commit fccfa8716557acd9164cfa990e6df9ff68dce4b7
from: Omar Polo <op@omarpolo.com>
date: Fri Jul 23 14:29:45 2021 UTC

add flags to listener; warn if missing auth_table

in the future we'll have also plain 9p, so mark the tls listeners with
L_TLS and add the libtls machinery only in that case.

commit - 53dd4db65a96dece5f5fa6443771d34ac15c06d4
commit + fccfa8716557acd9164cfa990e6df9ff68dce4b7
blob - 19d2b4de797981210de08763b7513dd5192cd356
blob + 91f2ae141880b4771d4eb12ef79677dd8f2ef080
--- kamid.h
+++ kamid.h
@@ -85,9 +85,12 @@ struct table_backend {
 /* table_static.c */
 extern struct table_backend table_static;
 
+#define L_NONE	0x0
+#define L_TLS	0x1
 struct kd_listen_conf {
 	SIMPLEQ_ENTRY(kd_listen_conf)	 entry;
 	uint32_t			 id;
+	uint32_t			 flags;
 	int				 fd;
 	char				 iface[LINE_MAX];
 	uint16_t			 port;
blob - 30cdf90d199a11230d67ab788419f70e0b79016a
blob + 3580feed180864a9ae8483af293df760af123a63
--- listener.c
+++ listener.c
@@ -259,12 +259,25 @@ listener_receive_config(struct imsg *imsg, struct kd_c
 		break;
 	}
 }
+
+static inline struct kd_listen_conf *
+listen_by_id(uint32_t id)
+{
+	struct kd_listen_conf *l;
 
+	SIMPLEQ_FOREACH(l, &listener_conf->listen_head, entry) {
+		if (l->id == id)
+			return l;
+	}
+	return NULL;
+}
+
 void
 listener_dispatch_main(int fd, short event, void *d)
 {
 	static struct kd_conf		*nconf;
 	static struct kd_pki_conf	*pki;
+	struct kd_listen_conf		*listen;
 	struct client			*client, find;
 	struct imsg			 imsg;
 	struct imsgev			*iev = d;
@@ -347,10 +360,14 @@ listener_dispatch_main(int fd, short event, void *d)
 				close_conn(client);
 				return;
 			}
-			event_set(&client->bev->ev_read, client->fd, EV_READ,
-			    client_tls_readcb, client->bev);
-			event_set(&client->bev->ev_write, client->fd, EV_WRITE,
-			    client_tls_writecb, client->bev);
+
+			listen = listen_by_id(client->lid);
+			if (listen->flags & L_TLS) {
+				event_set(&client->bev->ev_read, client->fd,
+				    EV_READ, client_tls_readcb, client->bev);
+				event_set(&client->bev->ev_write, client->fd,
+				    EV_WRITE, client_tls_writecb, client->bev);
+			}
 
 			/* TODO: adjust watermarks */
                         bufferevent_setwatermark(client->bev, EV_WRITE, 1, 0);
blob - d27c9ee07446c9a2c0ca557706060abbb3b4fe81
blob + a2d1e823cd3a000c5ad1a4a61da96ecebc8a9d63
--- parse.y
+++ parse.y
@@ -268,7 +268,12 @@ tableref	: '<' STRING '>' {
 		;
 
 listen		: LISTEN { listener = listen_new(); }
-		    listen_opts { listener = NULL; };
+		listen_opts {
+			if (listener->auth_table == NULL)
+				yyerror("missing auth table");
+
+			listener = NULL;
+		};
 
 listen_opts	: listen_opt
 		| listen_opt listen_opts
@@ -284,6 +289,7 @@ listen_opt	: ON STRING PORT NUMBER	{
 		| TLS PKI STRING {
 			if (*listener->pki != '\0')
 				yyerror("listen tls pki already defined");
+			listener->flags |= L_TLS;
 			strlcpy(listener->pki, $3, sizeof(listener->pki));
 		}
 		| AUTH tableref {