Skip to content

Commit f650201

Browse files
atomicturtleatomicturtle
authored
Merge pull request ossec#2146 from atomicturtle/agent-auth-eof
handle conditions SSL EOF condition
2 parents a282687 + 0c67422 commit f650201

1 file changed

Lines changed: 36 additions & 34 deletions

File tree

src/os_auth/main-client.c

Lines changed: 36 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -334,63 +334,65 @@ int main(int argc, char **argv)
334334
case SSL_ERROR_NONE:
335335
buf[ret] = '\0';
336336
if (strncmp(buf, "ERROR", 5) == 0) {
337-
char *tmpstr;
338-
tmpstr = strchr(buf, '\n');
339-
if (tmpstr) {
340-
*tmpstr = '\0';
341-
}
337+
char *tmpstr = strchr(buf, '\n');
338+
if (tmpstr) *tmpstr = '\0';
342339
printf("%s (from manager)\n", buf);
343340
} else if (strncmp(buf, "OSSEC K:'", 9) == 0) {
344-
char *key;
345-
char *tmpstr;
346-
char **entry;
347-
printf("INFO: Received response with agent key\n");
348-
349-
key = buf;
350-
key += 9;
351-
tmpstr = strchr(key, '\'');
341+
char *key = buf + 9;
342+
char *tmpstr = strchr(key, '\'');
352343
if (!tmpstr) {
353344
printf("ERROR: Invalid key received. Closing connection.\n");
354345
exit(1);
355346
}
356347
*tmpstr = '\0';
357-
entry = OS_StrBreak(' ', key, 4);
358-
if (!OS_IsValidID(entry[0]) || !OS_IsValidName(entry[1]) ||
359-
!OS_IsValidName(entry[2]) || !OS_IsValidName(entry[3])) {
360-
printf("ERROR: Invalid key received (2). Closing connection.\n");
348+
349+
FILE *fp = fopen(KEYSFILE_PATH, "w");
350+
if (!fp) {
351+
printf("ERROR: Unable to open key file: %s", KEYSFILE_PATH);
361352
exit(1);
362353
}
354+
fprintf(fp, "%s\n", key);
355+
fclose(fp);
363356

364-
{
365-
FILE *fp;
366-
fp = fopen(KEYSFILE_PATH, "w");
367-
if (!fp) {
368-
printf("ERROR: Unable to open key file: %s", KEYSFILE_PATH);
369-
exit(1);
370-
}
371-
fprintf(fp, "%s\n", key);
372-
fclose(fp);
373-
}
374357
key_added = 1;
375358
printf("INFO: Valid key created. Finished.\n");
376359
}
377360
break;
361+
378362
case SSL_ERROR_ZERO_RETURN:
363+
printf("INFO: Connection closed by server (graceful shutdown).\n");
364+
exit(0);
365+
379366
case SSL_ERROR_SYSCALL:
380-
if (key_added == 0) {
381-
printf("ERROR: Unable to create key. Either wrong password or connection not accepted by the manager.\n");
367+
if (ret == 0) {
368+
if (key_added) {
369+
printf("INFO: Connection closed by server (EOF after key creation).\n");
370+
exit(0);
371+
} else {
372+
printf("ERROR: Connection closed by server before key creation.\n");
373+
exit(1);
374+
}
375+
} else if (ret < 0) {
376+
perror("ERROR: System call error during SSL_read");
377+
exit(1);
382378
}
383-
printf("INFO: Connection closed.\n");
384-
exit(0);
385379
break;
380+
386381
default:
387-
printf("ERROR: SSL read (unable to receive message)\n");
388-
exit(1);
382+
if (key_added) {
383+
// Suppress unexpected EOF error if the key was successfully created
384+
exit(0);
385+
} else {
386+
printf("ERROR: SSL read (unable to receive message)\n");
387+
ERR_print_errors_fp(stderr);
388+
exit(1);
389+
}
389390
break;
390391
}
391-
392392
}
393393

394+
395+
394396
/* Shut down the socket */
395397
if (key_added == 0) {
396398
printf("ERROR: Unable to create key. Either wrong password or connection not accepted by the manager.\n");

0 commit comments

Comments
 (0)