[Git][NTPsec/ntpsec][master] 3 commits: Remove uint from nts_server
Hal Murray
gitlab at mg.gitlab.com
Tue Aug 27 10:48:26 UTC 2019
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
767857e7 by Hal Murray at 2019-08-27T10:47:35Z
Remove uint from nts_server
- - - - -
aff52824 by Hal Murray at 2019-08-27T10:47:35Z
Fix for #614 - ambigious API for strerror_r()
- - - - -
8fc3bffe by Hal Murray at 2019-08-27T10:47:35Z
Add comments to wafhelpers/check_strerror.py
- - - - -
9 changed files:
- devel/hacking.adoc
- include/ntp_stdlib.h
- libntp/msyslog.c
- ntpd/nts.c
- ntpd/nts_client.c
- ntpd/nts_cookie.c
- ntpd/nts_server.c
- + wafhelpers/check_strerror.py
- wscript
Changes:
=====================================
devel/hacking.adoc
=====================================
@@ -79,7 +79,11 @@ thread. One interesting area is msyslog. The DNS thread doesn't call msyslog.
That was impractical for NTS, so msyslog is thread safe as of 2019-Apr.
Beware of calling strerror() from non-main threads. Use strerror_r()
into a buffer on the stack. Similarly, use socktoa_r() and sockporttoa_r()
-and don't call lib_getbuf().
+and don't call lib_getbuf() or refclock_name().
+
+Actually, don't use strerror_r() since our build environment
+has troubles getting a consistent version of the API.
+Use mystrerror() until we clean this up.
You *may* assume the clock_gettime(2) and clock_settime(2) calls, and
the related getitimer(2)/setitimer(2), from POSIX-1.2008.
=====================================
include/ntp_stdlib.h
=====================================
@@ -30,6 +30,7 @@
extern const char *ntpd_version(void);
extern void msyslog(int, const char *, ...) NTP_PRINTF(2, 3);
+extern void mystrerror(int errnum, char *buf, size_t buflen);
extern void init_logging (const char *, uint32_t, int);
extern int change_logfile (const char *, bool);
extern void reopen_logfile (void);
=====================================
libntp/msyslog.c
=====================================
@@ -447,3 +447,16 @@ reopen_logfile(void)
msyslog(LOG_INFO, "LOG: reopen_logfile: using %s", syslog_fname);
}
+/* Hack because there are 2 APIs to strerror_r() */
+void mystrerror(int errnum, char *buf, size_t buflen) {
+#ifdef STRERROR_CHAR
+ char *answer = strerror_r(errnum, buf, buflen);
+ if (answer != buf) {
+ strlcpy(buf, answer, buflen);
+ }
+#else
+ int answer = strerror_r(errnum, buf, buflen);
+ UNUSED_LOCAL(answer);
+#endif
+}
+
=====================================
ntpd/nts.c
=====================================
@@ -244,7 +244,7 @@ int nts_ssl_read(SSL *ssl, uint8_t *buff, int buff_length) {
char errbuf[100];
bytes_read = SSL_read(ssl, buff, buff_length);
if (0 >= bytes_read) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_INFO, "NTS: SSL_read error: %s", errbuf);
nts_log_ssl_error();
return -1;
@@ -257,7 +257,7 @@ int nts_ssl_write(SSL *ssl, uint8_t *buff, int buff_length) {
char errbuf[100];
bytes_written = SSL_write(ssl, buff, buff_length);
if (0 >= bytes_written) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_INFO, "NTS: SSL_write error: %s", errbuf);
nts_log_ssl_error();
return -1;
=====================================
ntpd/nts_client.c
=====================================
@@ -104,7 +104,7 @@ bool nts_probe(struct peer * peer) {
err = setsockopt(server, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
if (0 > err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSc: can't setsockopt: %s", errbuf);
close(server);
nts_ke_probes_bad++;
@@ -295,13 +295,13 @@ int open_TCP_socket(struct peer *peer, const char *hostname) {
sockfd = socket(answer->ai_family, SOCK_STREAM, 0);
if (-1 == sockfd) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_INFO, "NTSc: nts_probe: no socket: %s", errbuf);
} else {
// Use first answer
err = connect(sockfd, answer->ai_addr, answer->ai_addrlen);
if (-1 == err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_INFO, "NTSc: nts_probe: connect failed: %s", errbuf);
close(sockfd);
sockfd = -1;
@@ -494,7 +494,7 @@ bool nts_client_send_request_core(uint8_t *buff, int buf_size, int *used, struct
*used = buf_size-buf.left;
if (*used >= (int)(buf_size - 10)) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSc: write failed: %d, %ld, %s",
*used, (long)buf_size, errbuf);
return false;
@@ -675,7 +675,7 @@ bool nts_set_cert_search(SSL_CTX *ctx, const char *filename) {
filename, statbuf.st_mode);
return false;
}
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSc: can't stat cert dir/file: %s, %s",
ntsconfig.ca, errbuf);
return false;
=====================================
ntpd/nts_cookie.c
=====================================
@@ -169,7 +169,7 @@ bool nts_read_cookie_keys(void) {
char errbuf[100];
if (ENOENT == errno)
return false; /* File doesn't exist */
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't read old cookie file: %s=>%s",
cookie_filename, errbuf);
exit(1);
@@ -252,13 +252,13 @@ bool nts_write_cookie_keys(void) {
cookie_filename = ntsconfig.KI;
fd = open(cookie_filename, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR);
if (-1 == fd) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "ERR: can't open %s: %s", cookie_filename, errbuf);
return false;
}
out = fdopen(fd, "w");
if (NULL == out) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "ERR: can't fdopen %s: %s", cookie_filename, errbuf);
close(fd);
return false;
=====================================
ntpd/nts_server.c
=====================================
@@ -142,14 +142,14 @@ bool nts_server_init2(void) {
if (listener4_sock != -1) {
rc = pthread_create(&worker, NULL, nts_ke_listener, &listener4_sock);
if (rc) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: nts_start_server4: error from pthread_create: %s", errbuf);
}
}
if (listener6_sock != -1) {
rc = pthread_create(&worker, NULL, nts_ke_listener, &listener6_sock);
if (rc) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: nts_start_server6: error from pthread_create: %s", errbuf);
}
}
@@ -188,14 +188,14 @@ void* nts_ke_listener(void* arg) {
while(1) {
sockaddr_u addr;
- uint len = sizeof(addr);
+ socklen_t len = sizeof(addr);
SSL *ssl;
l_fp start, finish;
int client, err;
client = accept(sock, &addr.sa, &len);
if (client < 0) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: TCP accept failed: %s", errbuf);
if (EBADF == errno)
return NULL;
@@ -208,7 +208,7 @@ void* nts_ke_listener(void* arg) {
msyslog(LOG_INFO, "NTSs: TCP accept-ed from %s", errbuf);
err = setsockopt(client, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
if (0 > err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't setsockopt: %s", errbuf);
close(client);
nts_ke_serves_bad++;
@@ -318,26 +318,26 @@ bool create_listener4(int port) {
msyslog(LOG_ERR, "NTSs: No IPv4 support, disabling NTS-KE listener");
return true;
}
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: Can't create socket4: %s", errbuf);
return false;
}
err = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
if (0 > err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't setsockopt4: %s", errbuf);
close(sock);
return false;
}
err = bind(sock, &addr.sa, sizeof(addr.sa4));
if (0 > err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't bind4: %s", errbuf);
close(sock);
return false;
}
if (listen(sock, 6) < 0) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't listen4: %s", errbuf);
close(sock);
return false;
@@ -364,34 +364,34 @@ bool create_listener6(int port) {
msyslog(LOG_ERR, "NTSs: No IPv6 support, disabling NTS-KE listener");
return true;
}
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: Can't create socket6: %s", errbuf);
return false;
}
/* Hack to keep IPV6 from listening on IPV4 too */
err = setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on));
if (0 > err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't setsockopt6only: %s", errbuf);
close(sock);
return false;
}
err = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
if (0 > err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't setsockopt6: %s", errbuf);
close(sock);
return false;
}
err = bind(sock, &addr.sa, sizeof(addr.sa6));
if (0 > err) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't bind6: %s", errbuf);
close(sock);
return false;
}
if (listen(sock, 6) < 0) {
- IGNORE(strerror_r(errno, errbuf, sizeof(errbuf)));
+ mystrerror(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: can't listen6: %s", errbuf);
close(sock);
return false;
=====================================
wafhelpers/check_strerror.py
=====================================
@@ -0,0 +1,41 @@
+# check to see if strerror_r has type char*
+
+# streror_r() has 2 APIs.
+# our environment doesn't make a clean choice.
+
+# There is code for mystrerror() in the bottom of msyslog.c
+# This code tried to setup a #define for STRERROR_CHAR
+# if strerror_r() returns char* rather than int
+
+# Unfortunately, this test code compiles in the other case.
+# It generates a warning on the type conversion from char* to int,
+# but that's only a warning, so it "works".
+
+# This uses -Werror which may not be portable.
+
+# Another possibility is to run the test code,
+# and have it check for 0/NULL which the int mode should return.
+
+
+STRERROR_FRAG = """
+#include <string.h>
+int main(void) {
+ char buf [100];
+ const char *foo = strerror_r(6, buf, sizeof(buf));
+ return foo == NULL;
+}
+"""
+
+
+def check_strerror(ctx):
+ old_CFLAGS = ctx.env.CFLAGS
+ ctx.env.CFLAGS = ["-Werror"] + ctx.env.CFLAGS
+ ctx.check_cc(
+ fragment=STRERROR_FRAG,
+ define_name="STRERROR_CHAR",
+ features="c",
+ msg="Checking if strerror_r returns char*",
+ mandatory=False,
+ comment="Whether strerror_r returns char*"
+ )
+ ctx.env.CFLAGS = old_CFLAGS
=====================================
wscript
=====================================
@@ -757,6 +757,9 @@ int main(int argc, char **argv) {
from wafhelpers.check_sockaddr import check_sockaddr
check_sockaddr(ctx)
+ from wafhelpers.check_strerror import check_strerror
+ check_strerror(ctx)
+
# Check for Solaris's service configuration facility library
ctx.check_cc(header_name="libscf.h", lib="scf", mandatory=False,
uselib_store="SCF")
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/399318a1d8b2ba171a6e61b9b9e123231da90087...8fc3bffe0ed35cc08ef7789762a6c3f5bd8ff845
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/399318a1d8b2ba171a6e61b9b9e123231da90087...8fc3bffe0ed35cc08ef7789762a6c3f5bd8ff845
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190827/b590c48d/attachment-0001.htm>
More information about the vc
mailing list