From patchwork Tue Jan 14 13:14:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "mrbff (Code Review)" X-Patchwork-Id: 4052 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:b7cb:b0:5e7:b9eb:58e8 with SMTP id en11csp2231573mab; Tue, 14 Jan 2025 05:14:29 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCU3wsPxfYez7+vgmnn6JZ18nNoDlY/VI2dmGl/7WOv42+npMwoylHnkMPvuobRgddKrVvhHvS+CScs=@openvpn.net X-Google-Smtp-Source: AGHT+IFdEmoOQf5EnXJBLBoxa+Ge5uAXs39+Z/H0GQDNvJM7fXw70lKmDMOix2/PoCjsFVocFxjM X-Received: by 2002:a05:6808:144c:b0:3eb:556e:dde8 with SMTP id 5614622812f47-3ef2ed5a34dmr15665364b6e.30.1736860468928; Tue, 14 Jan 2025 05:14:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1736860468; cv=none; d=google.com; s=arc-20240605; b=DgCExJ5gIG+3VvZ+WsTrTRBjrIYoT7/YkPK4hnayJonUGdE4a3gLmHhb3bvjH7Mz8b 1OLZshf22ywV70KeS9xkijpheeMm4bJPHXSbgxL/xJ9AS29Dn2UNye4rlLxt6t5Qm/1M KGDac3q5TRkc4PyujRxWFWy6D95FFPi2KvZ4b276ozH+tu7+Ga7r7XPmd7kJw1jEEp6d ue98dzNdGuluV2yEYwxYGj6g5g8gliXxfrKJK28M02m1mtCVnsQ/OtmGpRt+x2z2J7e0 x7rTN83mICaOuo1undEMsS3izEcPS+XVjBUInkHm9AqpCERGSlJrnUafa6iM1gaC5mNj lIBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=duH/wDUU8AxYMVPRt5dYiiQfxTDcqxoqtbSJ0UChk3s=; fh=GFP4qDxgyJ2WEPo/oeLZg3Mj4NqvY1j2nTvTt7psNwg=; b=i9sSy0zJfR8k2IVTNcA6rhhHTBnqhQ2WykI8L2XCI3bluKq1EB6PUJJEO7zPPYGlo0 qt2ECqAoLSPKpCyqtMhP6i60nnzgerH3lTHzv0ucrnwUVYq61uUqE2ViaUmM0chSllCN eZCcmkzLzd/dNKM6crAscXDhvsjxGQQttRUEBf/nGJUHdBduECR+D5mb1KYAfa5UFNoF h+NtIutq35F3rEpdFUua5b5ImD6vz6RwD4gSM3Pcq/BMRU/Ab9159LXcXtzdk3p9KtI7 KFlxISgOMvb/HF+tB98lvaFaRcZGg2CftLVaGNRtf0bvH0gymA5fpmYbTvqUSt+FipfP 3cdw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=EWOVZEyE; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=eOEryPI3; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=LfDoNjEq; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-3f03749dc4csi8512501b6e.47.2025.01.14.05.14.28 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 14 Jan 2025 05:14:28 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=EWOVZEyE; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=eOEryPI3; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=LfDoNjEq; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1tXgkS-0004ZK-1v; Tue, 14 Jan 2025 13:14:23 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tXgkR-0004ZD-76 for openvpn-devel@lists.sourceforge.net; Tue, 14 Jan 2025 13:14:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=W9FvIOBV5nt3KTbVrJsrjBIpIsPy4d651q3Amq2OIw8=; b=EWOVZEyE9ZUNV7YuK3DSJYzYSB QRTQoQssdOVFWT+dJvt50r3+FzhPfCgNQMJgf+qaZZQK3Dnjtz5vUKdiX/StIUoDr3Cg2EyuwZTRW jBkS0KEs10LZlEVAnPyXADWyH7r5cGQant7/EIABvFC1U7UrbW430RNa4ITThnRr4Wyg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=W9FvIOBV5nt3KTbVrJsrjBIpIsPy4d651q3Amq2OIw8=; b=e OEryPI3RjAB7J9z/It5VE3LEot0UPZr1yTSmHeoYJqEtLy7iVGWStBmoLVlXJH1WyvcWk/GMJvYTZ cvgrns5ns6vYESHIu6VGfqd8xcXDESuHHS6q0V5vObRoOnzZyhHABq62ngKeWfKviXQDdIour7gFC DWDqwwHBLH6aN3gE=; Received: from mail-wr1-f41.google.com ([209.85.221.41]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1tXgkN-0003iq-Ga for openvpn-devel@lists.sourceforge.net; Tue, 14 Jan 2025 13:14:22 +0000 Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-385d7b4da2bso4621498f8f.1 for ; Tue, 14 Jan 2025 05:14:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1736860453; x=1737465253; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=W9FvIOBV5nt3KTbVrJsrjBIpIsPy4d651q3Amq2OIw8=; b=LfDoNjEqYfupV8MUQKswKznxA65iskVWC8dWotlDu0vPQap+pZM5VQtB8KOigB9zkQ pHG2Wht/G4BkwVoNUU9ODMLyTrKznfM3xHpk61GGgkArt+4UKRREHLO2Ow4Y4qFJ26n/ gZcM8rJ+4+w+ITDBgVA597+g6guR1QxajMN6ZTNOCK+uAdhxscZ3VmWvZ3FRLyZITBP2 eu7F/90lS0B9t2luG0UvuTZxBseohDRT1ODWUOpBXpGpBq34unHZZBtLWmKznf8NQzOc F1FPnaIP05R+gMRc3a+NgDFihxSLKUGwuqL89+83J9yo7X7PKeS+1BKCfqnj9Oh+1eKB DQTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736860453; x=1737465253; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=W9FvIOBV5nt3KTbVrJsrjBIpIsPy4d651q3Amq2OIw8=; b=q21mPpVrgyLij7y5Fi4LUpemqdsBbr65OeMiWmBzM4Rc5IR+Cu5xXi7cN3/fEZtfC6 IYneQyUDJ0ynIF6p8+Vc6KMz9GaOBraZp1ckSGOQQ+6FYpaCl6+OSvs4e1joxZ5wHMy8 p1bfbC3deTFeQG28xijiHWVTZzbSdZ4g7Ll7GzG2WJBob5rIs+swxrabBFk+S2YmQ3Dl lW7l+/NoiUHacT5bHjn6v1zlWo+/5xrEvvzbpdGmXKisfnqwl1RWsyv5/piS/pIvVPdO xhgaJfmR19fxD4ftd672SiAbkLvFjIbZLV16i+PoAUroN84V0rAypESj/jYIXVwhtXF0 t8cQ== X-Gm-Message-State: AOJu0YxV3oLuVAs8W0WGUuFqoAZiugIhn5xyFoArB7HAYI9o2Uiv+A1h DIy0X1BNpYhoo86OvQo8R5pELSadzPQlffNd5kZ+52HZ6lLk8Py3VO5q5lzKCt+B4cOUhti4jwU R X-Gm-Gg: ASbGnctdbf5yFhabx+ZkIyBS+17pY2Q/e4EkY4Krg3FoGinZz1VbLuzbukGXtUOE/2J 0RcrtWeY3wsxM2NsMoqXlXpKpDS4a3j6ueEZEkRoauNshb+XCDVVMePXFGhKl36V0cZyHZq90eo a6jnXbl9KfZQ+HS0M8OLdHjvi/ENI+ZwovXVPDJF5DnvLZKGC1nrMh3yF5krChS+DMJ/MAb+63o W40626MI1NfdK6vt5ZHN9hqswxcGx0Q/Rfg20B/Y5lxMk5XZfn6ND1qvgXxDCnez4NhSfmWHG7E TzXL9P7WoxHwbVv9POL0GvQH0N+zccGInTGTGYC/8p57auQ8 X-Received: by 2002:a05:6000:4022:b0:385:f996:1b8e with SMTP id ffacd0b85a97d-38a873052e0mr25685617f8f.16.1736860452558; Tue, 14 Jan 2025 05:14:12 -0800 (PST) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-38a8e4c1b05sm14655591f8f.88.2025.01.14.05.14.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Jan 2025 05:14:12 -0800 (PST) From: "flichtenheld (Code Review)" X-Google-Original-From: "flichtenheld (Code Review)" X-Gerrit-PatchSet: 1 Date: Tue, 14 Jan 2025 13:14:11 +0000 To: plaisthos Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: Ia3b0f22b0049a111ce52b3c87dd08a843ea9a919 X-Gerrit-Change-Number: 862 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 5a40498104c4c78b9028568f080b576e2e50d113 References: Message-ID: MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -2.0 (--) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to do a code review. Please visit Content analysis details: (-2.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.221.41 listed in sa-trusted.bondedsender.org] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.221.41 listed in bl.score.senderscore.com] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.221.41 listed in list.dnswl.org] -1.8 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.41 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1tXgkN-0003iq-Ga Subject: [Openvpn-devel] [M] Change in openvpn[master]: Remove various unused function parameters X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: frank@lichtenheld.com, arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1821230203198285984?= X-GMAIL-MSGID: =?utf-8?q?1821230203198285984?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/862?usp=email to review the following change. Change subject: Remove various unused function parameters ...................................................................... Remove various unused function parameters Change-Id: Ia3b0f22b0049a111ce52b3c87dd08a843ea9a919 Signed-off-by: Frank Lichtenheld --- M src/openvpn/forward.c M src/openvpn/multi.c M src/openvpn/options.c M src/openvpn/proxy.c M src/openvpn/push.c M src/openvpn/push.h M src/openvpn/route.c M src/openvpn/route.h M src/openvpn/socket.c M src/openvpn/socket.h M src/openvpn/socks.c M src/openvpn/socks.h M src/openvpn/ssl.c M src/openvpn/ssl_verify.c M src/openvpn/tls_crypt.c M src/openvpn/tls_crypt.h M src/openvpn/tun.c M tests/unit_tests/openvpn/test_tls_crypt.c 18 files changed, 42 insertions(+), 67 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/62/862/1 diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index f3f3503..a9f1115 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -257,11 +257,11 @@ } else if (buf_string_match_head_str(buf, "INFO_PRE")) { - server_pushed_info(c, buf, 8); + server_pushed_info(buf, 8); } else if (buf_string_match_head_str(buf, "INFO")) { - server_pushed_info(c, buf, 4); + server_pushed_info(buf, 4); } else if (buf_string_match_head_str(buf, "CR_RESPONSE")) { diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 7fa3b43..ab967ea 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -1762,8 +1762,7 @@ } static void -multi_client_connect_setenv(struct multi_context *m, - struct multi_instance *mi) +multi_client_connect_setenv(struct multi_instance *mi) { struct gc_arena gc = gc_new(); @@ -2547,7 +2546,7 @@ /* do --client-connect setenvs */ multi_select_virtual_addr(m, mi); - multi_client_connect_setenv(m, mi); + multi_client_connect_setenv(mi); } /** @@ -2640,7 +2639,7 @@ */ multi_select_virtual_addr(m, mi); - multi_client_connect_setenv(m, mi); + multi_client_connect_setenv(mi); ret = CC_RET_SUCCEEDED; } @@ -2912,7 +2911,6 @@ multi_bcast(struct multi_context *m, const struct buffer *buf, const struct multi_instance *sender_instance, - const struct mroute_addr *sender_addr, uint16_t vid) { struct hash_iterator hi; @@ -3439,7 +3437,7 @@ if (mroute_flags & MROUTE_EXTRACT_MCAST) { /* for now, treat multicast as broadcast */ - multi_bcast(m, &c->c2.to_tun, m->pending, NULL, 0); + multi_bcast(m, &c->c2.to_tun, m->pending, 0); } else /* possible client to client routing */ { @@ -3491,8 +3489,7 @@ { if (mroute_flags & (MROUTE_EXTRACT_BCAST|MROUTE_EXTRACT_MCAST)) { - multi_bcast(m, &c->c2.to_tun, m->pending, NULL, - vid); + multi_bcast(m, &c->c2.to_tun, m->pending, vid); } else /* try client-to-client routing */ { @@ -3586,7 +3583,7 @@ if (mroute_flags & (MROUTE_EXTRACT_BCAST|MROUTE_EXTRACT_MCAST)) { /* for now, treat multicast as broadcast */ - multi_bcast(m, &m->top.c2.buf, NULL, NULL, vid); + multi_bcast(m, &m->top.c2.buf, NULL, vid); } else { @@ -3758,7 +3755,7 @@ for (i = 0; i < parm.n_packets; ++i) { - multi_bcast(m, &buf, NULL, NULL, 0); + multi_bcast(m, &buf, NULL, 0); } gc_free(&gc); diff --git a/src/openvpn/options.c b/src/openvpn/options.c index eb0d9b5..1113663 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2101,7 +2101,6 @@ parse_http_proxy_override(const char *server, const char *port, const char *flags, - const int msglevel, struct gc_arena *gc) { if (server && port) @@ -2239,7 +2238,7 @@ } static struct pull_filter * -alloc_pull_filter(struct options *o, const int msglevel) +alloc_pull_filter(struct options *o) { struct pull_filter_list *l = alloc_pull_filter_list(o); struct pull_filter *f; @@ -6191,7 +6190,7 @@ else if (streq(p[0], "http-proxy-override") && p[1] && p[2] && !p[4]) { VERIFY_PERMISSION(OPT_P_GENERAL); - options->http_proxy_override = parse_http_proxy_override(p[1], p[2], p[3], msglevel, &options->gc); + options->http_proxy_override = parse_http_proxy_override(p[1], p[2], p[3], &options->gc); if (!options->http_proxy_override) { goto err; @@ -7105,7 +7104,7 @@ { struct pull_filter *f; VERIFY_PERMISSION(OPT_P_GENERAL) - f = alloc_pull_filter(options, msglevel); + f = alloc_pull_filter(options); if (strcmp("accept", p[1]) == 0) { diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index 404ea08..560db6f 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -573,8 +573,7 @@ static bool add_proxy_headers(struct http_proxy_info *p, socket_descriptor_t sd, /* already open to proxy */ - const char *host, /* openvpn server remote */ - const char *port /* openvpn server port */ + const char *host /* openvpn server remote */ ) { char buf[512]; @@ -694,7 +693,7 @@ goto error; } - if (!add_proxy_headers(p, sd, host, port)) + if (!add_proxy_headers(p, sd, host)) { goto error; } @@ -833,7 +832,7 @@ } /* send HOST etc, */ - if (!add_proxy_headers(p, sd, host, port)) + if (!add_proxy_headers(p, sd, host)) { goto error; } @@ -959,7 +958,7 @@ } /* send HOST etc, */ - if (!add_proxy_headers(p, sd, host, port)) + if (!add_proxy_headers(p, sd, host)) { goto error; } diff --git a/src/openvpn/push.c b/src/openvpn/push.c index a7cd3bf..ddad109 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -225,8 +225,7 @@ void -server_pushed_info(struct context *c, const struct buffer *buffer, - const int adv) +server_pushed_info(const struct buffer *buffer, const int adv) { const char *m = ""; struct buffer buf = *buffer; @@ -258,7 +257,7 @@ gc_free(&gc); } - #endif +#endif msg(D_PUSH, "Info command was pushed by server ('%s')", m); } diff --git a/src/openvpn/push.h b/src/openvpn/push.h index 4a13327..6af0853 100644 --- a/src/openvpn/push.h +++ b/src/openvpn/push.h @@ -50,8 +50,7 @@ void receive_exit_message(struct context *c); -void server_pushed_info(struct context *c, const struct buffer *buffer, - const int adv); +void server_pushed_info(const struct buffer *buffer, const int adv); void receive_cr_response(struct context *c, const struct buffer *buffer); diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 2aa33d0..278233f 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1243,7 +1243,7 @@ { if (flags & ROUTE_DELETE_FIRST) { - delete_route_ipv6(r, tt, flags, es, ctx); + delete_route_ipv6(r, tt, es, ctx); } ret = add_route_ipv6(r, tt, flags, es, ctx) && ret; } @@ -1280,7 +1280,7 @@ struct route_ipv6 *r6; for (r6 = rl6->routes_ipv6; r6; r6 = r6->next) { - delete_route_ipv6(r6, tt, flags, es, ctx); + delete_route_ipv6(r6, tt, es, ctx); } rl6->iflags &= ~RL_ROUTES_ADDED; } @@ -2383,7 +2383,7 @@ void delete_route_ipv6(const struct route_ipv6 *r6, const struct tuntap *tt, - unsigned int flags, const struct env_set *es, + const struct env_set *es, openvpn_net_ctx_t *ctx) { const char *network; diff --git a/src/openvpn/route.h b/src/openvpn/route.h index e605d8b..1e8c38e 100644 --- a/src/openvpn/route.h +++ b/src/openvpn/route.h @@ -273,7 +273,7 @@ bool add_route_ipv6(struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx); -void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx); +void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, const struct env_set *es, openvpn_net_ctx_t *ctx); bool add_route(struct route_ipv4 *r, const struct tuntap *tt, unsigned int flags, const struct route_gateway_info *rgi, const struct env_set *es, diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index f9f2a3b..234d590 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2139,7 +2139,6 @@ establish_socks_proxy_udpassoc(sock->socks_proxy, sock->ctrl_sd, - sock->sd, &sock->socks_relay.dest, sock->server_poll_timeout, sig_info); @@ -3447,7 +3446,7 @@ #ifdef _WIN32 return link_socket_write_win32(sock, buf, to); #else - return link_socket_write_tcp_posix(sock, buf, to); + return link_socket_write_tcp_posix(sock, buf); #endif } diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h index 16106d4..4a8f358 100644 --- a/src/openvpn/socket.h +++ b/src/openvpn/socket.h @@ -1155,8 +1155,7 @@ static inline ssize_t link_socket_write_tcp_posix(struct link_socket *sock, - struct buffer *buf, - struct link_socket_actual *to) + struct buffer *buf) { return send(sock->sd, BPTR(buf), BLEN(buf), MSG_NOSIGNAL); } diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index e280453..d2105cb 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -516,7 +516,6 @@ void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, /* already open to proxy */ - socket_descriptor_t udp_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info) diff --git a/src/openvpn/socks.h b/src/openvpn/socks.h index 5c4b4a1..d5658ee 100644 --- a/src/openvpn/socks.h +++ b/src/openvpn/socks.h @@ -57,7 +57,6 @@ void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, /* already open to proxy */ - socket_descriptor_t udp_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info); diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 631e547..f723971 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1622,7 +1622,7 @@ /* If dynamic tls-crypt has been negotiated, and we are on the * first session (key_id = 0), generate a tls-crypt key for the * following renegotiations */ - if (!tls_session_generate_dynamic_tls_crypt_key(multi, session)) + if (!tls_session_generate_dynamic_tls_crypt_key(session)) { return false; } @@ -2182,8 +2182,7 @@ } static void -export_user_keying_material(struct key_state_ssl *ssl, - struct tls_session *session) +export_user_keying_material(struct tls_session *session) { if (session->opt->ekm_size > 0) { @@ -2371,7 +2370,7 @@ if ((ks->authenticated > KS_AUTH_FALSE) && plugin_defined(session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL)) { - export_user_keying_material(&ks->ks_ssl, session); + export_user_keying_material(session); if (plugin_call(session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL, NULL, NULL, session->opt->es) != OPENVPN_PLUGIN_FUNC_SUCCESS) { diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 4c4b58d..178bfa9 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -404,7 +404,7 @@ */ static void verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert_depth, - const char *subject, const char *common_name, + const char *subject, const struct x509_track *x509_track) { char envname[64]; @@ -425,12 +425,6 @@ snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); setenv_str(es, envname, subject); -#if 0 - /* export common name string as environmental variable */ - snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); - setenv_str(es, envname, common_name); -#endif - /* export X509 cert fingerprints */ { struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc); @@ -521,7 +515,7 @@ */ static result_t verify_cert_call_command(const char *verify_command, struct env_set *es, - int cert_depth, openvpn_x509_cert_t *cert, char *subject) + int cert_depth, char *subject) { int ret; struct gc_arena gc = gc_new(); @@ -747,8 +741,7 @@ } } /* export certificate values to the environment */ - verify_cert_set_env(opt->es, cert, cert_depth, subject, common_name, - opt->x509_track); + verify_cert_set_env(opt->es, cert, cert_depth, subject, opt->x509_track); /* export current untrusted IP */ setenv_untrusted(session); @@ -767,7 +760,7 @@ /* run --tls-verify script */ if (opt->verify_command && SUCCESS != verify_cert_call_command(opt->verify_command, - opt->es, cert_depth, cert, subject)) + opt->es, cert_depth, subject)) { goto cleanup; } @@ -1020,7 +1013,6 @@ */ static char * key_state_check_auth_failed_message_file(const struct auth_deferred_status *ads, - struct tls_multi *multi, struct gc_arena *gc) { char *ret = NULL; @@ -1204,8 +1196,8 @@ { struct gc_arena gc = gc_new(); const struct key_state *ks = get_primary_key(multi); - const char *plugin_message = key_state_check_auth_failed_message_file(&ks->plugin_auth, multi, &gc); - const char *script_message = key_state_check_auth_failed_message_file(&ks->script_auth, multi, &gc); + const char *plugin_message = key_state_check_auth_failed_message_file(&ks->plugin_auth, &gc); + const char *script_message = key_state_check_auth_failed_message_file(&ks->script_auth, &gc); if (plugin_message) { @@ -1289,7 +1281,7 @@ struct auth_deferred_status *status) { struct gc_arena gc = gc_new(); - const char *msg = key_state_check_auth_failed_message_file(status, multi, &gc); + const char *msg = key_state_check_auth_failed_message_file(status, &gc); if (msg) { auth_set_client_reason(multi, msg); @@ -1532,7 +1524,6 @@ static int verify_user_pass_management(struct tls_session *session, - struct tls_multi *multi, const struct user_pass *up) { int retval = KMDA_ERROR; @@ -1678,7 +1669,7 @@ #ifdef ENABLE_MANAGEMENT if (man_def_auth == KMDA_DEF) { - man_def_auth = verify_user_pass_management(session, multi, up); + man_def_auth = verify_user_pass_management(session, up); } #endif if (plugin_defined(session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)) diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index 76f06bc..24df930 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -95,8 +95,7 @@ } bool -tls_session_generate_dynamic_tls_crypt_key(struct tls_multi *multi, - struct tls_session *session) +tls_session_generate_dynamic_tls_crypt_key(struct tls_session *session) { session->tls_wrap_reneg.opt = session->tls_wrap.opt; session->tls_wrap_reneg.mode = TLS_WRAP_CRYPT; diff --git a/src/openvpn/tls_crypt.h b/src/openvpn/tls_crypt.h index ffb1f2a..e98aae7 100644 --- a/src/openvpn/tls_crypt.h +++ b/src/openvpn/tls_crypt.h @@ -122,13 +122,11 @@ * * All renegotiations of a session use the same generated dynamic key. * - * @param multi multi session struct * @param session session that will be used for the TLS EKM exporter * @return true iff generating the key was successful */ bool -tls_session_generate_dynamic_tls_crypt_key(struct tls_multi *multi, - struct tls_session *session); +tls_session_generate_dynamic_tls_crypt_key(struct tls_session *session); /** * Returns the maximum overhead (in bytes) added to the destination buffer by diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 7fbd6c3..9dce8da 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1068,7 +1068,7 @@ r6.metric = 0; /* connected route */ r6.flags = RT_DEFINED | RT_ADDED | RT_METRIC_DEFINED; route_ipv6_clear_host_bits(&r6); - delete_route_ipv6(&r6, tt, 0, NULL, NULL); + delete_route_ipv6(&r6, tt, NULL, NULL); } #endif /* if defined(_WIN32) || defined(TARGET_DARWIN) || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) */ diff --git a/tests/unit_tests/openvpn/test_tls_crypt.c b/tests/unit_tests/openvpn/test_tls_crypt.c index 94cd0ee..ee252f4 100644 --- a/tests/unit_tests/openvpn/test_tls_crypt.c +++ b/tests/unit_tests/openvpn/test_tls_crypt.c @@ -241,7 +241,6 @@ struct gc_arena gc = gc_new(); - struct tls_multi multi = { 0 }; struct tls_session session = { 0 }; struct tls_options tls_opt = { 0 }; @@ -250,7 +249,7 @@ tls_opt.frame.buf.payload_size = 512; session.opt = &tls_opt; - tls_session_generate_dynamic_tls_crypt_key(&multi, &session); + tls_session_generate_dynamic_tls_crypt_key(&session); struct tls_wrap_ctx *rctx = &session.tls_wrap_reneg; @@ -272,7 +271,7 @@ memset(&session.tls_wrap.original_wrap_keydata.keys, 0x00, sizeof(session.tls_wrap.original_wrap_keydata.keys)); session.tls_wrap.original_wrap_keydata.n = 2; - tls_session_generate_dynamic_tls_crypt_key(&multi, &session); + tls_session_generate_dynamic_tls_crypt_key(&session); tls_crypt_wrap(&ctx->source, &rctx->work, &rctx->opt); assert_int_equal(buf_len(&ctx->source) + 40, buf_len(&rctx->work)); @@ -281,7 +280,7 @@ /* XOR should not force a different key */ memset(&session.tls_wrap.original_wrap_keydata.keys, 0x42, sizeof(session.tls_wrap.original_wrap_keydata.keys)); - tls_session_generate_dynamic_tls_crypt_key(&multi, &session); + tls_session_generate_dynamic_tls_crypt_key(&session); tls_crypt_wrap(&ctx->source, &rctx->work, &rctx->opt); assert_int_equal(buf_len(&ctx->source) + 40, buf_len(&rctx->work));