From 60a6a10467f5b7d56c92fe8e4133a6af9e9bd48f Mon Sep 17 00:00:00 2001 From: tb <> Date: Mon, 6 Dec 2021 11:06:58 +0000 Subject: Clean up a bunch of dead code in s_server.c and s_socket.c jsg's analysis tool flagged a potential double free in do_server(). While this looks like a false positive, we can clean this code up a little: the host name passed to the callbacks isn't used by either sv_body() and www_body(), so it can be made local to do_accept() (an extra variable would not even be needed). Simplify the callbacks' signatures accordingly. Remove some commented out linger code that would never be used again anyway. ok inoguchi jsg --- src/usr.bin/openssl/s_apps.h | 4 ++-- src/usr.bin/openssl/s_server.c | 10 +++++----- src/usr.bin/openssl/s_socket.c | 43 ++++++++++++++---------------------------- 3 files changed, 21 insertions(+), 36 deletions(-) (limited to 'src') diff --git a/src/usr.bin/openssl/s_apps.h b/src/usr.bin/openssl/s_apps.h index f535a35c39..a73c2eb1b4 100644 --- a/src/usr.bin/openssl/s_apps.h +++ b/src/usr.bin/openssl/s_apps.h @@ -1,4 +1,4 @@ -/* $OpenBSD: s_apps.h,v 1.6 2021/08/29 12:33:15 tb Exp $ */ +/* $OpenBSD: s_apps.h,v 1.7 2021/12/06 11:06:58 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -119,7 +119,7 @@ extern int verify_depth; extern int verify_return_error; int do_server(int port, int type, int *ret, - int (*cb)(char *hostname, int s, unsigned char *context), + int (*cb)(int s, unsigned char *context), unsigned char *context, int naccept); #ifdef HEADER_X509_H int verify_callback(int ok, X509_STORE_CTX *ctx); diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c index 233b8fdced..9b06856ac9 100644 --- a/src/usr.bin/openssl/s_server.c +++ b/src/usr.bin/openssl/s_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_server.c,v 1.53 2021/10/31 16:47:27 tb Exp $ */ +/* $OpenBSD: s_server.c,v 1.54 2021/12/06 11:06:58 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -180,13 +180,13 @@ static void s_server_init(void); static void sv_usage(void); static void print_stats(BIO *bp, SSL_CTX *ctx); -static int sv_body(char *hostname, int s, unsigned char *context); +static int sv_body(int s, unsigned char *context); static void close_accept_socket(void); static int init_ssl_connection(SSL *s); #ifndef OPENSSL_NO_DH static DH *load_dh_param(const char *dhfile); #endif -static int www_body(char *hostname, int s, unsigned char *context); +static int www_body(int s, unsigned char *context); static int generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len); static int ssl_servername_cb(SSL *s, int *ad, void *arg); @@ -1531,7 +1531,7 @@ print_stats(BIO *bio, SSL_CTX *ssl_ctx) } static int -sv_body(char *hostname, int s, unsigned char *context) +sv_body(int s, unsigned char *context) { char *buf = NULL; int ret = 1; @@ -1956,7 +1956,7 @@ load_dh_param(const char *dhfile) #endif static int -www_body(char *hostname, int s, unsigned char *context) +www_body(int s, unsigned char *context) { char *buf = NULL; int ret = 1; diff --git a/src/usr.bin/openssl/s_socket.c b/src/usr.bin/openssl/s_socket.c index f22c88d228..db125c1ed3 100644 --- a/src/usr.bin/openssl/s_socket.c +++ b/src/usr.bin/openssl/s_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_socket.c,v 1.12 2021/08/29 12:33:15 tb Exp $ */ +/* $OpenBSD: s_socket.c,v 1.13 2021/12/06 11:06:58 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -75,7 +75,7 @@ static int init_server(int *sock, int port, int type); static int init_server_long(int *sock, int port, char *ip, int type); -static int do_accept(int acc_sock, int *sock, char **host); +static int do_accept(int acc_sock, int *sock); int init_client(int *sock, char *host, char *port, int type, int af) @@ -131,11 +131,10 @@ init_client(int *sock, char *host, char *port, int type, int af) int do_server(int port, int type, int *ret, - int (*cb) (char *hostname, int s, unsigned char *context), + int (*cb)(int s, unsigned char *context), unsigned char *context, int naccept) { int sock; - char *name = NULL; int accept_socket = 0; int i; @@ -148,15 +147,14 @@ do_server(int port, int type, int *ret, } for (;;) { if (type == SOCK_STREAM) { - if (do_accept(accept_socket, &sock, &name) == 0) { + if (do_accept(accept_socket, &sock) == 0) { shutdown(accept_socket, SHUT_RD); close(accept_socket); return (0); } } else sock = accept_socket; - i = (*cb) (name, sock, context); - free(name); + i = cb(sock, context); if (type == SOCK_STREAM) { shutdown(sock, SHUT_RDWR); close(sock); @@ -227,13 +225,13 @@ init_server(int *sock, int port, int type) } static int -do_accept(int acc_sock, int *sock, char **host) +do_accept(int acc_sock, int *sock) { - int ret; struct hostent *h1, *h2; static struct sockaddr_in from; socklen_t len; -/* struct linger ling; */ + char *host = NULL; + int ret; redoit: @@ -249,47 +247,34 @@ do_accept(int acc_sock, int *sock, char **host) perror("accept"); return (0); } -/* - ling.l_onoff=1; - ling.l_linger=0; - i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling)); - if (i == -1) { perror("linger"); return(0); } - i=0; - i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); - if (i == -1) { perror("keepalive"); return(0); } -*/ - - if (host == NULL) - goto end; + h1 = gethostbyaddr((char *) &from.sin_addr.s_addr, sizeof(from.sin_addr.s_addr), AF_INET); if (h1 == NULL) { BIO_printf(bio_err, "bad gethostbyaddr\n"); - *host = NULL; - /* return(0); */ } else { - if ((*host = strdup(h1->h_name)) == NULL) { + if ((host = strdup(h1->h_name)) == NULL) { perror("strdup"); close(ret); return (0); } - h2 = gethostbyname(*host); + h2 = gethostbyname(host); if (h2 == NULL) { BIO_printf(bio_err, "gethostbyname failure\n"); close(ret); - free(*host); + free(host); return (0); } if (h2->h_addrtype != AF_INET) { BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n"); close(ret); - free(*host); + free(host); return (0); } } - end: + free(host); *sock = ret; return (1); } -- cgit v1.2.3-55-g6feb