From patchwork Wed Nov 1 11:03:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffan Karger X-Patchwork-Id: 42 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director6.mail.ord1d.rsapps.net ([172.28.255.1]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id a2cUDfFE+lkYVAAAgoeIoA for ; Wed, 01 Nov 2017 18:04:33 -0400 Received: from proxy2.mail.ord1c.rsapps.net ([172.28.255.1]) by director6.mail.ord1d.rsapps.net (Dovecot) with LMTP id OZ4CAvFE+lkAWwAAhgvE6Q ; Wed, 01 Nov 2017 18:04:33 -0400 Received: from smtp49.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy2.mail.ord1c.rsapps.net (Dovecot) with LMTP id UemgB/FE+lndMwAA311kuQ ; Wed, 01 Nov 2017 18:04:33 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-MessageSniffer-Scan-Result: 0 X-MessageSniffer-Rules: 0-298-1160-1376-w 0-298-1160-1740-w 0-298-0-12104-f X-CMAE-Scan-Result: 0 X-CNFS-Analysis: v=2.2 cv=PMJNwriC c=1 sm=1 tr=0 a=Q8DxjiC8O3VT/NpP1XjEZQ==:117 a=Q8DxjiC8O3VT/NpP1XjEZQ==:17 a=kj9zAlcOel0A:10 a=xqWC_Br6kY4A:10 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=sC3jslCIGhcA:10 a=9hBjR9qptiMA:10 a=WiVod9pSvdkA:10 a=ZZnuYtJkoWoA:10 a=Y4BXLp1PAAAA:8 a=9sSjY8p1AAAA:8 a=P_JWiMecAAAA:8 a=FP58Ms26AAAA:8 a=uJGzZxpayXJC9IAXop8A:9 a=CjuIK1q_8ugA:10 a=-FEs8UIgK8oA:10 a=NWVoK91CQyQA:10 a=byfke0vc68LhOSAAcvKj:22 a=ub54wNWiXv_DzeFsgEJW:22 a=D0-HAvA3Hk9NMREbgwuX:22 X-Orig-To: justin@openvpn.net X-Originating-Ip: [216.34.181.88] Authentication-Results: smtp49.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.34.181.88"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=karger-me.20150623.gappssmtp.com; dmarc=none (p=nil; dis=none) header.from=karger.me X-Classification-ID: a3b8a3e8-bf50-11e7-b82e-b8ca3a5bc230-1-1 Received: from [216.34.181.88] ([216.34.181.88:3386] helo=lists.sourceforge.net) by smtp49.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id F5/49-34177-0F44AF95; Wed, 01 Nov 2017 18:04:32 -0400 Received: from localhost ([127.0.0.1] helo=sfs-ml-3.v29.ch3.sourceforge.com) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1eA17E-0003OJ-5D; Wed, 01 Nov 2017 22:04:04 +0000 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.89) (envelope-from ) id 1eA179-0003O3-IK for openvpn-devel@lists.sourceforge.net; Wed, 01 Nov 2017 22:03:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=aMJ2Y6M8r8w7WVCYWZSUzJYp0ncossrdtVhX1x/hV94=; b=mx3RzRWTbss/G2nzvHZOcqfr6W3HEY4p1Mn1N5YOcGg6FukWMwHcdPCRKJ5WGwV9ud2NrYXpXZAD7vsQSZovJui27w/feXPfMhD/CGyce1JTH9YOLXf3A8zIzr0FJg85asC+2hn3PokdcWsJgNIthgWhOKfGucjtRzve4GPofBo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=aMJ2Y6M8r8w7WVCYWZSUzJYp0ncossrdtVhX1x/hV94=; b=UFef3b2emnuj8fKcOCUz7ltpVVX2CPLJcES+e8OdRByI+kkAf39Ht9+adly5t0zgEDU1IZOtqCUKYavP5LU2/HOT7psr5pwU/PqlDFSDo7INaB2KdqSjC3FIntec5kkRqY0oSV9aluvzFejqc7Ecr+mVwe2KNbQqL1Xy6NP1yLA=; Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of karger.me designates 74.125.82.68 as permitted sender) client-ip=74.125.82.68; envelope-from=steffan@karger.me; helo=mail-wm0-f68.google.com; Received: from mail-wm0-f68.google.com ([74.125.82.68]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES128-SHA:128) (Exim 4.76) id 1eA178-0008LU-Hd for openvpn-devel@lists.sourceforge.net; Wed, 01 Nov 2017 22:03:59 +0000 Received: by mail-wm0-f68.google.com with SMTP id m72so7337997wmc.1 for ; Wed, 01 Nov 2017 15:03:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=karger-me.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=aMJ2Y6M8r8w7WVCYWZSUzJYp0ncossrdtVhX1x/hV94=; b=Fj5h4mE/F1qhL2dbvYojT3qyny70S+COwTDzEX5SxgVcN8ObsDzEwVQY5GFSN+4Sf6 bb8i+PF+tWu86WP72mk/khOHkoGHKFhf+xlcTwdTlWZmzYXVAx2mXyaquKtMr5Dx+o8U N9kAQRM56J9kNyEtuBV+yJcYr7lQihzMzvYIW0kUq1chW/cj15n8h7duTYOTrRddISHC pib8PA8HizQFVZr9MiLizyM0NeUOTxm4XGDm8CAV6d3c/Xie+sJon/THnHielVygD8JR DVInsFE3vL6ufsJ29TzEKpfzbOkE/ZOvaRlYeyWUUjkbQHH96pTtbYn4Z3FoUsm3HOMG CXlg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=aMJ2Y6M8r8w7WVCYWZSUzJYp0ncossrdtVhX1x/hV94=; b=SEcZ1N/D8Ab96MCzqE343H6SBaLpgqdTU5uiBoenan9wh8l57WFEbklwmVnVDwP61v W2y2NXVdjxjVCf/EUpIoIeOJTFn++aOkHOzg87I4zzcMmRkZZyojNTukqJdqqCcXzRfs Q51xRBm1AssJiIDGJYjloS7oR1dFlblOn6ZUv4Vk6+ODUMxgK96k/2F67Z8oTEEGxj3G ysPuCpUPFN5+QqNlYVVHr3qcCTvQ41gmsqA8InfaFMkvNWrUdx5vbW1AMWg2fI54Aluv s66b3nCwsfKqPvIxL8w4EjwibUep9iR81QP8OlJmu4yQD4d5wNcMzWf777xj7AMRLJE2 MgeA== X-Gm-Message-State: AMCzsaXwWjvceZQmziEJNvUMwnWYCNCIu+apmYGfXhz6LKi95mObvl8c xYiRn/Kh09erDjv98JcbsGuHPBDVJjM= X-Google-Smtp-Source: ABhQp+RWrvWhRUC1EC8iA66uC0vM0aXj+MLTS1KWH5vBlCgylcswsfB5d2O+yq9MXlqiomYeipz07Q== X-Received: by 10.80.224.7 with SMTP id e7mr1978293edl.117.1509573831696; Wed, 01 Nov 2017 15:03:51 -0700 (PDT) Received: from vesta.fritz.box ([2001:985:e54:1:f834:91b2:a7cf:128b]) by smtp.gmail.com with ESMTPSA id f39sm2096642edf.83.2017.11.01.15.03.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 01 Nov 2017 15:03:51 -0700 (PDT) From: Steffan Karger To: openvpn-devel@lists.sourceforge.net Date: Wed, 1 Nov 2017 23:03:39 +0100 Message-Id: <20171101220342.14648-2-steffan@karger.me> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20171101220342.14648-1-steffan@karger.me> References: <1505424872-27434-1-git-send-email-steffan.karger@fox-it.com> <20171101220342.14648-1-steffan@karger.me> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [74.125.82.68 listed in list.dnswl.org] 0.5 RCVD_IN_SORBS_SPAM RBL: SORBS: sender is a spam source [74.125.82.68 listed in dnsbl.sorbs.net] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1eA178-0008LU-Hd Subject: [Openvpn-devel] [PATCH 1/4 v3] pf: clean up temporary files if plugin init fails X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Steffan Karger close_instance() tries to remove the file in c2.pf.filename, but that only works if we actually set that if we fail. So, set that filename as soon as we know we've created the file. Signed-off-by: Steffan Karger Acked-by: Antonio Quartulli --- v2: As suggested by Antionio, get rid of local 'gc' and 'file' vars. v3: make c->c2.pf.filename const (fixes compile warning) src/openvpn/pf.c | 10 ++++------ src/openvpn/pf.h | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/openvpn/pf.c b/src/openvpn/pf.c index 5cb002bf..e1b5b0e7 100644 --- a/src/openvpn/pf.c +++ b/src/openvpn/pf.c @@ -618,19 +618,18 @@ pf_load_from_buffer_list(struct context *c, const struct buffer_list *config) void pf_init_context(struct context *c) { - struct gc_arena gc = gc_new(); #ifdef PLUGIN_PF if (plugin_defined(c->plugins, OPENVPN_PLUGIN_ENABLE_PF)) { - const char *pf_file = create_temp_file(c->options.tmp_dir, "pf", &gc); - if (pf_file) + c->c2.pf.filename = create_temp_file(c->options.tmp_dir, "pf", + &c->c2.gc); + if (c->c2.pf.filename) { - setenv_str(c->c2.es, "pf_file", pf_file); + setenv_str(c->c2.es, "pf_file", c->c2.pf.filename); if (plugin_call(c->plugins, OPENVPN_PLUGIN_ENABLE_PF, NULL, NULL, c->c2.es) == OPENVPN_PLUGIN_FUNC_SUCCESS) { event_timeout_init(&c->c2.pf.reload, 1, now); - c->c2.pf.filename = string_alloc(pf_file, &c->c2.gc); c->c2.pf.enabled = true; #ifdef ENABLE_DEBUG if (check_debug_level(D_PF_DEBUG)) @@ -658,7 +657,6 @@ pf_init_context(struct context *c) #endif } #endif - gc_free(&gc); } void diff --git a/src/openvpn/pf.h b/src/openvpn/pf.h index 414c85b8..b839fd2e 100644 --- a/src/openvpn/pf.h +++ b/src/openvpn/pf.h @@ -75,7 +75,7 @@ struct pf_context { bool enabled; struct pf_set *pfs; #ifdef PLUGIN_PF - char *filename; + const char *filename; time_t file_last_mod; unsigned int n_check_reload; struct event_timeout reload;