git://git.onelab.eu
/
sliver-openvswitch.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
bfd: Make bfd decay test robust.
[sliver-openvswitch.git]
/
lib
/
stream-ssl.c
diff --git
a/lib/stream-ssl.c
b/lib/stream-ssl.c
index
5caac49
..
2ed5282
100644
(file)
--- a/
lib/stream-ssl.c
+++ b/
lib/stream-ssl.c
@@
-35,7
+35,6
@@
#include "coverage.h"
#include "dynamic-string.h"
#include "entropy.h"
#include "coverage.h"
#include "dynamic-string.h"
#include "entropy.h"
-#include "leak-checker.h"
#include "ofpbuf.h"
#include "openflow/openflow.h"
#include "packets.h"
#include "ofpbuf.h"
#include "openflow/openflow.h"
#include "packets.h"
@@
-190,7
+189,7
@@
want_to_poll_events(int want)
{
switch (want) {
case SSL_NOTHING:
{
switch (want) {
case SSL_NOTHING:
- NOT_REACHED();
+
OVS_
NOT_REACHED();
case SSL_READING:
return POLLIN;
case SSL_READING:
return POLLIN;
@@
-199,14
+198,13
@@
want_to_poll_events(int want)
return POLLOUT;
default:
return POLLOUT;
default:
- NOT_REACHED();
+
OVS_
NOT_REACHED();
}
}
static int
new_ssl_stream(const char *name, int fd, enum session_type type,
}
}
static int
new_ssl_stream(const char *name, int fd, enum session_type type,
- enum ssl_state state, const struct sockaddr_in *remote,
- struct stream **streamp)
+ enum ssl_state state, struct stream **streamp)
{
struct sockaddr_in local;
socklen_t local_len = sizeof local;
{
struct sockaddr_in local;
socklen_t local_len = sizeof local;
@@
-247,7
+245,7
@@
new_ssl_stream(const char *name, int fd, enum session_type type,
/* Disable Nagle. */
retval = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof on);
if (retval) {
/* Disable Nagle. */
retval = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof on);
if (retval) {
- VLOG_ERR("%s: setsockopt(TCP_NODELAY): %s", name, strerror(errno));
+ VLOG_ERR("%s: setsockopt(TCP_NODELAY): %s", name,
ovs_
strerror(errno));
retval = errno;
goto error;
}
retval = errno;
goto error;
}
@@
-271,10
+269,6
@@
new_ssl_stream(const char *name, int fd, enum session_type type,
/* Create and return the ssl_stream. */
sslv = xmalloc(sizeof *sslv);
stream_init(&sslv->stream, &ssl_stream_class, EAGAIN, name);
/* Create and return the ssl_stream. */
sslv = xmalloc(sizeof *sslv);
stream_init(&sslv->stream, &ssl_stream_class, EAGAIN, name);
- stream_set_remote_ip(&sslv->stream, remote->sin_addr.s_addr);
- stream_set_remote_port(&sslv->stream, remote->sin_port);
- stream_set_local_ip(&sslv->stream, local.sin_addr.s_addr);
- stream_set_local_port(&sslv->stream, local.sin_port);
sslv->state = state;
sslv->type = type;
sslv->fd = fd;
sslv->state = state;
sslv->type = type;
sslv->fd = fd;
@@
-310,7
+304,6
@@
ssl_stream_cast(struct stream *stream)
static int
ssl_open(const char *name, char *suffix, struct stream **streamp, uint8_t dscp)
{
static int
ssl_open(const char *name, char *suffix, struct stream **streamp, uint8_t dscp)
{
- struct sockaddr_in sin;
int error, fd;
error = ssl_init();
int error, fd;
error = ssl_init();
@@
-318,13
+311,13
@@
ssl_open(const char *name, char *suffix, struct stream **streamp, uint8_t dscp)
return error;
}
return error;
}
- error = inet_open_active(SOCK_STREAM, suffix, OFP_
SSL_PORT, &sin
, &fd,
+ error = inet_open_active(SOCK_STREAM, suffix, OFP_
OLD_PORT, NULL
, &fd,
dscp);
if (fd >= 0) {
int state = error ? STATE_TCP_CONNECTING : STATE_SSL_CONNECTING;
dscp);
if (fd >= 0) {
int state = error ? STATE_TCP_CONNECTING : STATE_SSL_CONNECTING;
- return new_ssl_stream(name, fd, CLIENT, state,
&sin,
streamp);
+ return new_ssl_stream(name, fd, CLIENT, state, streamp);
} else {
} else {
- VLOG_ERR("%s: connect: %s", name, strerror(error));
+ VLOG_ERR("%s: connect: %s", name,
ovs_
strerror(error));
return error;
}
}
return error;
}
}
@@
-370,7
+363,7
@@
do_ca_cert_bootstrap(struct stream *stream)
return EPROTO;
} else {
VLOG_ERR("could not bootstrap CA cert: creating %s failed: %s",
return EPROTO;
} else {
VLOG_ERR("could not bootstrap CA cert: creating %s failed: %s",
- ca_cert.file_name, strerror(errno));
+ ca_cert.file_name,
ovs_
strerror(errno));
return errno;
}
}
return errno;
}
}
@@
-379,7
+372,7
@@
do_ca_cert_bootstrap(struct stream *stream)
if (!file) {
error = errno;
VLOG_ERR("could not bootstrap CA cert: fdopen failed: %s",
if (!file) {
error = errno;
VLOG_ERR("could not bootstrap CA cert: fdopen failed: %s",
- strerror(error));
+
ovs_
strerror(error));
unlink(ca_cert.file_name);
return error;
}
unlink(ca_cert.file_name);
return error;
}
@@
-396,7
+389,7
@@
do_ca_cert_bootstrap(struct stream *stream)
if (fclose(file)) {
error = errno;
VLOG_ERR("could not bootstrap CA cert: writing %s failed: %s",
if (fclose(file)) {
error = errno;
VLOG_ERR("could not bootstrap CA cert: writing %s failed: %s",
- ca_cert.file_name, strerror(error));
+ ca_cert.file_name,
ovs_
strerror(error));
unlink(ca_cert.file_name);
return error;
}
unlink(ca_cert.file_name);
return error;
}
@@
-485,7
+478,7
@@
ssl_connect(struct stream *stream)
}
}
}
}
- NOT_REACHED();
+
OVS_
NOT_REACHED();
}
static void
}
static void
@@
-565,7
+558,7
@@
interpret_ssl_error(const char *function, int ret, int error,
if (ret < 0) {
int status = errno;
VLOG_WARN_RL(&rl, "%s: system error (%s)",
if (ret < 0) {
int status = errno;
VLOG_WARN_RL(&rl, "%s: system error (%s)",
- function, strerror(status));
+ function,
ovs_
strerror(status));
return status;
} else {
VLOG_WARN_RL(&rl, "%s: unexpected SSL connection close",
return status;
} else {
VLOG_WARN_RL(&rl, "%s: unexpected SSL connection close",
@@
-674,7
+667,6
@@
ssl_send(struct stream *stream, const void *buffer, size_t n)
ssl_clear_txbuf(sslv);
return n;
case EAGAIN:
ssl_clear_txbuf(sslv);
return n;
case EAGAIN:
- leak_checker_claim(buffer);
return n;
default:
sslv->txbuf = NULL;
return n;
default:
sslv->txbuf = NULL;
@@
-726,7
+718,7
@@
ssl_wait(struct stream *stream, enum stream_wait_type wait)
break;
default:
break;
default:
- NOT_REACHED();
+
OVS_
NOT_REACHED();
}
}
break;
}
}
break;
@@
-750,7
+742,7
@@
ssl_wait(struct stream *stream, enum stream_wait_type wait)
break;
default:
break;
default:
- NOT_REACHED();
+
OVS_
NOT_REACHED();
}
}
}
}
@@
-799,7
+791,7
@@
pssl_open(const char *name OVS_UNUSED, char *suffix, struct pstream **pstreamp,
return retval;
}
return retval;
}
- fd = inet_open_passive(SOCK_STREAM, suffix, OFP_
SSL
_PORT, &sin, dscp);
+ fd = inet_open_passive(SOCK_STREAM, suffix, OFP_
OLD
_PORT, &sin, dscp);
if (fd < 0) {
return -fd;
}
if (fd < 0) {
return -fd;
}
@@
-836,7
+828,7
@@
pssl_accept(struct pstream *pstream, struct stream **new_streamp)
if (new_fd < 0) {
error = errno;
if (error != EAGAIN) {
if (new_fd < 0) {
error = errno;
if (error != EAGAIN) {
- VLOG_DBG_RL(&rl, "accept: %s", strerror(error));
+ VLOG_DBG_RL(&rl, "accept: %s",
ovs_
strerror(error));
}
return error;
}
}
return error;
}
@@
-848,10
+840,10
@@
pssl_accept(struct pstream *pstream, struct stream **new_streamp)
}
sprintf(name, "ssl:"IP_FMT, IP_ARGS(sin.sin_addr.s_addr));
}
sprintf(name, "ssl:"IP_FMT, IP_ARGS(sin.sin_addr.s_addr));
- if (sin.sin_port != htons(OFP_
SSL
_PORT)) {
+ if (sin.sin_port != htons(OFP_
OLD
_PORT)) {
sprintf(strchr(name, '\0'), ":%"PRIu16, ntohs(sin.sin_port));
}
sprintf(strchr(name, '\0'), ":%"PRIu16, ntohs(sin.sin_port));
}
- return new_ssl_stream(name, new_fd, SERVER, STATE_SSL_CONNECTING,
&sin,
+ return new_ssl_stream(name, new_fd, SERVER, STATE_SSL_CONNECTING,
new_streamp);
}
new_streamp);
}
@@
-1017,7
+1009,8
@@
update_ssl_config(struct ssl_config_file *config, const char *file_name)
* here. */
error = get_mtime(file_name, &mtime);
if (error && error != ENOENT) {
* here. */
error = get_mtime(file_name, &mtime);
if (error && error != ENOENT) {
- VLOG_ERR_RL(&rl, "%s: stat failed (%s)", file_name, strerror(error));
+ VLOG_ERR_RL(&rl, "%s: stat failed (%s)",
+ file_name, ovs_strerror(error));
}
if (config->file_name
&& !strcmp(config->file_name, file_name)
}
if (config->file_name
&& !strcmp(config->file_name, file_name)
@@
-1125,7
+1118,7
@@
read_cert_file(const char *file_name, X509 ***certs, size_t *n_certs)
file = fopen(file_name, "r");
if (!file) {
VLOG_ERR("failed to open %s for reading: %s",
file = fopen(file_name, "r");
if (!file) {
VLOG_ERR("failed to open %s for reading: %s",
- file_name, strerror(errno));
+ file_name,
ovs_
strerror(errno));
return errno;
}
return errno;
}
@@
-1213,7
+1206,7
@@
log_ca_cert(const char *file_name, X509 *cert)
if (i) {
ds_put_char(&fp, ':');
}
if (i) {
ds_put_char(&fp, ':');
}
- ds_put_format(&fp, "%02
hh
x", digest[i]);
+ ds_put_format(&fp, "%02x", digest[i]);
}
}
subject = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
}
}
subject = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
@@
-1248,7
+1241,7
@@
stream_ssl_set_ca_cert_file__(const char *file_name,
for (i = 0; i < n_certs; i++) {
/* SSL_CTX_add_client_CA makes a copy of the relevant data. */
if (SSL_CTX_add_client_CA(ctx, certs[i]) != 1) {
for (i = 0; i < n_certs; i++) {
/* SSL_CTX_add_client_CA makes a copy of the relevant data. */
if (SSL_CTX_add_client_CA(ctx, certs[i]) != 1) {
- VLOG_ERR("failed to add client certificate %
zu
from %s: %s",
+ VLOG_ERR("failed to add client certificate %
"PRIuSIZE"
from %s: %s",
i, file_name,
ERR_error_string(ERR_get_error(), NULL));
} else {
i, file_name,
ERR_error_string(ERR_get_error(), NULL));
} else {
@@
-1370,7
+1363,7
@@
ssl_protocol_cb(int write_p, int version OVS_UNUSED, int content_type,
ds_put_format(&details, "type %d", content_type);
}
ds_put_format(&details, "type %d", content_type);
}
- VLOG_DBG("%s%u%s%s %s (%
zu
bytes)",
+ VLOG_DBG("%s%u%s%s %s (%
"PRIuSIZE"
bytes)",
sslv->type == CLIENT ? "client" : "server",
sslv->session_nr, write_p ? "-->" : "<--",
stream_get_name(&sslv->stream), ds_cstr(&details), len);
sslv->type == CLIENT ? "client" : "server",
sslv->session_nr, write_p ? "-->" : "<--",
stream_get_name(&sslv->stream), ds_cstr(&details), len);