X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fstream-ssl.c;h=3b9270f93ff71343f409939e1a2ee7a37f4e7a74;hb=34290dbfe54a930258d4c1d00e82e7c3f51cea5f;hp=0ca5b18dfb775e3bc12419a7c8b30cc50605f6e8;hpb=f89b7ce502441c9b71ac469846049ecacabcd888;p=sliver-openvswitch.git diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c index 0ca5b18df..3b9270f93 100644 --- a/lib/stream-ssl.c +++ b/lib/stream-ssl.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc. + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,6 @@ #include #include "stream-ssl.h" #include "dhparams.h" -#include #include #include #include @@ -36,7 +35,6 @@ #include "coverage.h" #include "dynamic-string.h" #include "entropy.h" -#include "leak-checker.h" #include "ofpbuf.h" #include "openflow/openflow.h" #include "packets.h" @@ -248,7 +246,7 @@ new_ssl_stream(const char *name, int fd, enum session_type type, /* Disable Nagle. */ retval = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof on); if (retval) { - VLOG_ERR("%s: setsockopt(TCP_NODELAY): %s", name, strerror(errno)); + VLOG_ERR("%s: setsockopt(TCP_NODELAY): %s", name, ovs_strerror(errno)); retval = errno; goto error; } @@ -325,7 +323,7 @@ ssl_open(const char *name, char *suffix, struct stream **streamp, uint8_t dscp) int state = error ? STATE_TCP_CONNECTING : STATE_SSL_CONNECTING; return new_ssl_stream(name, fd, CLIENT, state, &sin, streamp); } else { - VLOG_ERR("%s: connect: %s", name, strerror(error)); + VLOG_ERR("%s: connect: %s", name, ovs_strerror(error)); return error; } } @@ -371,7 +369,7 @@ do_ca_cert_bootstrap(struct stream *stream) return EPROTO; } else { VLOG_ERR("could not bootstrap CA cert: creating %s failed: %s", - ca_cert.file_name, strerror(errno)); + ca_cert.file_name, ovs_strerror(errno)); return errno; } } @@ -380,7 +378,7 @@ do_ca_cert_bootstrap(struct stream *stream) if (!file) { error = errno; VLOG_ERR("could not bootstrap CA cert: fdopen failed: %s", - strerror(error)); + ovs_strerror(error)); unlink(ca_cert.file_name); return error; } @@ -397,7 +395,7 @@ do_ca_cert_bootstrap(struct stream *stream) if (fclose(file)) { error = errno; VLOG_ERR("could not bootstrap CA cert: writing %s failed: %s", - ca_cert.file_name, strerror(error)); + ca_cert.file_name, ovs_strerror(error)); unlink(ca_cert.file_name); return error; } @@ -443,7 +441,7 @@ ssl_connect(struct stream *stream) case STATE_SSL_CONNECTING: /* Capture the first few bytes of received data so that we can guess - * what kind of funny data we've been sent if SSL negotation fails. */ + * what kind of funny data we've been sent if SSL negotiation fails. */ if (sslv->n_head <= 0) { sslv->n_head = recv(sslv->fd, sslv->head, sizeof sslv->head, MSG_PEEK); @@ -566,7 +564,7 @@ interpret_ssl_error(const char *function, int ret, int error, if (ret < 0) { int status = errno; VLOG_WARN_RL(&rl, "%s: system error (%s)", - function, strerror(status)); + function, ovs_strerror(status)); return status; } else { VLOG_WARN_RL(&rl, "%s: unexpected SSL connection close", @@ -599,7 +597,7 @@ ssl_recv(struct stream *stream, void *buffer, size_t n) ssize_t ret; /* Behavior of zero-byte SSL_read is poorly defined. */ - assert(n > 0); + ovs_assert(n > 0); old_state = SSL_get_state(sslv->ssl); ret = SSL_read(sslv->ssl, buffer, n); @@ -675,7 +673,6 @@ ssl_send(struct stream *stream, const void *buffer, size_t n) ssl_clear_txbuf(sslv); return n; case EAGAIN: - leak_checker_claim(buffer); return n; default: sslv->txbuf = NULL; @@ -805,10 +802,11 @@ pssl_open(const char *name OVS_UNUSED, char *suffix, struct pstream **pstreamp, return -fd; } sprintf(bound_name, "pssl:%"PRIu16":"IP_FMT, - ntohs(sin.sin_port), IP_ARGS(&sin.sin_addr.s_addr)); + ntohs(sin.sin_port), IP_ARGS(sin.sin_addr.s_addr)); pssl = xmalloc(sizeof *pssl); pstream_init(&pssl->pstream, &pssl_pstream_class, bound_name); + pstream_set_bound_port(&pssl->pstream, sin.sin_port); pssl->fd = fd; *pstreamp = &pssl->pstream; return 0; @@ -836,7 +834,7 @@ pssl_accept(struct pstream *pstream, struct stream **new_streamp) if (new_fd < 0) { error = errno; if (error != EAGAIN) { - VLOG_DBG_RL(&rl, "accept: %s", strerror(error)); + VLOG_DBG_RL(&rl, "accept: %s", ovs_strerror(error)); } return error; } @@ -847,7 +845,7 @@ pssl_accept(struct pstream *pstream, struct stream **new_streamp) return error; } - sprintf(name, "ssl:"IP_FMT, IP_ARGS(&sin.sin_addr)); + sprintf(name, "ssl:"IP_FMT, IP_ARGS(sin.sin_addr.s_addr)); if (sin.sin_port != htons(OFP_SSL_PORT)) { sprintf(strchr(name, '\0'), ":%"PRIu16, ntohs(sin.sin_port)); } @@ -897,7 +895,7 @@ ssl_init(void) static int init_status = -1; if (init_status < 0) { init_status = do_ssl_init(); - assert(init_status >= 0); + ovs_assert(init_status >= 0); } return init_status; } @@ -1017,7 +1015,8 @@ update_ssl_config(struct ssl_config_file *config, const char *file_name) * here. */ error = get_mtime(file_name, &mtime); if (error && error != ENOENT) { - VLOG_ERR_RL(&rl, "%s: stat failed (%s)", file_name, strerror(error)); + VLOG_ERR_RL(&rl, "%s: stat failed (%s)", + file_name, ovs_strerror(error)); } if (config->file_name && !strcmp(config->file_name, file_name) @@ -1125,7 +1124,7 @@ read_cert_file(const char *file_name, X509 ***certs, size_t *n_certs) file = fopen(file_name, "r"); if (!file) { VLOG_ERR("failed to open %s for reading: %s", - file_name, strerror(errno)); + file_name, ovs_strerror(errno)); return errno; }