commit b03e976aa26d100ec1bf976dfdd005868395b490 from: Omar Polo date: Sun Jan 21 12:23:16 2024 UTC convert to use imsg_get_fd() since proc_forward_imsg() never forwards a file descriptor (it's never called actually) just use -1 there. commit - 6bce8180d96c2e1076bd131572979aae54a2fa9f commit + b03e976aa26d100ec1bf976dfdd005868395b490 blob - 375d58daf6e0af1ddc100c287deec5a657a6fe9f blob + 438a88d8a317f9dfaae711a8e8506913215122b2 --- config.c +++ config.c @@ -474,10 +474,11 @@ config_crypto_recv_kp(struct conf *conf, struct imsg * static struct pki *pki; uint8_t *d; size_t len; + int fd; /* XXX: check for duplicates */ - if (imsg->fd == -1) + if ((fd = imsg_get_fd(imsg)) == -1) fatalx("no fd for imsg %d", imsg->hdr.type); switch (imsg->hdr.type) { @@ -486,7 +487,7 @@ config_crypto_recv_kp(struct conf *conf, struct imsg * fatalx("imsg in wrong order; pki is not NULL"); if ((pki = calloc(1, sizeof(*pki))) == NULL) fatal("calloc"); - if (load_file(imsg->fd, &d, &len) == -1) + if (load_file(fd, &d, &len) == -1) fatalx("can't load file"); if ((pki->hash = ssl_pubkey_hash(d, len)) == NULL) fatalx("failed to compute cert hash"); @@ -498,7 +499,7 @@ config_crypto_recv_kp(struct conf *conf, struct imsg * if (pki == NULL) fatalx("got key without cert beforehand %d", imsg->hdr.type); - if (load_file(imsg->fd, &d, &len) == -1) + if (load_file(fd, &d, &len) == -1) fatalx("failed to load private key"); if ((pki->pkey = ssl_load_pkey(d, len)) == NULL) fatalx("failed load private key"); @@ -530,6 +531,7 @@ config_recv(struct conf *conf, struct imsg *imsg) struct address *addr; uint8_t *d; size_t len, datalen; + int fd; datalen = IMSG_DATA_SIZE(imsg); @@ -565,10 +567,10 @@ config_recv(struct conf *conf, struct imsg *imsg) addr = xcalloc(1, sizeof(*addr)); IMSG_SIZE_CHECK(imsg, addr); memcpy(addr, imsg->data, sizeof(*addr)); - if (imsg->fd == -1) + if ((fd = imsg_get_fd(imsg)) == -1) fatalx("missing socket for IMSG_RECONF_SOCK"); addr->conf = conf; - addr->sock = imsg->fd; + addr->sock = fd; event_set(&addr->evsock, addr->sock, EV_READ|EV_PERSIST, server_accept, addr); if ((addr->ctx = tls_server()) == NULL) @@ -605,9 +607,9 @@ config_recv(struct conf *conf, struct imsg *imsg) fatalx("recv'd cert without host"); if (h->cert != NULL) fatalx("cert already received"); - if (imsg->fd == -1) + if ((fd = imsg_get_fd(imsg)) == -1) fatalx("no fd for IMSG_RECONF_CERT"); - if (load_file(imsg->fd, &h->cert, &h->certlen) == -1) + if (load_file(fd, &h->cert, &h->certlen) == -1) fatalx("failed to load cert for %s", h->domain); break; @@ -620,9 +622,9 @@ config_recv(struct conf *conf, struct imsg *imsg) fatalx("recv'd key without host"); if (h->key != NULL) fatalx("key already received"); - if (imsg->fd == -1) + if ((fd = imsg_get_fd(imsg)) == -1) fatalx("no fd for IMSG_RECONF_KEY"); - if (load_file(imsg->fd, &h->key, &h->keylen) == -1) + if (load_file(fd, &h->key, &h->keylen) == -1) fatalx("failed to load key for %s", h->domain); break; @@ -633,9 +635,9 @@ config_recv(struct conf *conf, struct imsg *imsg) fatalx("recv'd ocsp without host"); if (h->ocsp != NULL) fatalx("ocsp already received"); - if (imsg->fd == -1) + if ((fd = imsg_get_fd(imsg)) == -1) fatalx("no fd for IMSG_RECONF_OCSP"); - if (load_file(imsg->fd, &h->ocsp, &h->ocsplen) == -1) + if (load_file(fd, &h->ocsp, &h->ocsplen) == -1) fatalx("failed to load ocsp for %s", h->domain); break; @@ -658,8 +660,8 @@ config_recv(struct conf *conf, struct imsg *imsg) memcpy(loc, imsg->data, datalen); TAILQ_INIT(&loc->params); - if (imsg->fd != -1) { - if (load_file(imsg->fd, &d, &len) == -1) + if ((fd = imsg_get_fd(imsg)) != -1) { + if (load_file(fd, &d, &len) == -1) fatal("load_file"); loc->reqca = load_ca(d, len); if (loc->reqca == NULL) @@ -697,8 +699,8 @@ config_recv(struct conf *conf, struct imsg *imsg) proxy = xcalloc(1, sizeof(*proxy)); memcpy(proxy, imsg->data, datalen); - if (imsg->fd != -1) { - if (load_file(imsg->fd, &d, &len) == -1) + if ((fd = imsg_get_fd(imsg)) != -1) { + if (load_file(fd, &d, &len) == -1) fatal("load_file"); proxy->reqca = load_ca(d, len); if (proxy->reqca == NULL) @@ -716,9 +718,9 @@ config_recv(struct conf *conf, struct imsg *imsg) fatalx("recv'd proxy cert without proxy"); if (p->cert != NULL) fatalx("proxy cert already received"); - if (imsg->fd == -1) + if ((fd = imsg_get_fd(imsg)) == -1) fatalx("no fd for IMSG_RECONF_PROXY_CERT"); - if (load_file(imsg->fd, &p->cert, &p->certlen) == -1) + if (load_file(fd, &p->cert, &p->certlen) == -1) fatalx("failed to load cert for proxy %s of %s", p->host, h->domain); break; @@ -729,9 +731,9 @@ config_recv(struct conf *conf, struct imsg *imsg) fatalx("recv'd proxy key without proxy"); if (p->key != NULL) fatalx("proxy key already received"); - if (imsg->fd == -1) + if ((fd = imsg_get_fd(imsg)) == -1) fatalx("no fd for IMSG_RECONF_PROXY_KEY"); - if (load_file(imsg->fd, &p->key, &p->keylen) == -1) + if (load_file(fd, &p->key, &p->keylen) == -1) fatalx("failed to load key for proxy %s of %s", p->host, h->domain); break; blob - 36ccaa3f6b420ce858a8c0915cc876a26d815150 blob + 799b94eae778aeb325ca978e8e655f53cc44f2b4 --- logger.c +++ logger.c @@ -93,10 +93,7 @@ logger_dispatch_parent(int fd, struct privsep_proc *p, case IMSG_LOG_ACCESS: if (logfd != -1) close(logfd); - logfd = -1; - - if (imsg->fd != -1) - logfd = imsg->fd; + logfd = imsg_get_fd(imsg); break; default: return -1; blob - def7b8cae1f7085976b2720e5f9866008fcba500 blob + 50cabc779f7deaf4a343874404d0821c62859769 --- proc.c +++ proc.c @@ -673,7 +673,7 @@ proc_dispatch(int fd, short event, void *arg) case IMSG_CTL_PROCFD: IMSG_SIZE_CHECK(&imsg, &pf); memcpy(&pf, imsg.data, sizeof(pf)); - proc_accept(ps, imsg.fd, pf.pf_procid, + proc_accept(ps, imsg_get_fd(&imsg), pf.pf_procid, pf.pf_instance); break; default: @@ -804,7 +804,7 @@ proc_forward_imsg(struct privsep *ps, struct imsg *ims enum privsep_procid id, int n) { return (proc_compose_imsg(ps, id, n, imsg->hdr.type, - imsg->hdr.peerid, imsg->fd, imsg->data, IMSG_DATA_SIZE(imsg))); + imsg->hdr.peerid, -1, imsg->data, IMSG_DATA_SIZE(imsg))); } struct imsgbuf *