open, lets fire up SSL + + $ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX $!"); + Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL) + and die_if_ssl_error("ssl ctx set options"); + + # Set accepted CAs + Net::SSLeay::CTX_load_verify_locations($ctx, $CAfile, 0); + + # Add client vertificate + Net::SSLeay::set_cert_and_key($ctx, $CertFile, $KeyFile); + + $ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!"); + Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno + $res = Net::SSLeay::connect($ssl) and die_if_ssl_error("ssl connect"); + #print "Cipher `" . Net::SSLeay::get_cipher($ssl) . "'\n"; + # Still to do here. CRL/OCSP-Checking + } + if ($RecID) { - $got = SendRecord($ssl, $serial, $root, $type, $variant, $date); + ($DoClose, $got) = SendRecord($ssl, $serial, $root, $type, $variant, $date); $got =~ s/\s+//g; print localtime(time).": $root/$serial, $type/$variant: $got\n"; if (($got =~ /^OK/i) || ($got =~ /^Duplicate/i)) { push(@OKIDs, $RecID); + } elsif ($got =~ /^Cannot find cert/i) { + push(@FailIDs, $RecID); } $RowNum += 1; + + if ($DoClose) { + # Server requested closing of connection + CORE::shutdown S, 1; # Half close --> No more output, sends EOF to server + Net::SSLeay::free ($ssl); # Tear down connection + Net::SSLeay::CTX_free ($ctx); + close S; + } } } while($RecID && ($got ne "BREAK")); -CORE::shutdown S, 1; # Half close --> No more output, sends EOF to server -Net::SSLeay::free ($ssl); # Tear down connection -Net::SSLeay::CTX_free ($ctx); -close S; +if (!$DoClose) { + CORE::shutdown S, 1; # Half close --> No more output, sends EOF to server + Net::SSLeay::free ($ssl); # Tear down connection + Net::SSLeay::CTX_free ($ctx); + close S; +} $sth = $dbh->prepare("UPDATE `learnprogress` SET `uploaded`=1 WHERE `lp_id`=?"); foreach $RecID (@OKIDs) { $sth->execute($RecID); } +$sth = $dbh->prepare("UPDATE `learnprogress` SET `uploaded`=2 WHERE `lp_id`=?"); +foreach $RecID (@FailIDs) { + $sth->execute($RecID); +} + $dbh->disconnect(); From 907f893d31fd435ef8e60b3e37b7521f815739dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bernhard=20Fr=C3=B6hlich?= Date: Sat, 6 Apr 2013 22:01:15 +0200 Subject: [PATCH 2/3] bug-1161: bugfix --- functions/UploadResults.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/functions/UploadResults.pl b/functions/UploadResults.pl index c2c86e9..576770a 100755 --- a/functions/UploadResults.pl +++ b/functions/UploadResults.pl @@ -218,7 +218,7 @@ do { if ($RecID) { ($DoClose, $got) = SendRecord($ssl, $serial, $root, $type, $variant, $date); - $got =~ s/\s+//g; + $got =~ s/\s+$//g; print localtime(time).": $root/$serial, $type/$variant: $got\n"; if (($got =~ /^OK/i) || ($got =~ /^Duplicate/i)) { push(@OKIDs, $RecID); From b587157520a263d815efb0a4e52cbfc0b1d67546 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bernhard=20Fr=C3=B6hlich?= Date: Sat, 6 Apr 2013 22:04:10 +0200 Subject: [PATCH 3/3] bug-1161: Replaced tabs with double spaces --- functions/UploadResults.pl | 54 +++++++++++++++++++------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/functions/UploadResults.pl b/functions/UploadResults.pl index 576770a..d24c0db 100755 --- a/functions/UploadResults.pl +++ b/functions/UploadResults.pl @@ -192,27 +192,27 @@ do { ($RecID, $serial, $root, $type, $variant, $date) = $sth->fetchrow_array(); if ($DoClose) { - socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!"; - connect (S, $dest_serv_params) or die "connect: $!"; - select (S); $| = 1; select (STDOUT); # Eliminate STDIO buffering + socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!"; + connect (S, $dest_serv_params) or die "connect: $!"; + select (S); $| = 1; select (STDOUT); # Eliminate STDIO buffering - # The network connection is now open, lets fire up SSL + # The network connection is now open, lets fire up SSL - $ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX $!"); - Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL) - and die_if_ssl_error("ssl ctx set options"); + $ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX $!"); + Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL) + and die_if_ssl_error("ssl ctx set options"); - # Set accepted CAs - Net::SSLeay::CTX_load_verify_locations($ctx, $CAfile, 0); + # Set accepted CAs + Net::SSLeay::CTX_load_verify_locations($ctx, $CAfile, 0); - # Add client vertificate - Net::SSLeay::set_cert_and_key($ctx, $CertFile, $KeyFile); + # Add client vertificate + Net::SSLeay::set_cert_and_key($ctx, $CertFile, $KeyFile); - $ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!"); - Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno - $res = Net::SSLeay::connect($ssl) and die_if_ssl_error("ssl connect"); - #print "Cipher `" . Net::SSLeay::get_cipher($ssl) . "'\n"; - # Still to do here. CRL/OCSP-Checking + $ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!"); + Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno + $res = Net::SSLeay::connect($ssl) and die_if_ssl_error("ssl connect"); + #print "Cipher `" . Net::SSLeay::get_cipher($ssl) . "'\n"; + # Still to do here. CRL/OCSP-Checking } if ($RecID) { @@ -227,21 +227,21 @@ do { } $RowNum += 1; - if ($DoClose) { - # Server requested closing of connection - CORE::shutdown S, 1; # Half close --> No more output, sends EOF to server - Net::SSLeay::free ($ssl); # Tear down connection - Net::SSLeay::CTX_free ($ctx); - close S; - } + if ($DoClose) { + # Server requested closing of connection + CORE::shutdown S, 1; # Half close --> No more output, sends EOF to server + Net::SSLeay::free ($ssl); # Tear down connection + Net::SSLeay::CTX_free ($ctx); + close S; + } } } while($RecID && ($got ne "BREAK")); if (!$DoClose) { - CORE::shutdown S, 1; # Half close --> No more output, sends EOF to server - Net::SSLeay::free ($ssl); # Tear down connection - Net::SSLeay::CTX_free ($ctx); - close S; + CORE::shutdown S, 1; # Half close --> No more output, sends EOF to server + Net::SSLeay::free ($ssl); # Tear down connection + Net::SSLeay::CTX_free ($ctx); + close S; } $sth = $dbh->prepare("UPDATE `learnprogress` SET `uploaded`=1 WHERE `lp_id`=?");