From patchwork Fri Oct 23 00:34:27 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1518 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.27.255.7]) by backend41.mail.ord1d.rsapps.net with LMTP id qBqVOQ3Akl8/fQAAqwncew (envelope-from ) for ; Fri, 23 Oct 2020 07:35:41 -0400 Received: from proxy1.mail.iad3a.rsapps.net ([172.27.255.7]) by director12.mail.ord1d.rsapps.net with LMTP id iFoqOQ3Akl90JAAAIasKDg (envelope-from ) for ; Fri, 23 Oct 2020 07:35:41 -0400 Received: from smtp2.gate.iad3a ([172.27.255.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy1.mail.iad3a.rsapps.net with LMTPS id UKcmMg3Akl/cQQAA8TVjwQ (envelope-from ) for ; Fri, 23 Oct 2020 07:35:41 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp2.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: e0fd1bc2-1523-11eb-95b2-525400de56ae-1-1 Received: from [216.105.38.7] ([216.105.38.7:43428] helo=lists.sourceforge.net) by smtp2.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 51/CF-30344-D00C29F5; Fri, 23 Oct 2020 07:35:41 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1kVvLQ-000802-VL; Fri, 23 Oct 2020 11:34:52 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kVvLO-0007ze-TV for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc: MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=YcTBRoc6HxD0UyaDy2oFINW7CqqROcKysV+3IsrjBYQ=; b=WJFtZvR/dwz38YVW71XfWwdyDy A4RVYmtq87X8dXDkP3bFadhZl5us5lja3hqHJ/BIAJNfoBk8/p3XROI9XSurxeP1IqdwtsRcqTwF3 +bjLUHsVS3xfeobQVOU64m4kYXe6MWe8kO+/rxXHopcNVHlGEBkIUb9Rk7P6brjv1KFg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=YcTBRoc6HxD0UyaDy2oFINW7CqqROcKysV+3IsrjBYQ=; b=JoXi8mOlZGQKuzPeP6AzgqUYT/ izLFIHJqYuyXwC6+lhMRCzg2iOiFzZopzkQkDINW1F0RzhntrxY4qLXyW/Visn/1IsnHWSGeaz0QB CGfh5PavREFc93HS0WWY0pBWy9KuvjRADlAv+7d3PLALEHoR2fNP4TvmvjwC79gqJ2QA=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1kVvLK-003oJU-8K for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:50 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1kVvL5-000J9u-RS for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 13:34:31 +0200 Received: (nullmailer pid 26736 invoked by uid 10006); Fri, 23 Oct 2020 11:34:31 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 23 Oct 2020 13:34:27 +0200 Message-Id: <20201023113431.26691-1-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rfc2549.org] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1kVvLK-003oJU-8K Subject: [Openvpn-devel] [PATCH 1/5] Inline function tls_get_peer_info X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox All other places in our code also directly access peer_info and this function does not contribute to code clarity. Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/multi.c | 2 +- src/openvpn/ssl.h | 8 -------- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index a5862020..009b46fa 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3993,7 +3993,7 @@ management_get_peer_info(void *arg, const unsigned long cid) if (mi) { - ret = tls_get_peer_info(mi->context.c2.tls_multi); + ret = mi->context.c2.tls_multi->peer_info; } return ret; diff --git a/src/openvpn/ssl.h b/src/openvpn/ssl.h index f00f8abd..f3032dab 100644 --- a/src/openvpn/ssl.h +++ b/src/openvpn/ssl.h @@ -499,14 +499,6 @@ bool tls_session_update_crypto_params(struct tls_session *session, struct frame *frame, struct frame *frame_fragment); -#ifdef MANAGEMENT_DEF_AUTH -static inline char * -tls_get_peer_info(const struct tls_multi *multi) -{ - return multi->peer_info; -} -#endif - /* * inline functions */ From patchwork Fri Oct 23 00:34:28 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1517 X-Patchwork-Delegate: a@unstable.cc Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.27.255.59]) by backend41.mail.ord1d.rsapps.net with LMTP id mPhKHwTAkl8/fQAAqwncew (envelope-from ) for ; Fri, 23 Oct 2020 07:35:32 -0400 Received: from proxy17.mail.iad3a.rsapps.net ([172.27.255.59]) by director9.mail.ord1d.rsapps.net with LMTP id AOQaHwTAkl9MFQAAalYnBA (envelope-from ) for ; Fri, 23 Oct 2020 07:35:32 -0400 Received: from smtp13.gate.iad3a ([172.27.255.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy17.mail.iad3a.rsapps.net with LMTPS id uFEFGQTAkl/VIgAAR4KW9A (envelope-from ) for ; Fri, 23 Oct 2020 07:35:32 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp13.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: db3ec686-1523-11eb-a1b9-5254004b83b1-1-1 Received: from [216.105.38.7] ([216.105.38.7:38364] helo=lists.sourceforge.net) by smtp13.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 34/FD-04452-300C29F5; Fri, 23 Oct 2020 07:35:32 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1kVvLO-0002HR-OD; Fri, 23 Oct 2020 11:34:50 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kVvLL-0002HB-Qh for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=2XqZfhSD22m4adkwOVrZUkE34JL2QVmbpRFDA7mOrUk=; b=mJprsnWu378s5rPYx/yJWCufhm cTzE/VVl05re4u1rwxSKY+bXEr3fevZBmnC4IImIykb/7KRsxy1DLNZXXazMYnL8hSZ2owqVFqHm9 Zq4USjA7BLvQ1rPVf1B60ETG6wiN+QFf5QimAOUhjYxy/xgmrk073fzvfQDBML5pfJn0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=2XqZfhSD22m4adkwOVrZUkE34JL2QVmbpRFDA7mOrUk=; b=fSmUBPwR04t/CfZdULT87GqYn1 XmP65/g04+Ng7olnmSJhEFduuoKWsYKHYXubHgr7u+8tMJ/7Me985xVkTEH+EtuEAdo/6cPVrz7MA Vj2bp6l5SFfsDpQ8VITbsbc12Epdt/67VaFKms/d8NJKD5osL90PMrANPKFzvadbUnE4=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1kVvLG-003oIw-Qi for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:47 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1kVvL5-000J9x-Tn for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 13:34:31 +0200 Received: (nullmailer pid 26739 invoked by uid 10006); Fri, 23 Oct 2020 11:34:31 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 23 Oct 2020 13:34:28 +0200 Message-Id: <20201023113431.26691-2-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20201023113431.26691-1-arne@rfc2549.org> References: <20201023113431.26691-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rfc2549.org] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1kVvLG-003oIw-Qi Subject: [Openvpn-devel] [PATCH 2/5] xmit_hold is only required for port_share X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Make options.c only set xmit_hold when port_share is active to least document this dependency. I have not actually tested if this dependency is actually true (or if port_share could work without xmit_hold). Signed-off-by: Arne Schwabe --- src/openvpn/init.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 034edba0..fdd9a6cc 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2908,12 +2908,15 @@ do_init_crypto_tls(struct context *c, const unsigned int flags) to.push_peer_info_detail = 0; } +#ifdef ENABLE_PORT_SHARE /* should we not xmit any packets until we get an initial * response from client? */ - if (to.server && options->ce.proto == PROTO_TCP_SERVER) + if (to.server && options->ce.proto == PROTO_TCP_SERVER + && options->port_share_host) { to.xmit_hold = true; } +#endif to.disable_occ = !options->occ; From patchwork Fri Oct 23 00:34:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1520 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.27.255.8]) by backend41.mail.ord1d.rsapps.net with LMTP id eNRPHRDAkl/PWQAAqwncew (envelope-from ) for ; Fri, 23 Oct 2020 07:35:44 -0400 Received: from proxy6.mail.iad3a.rsapps.net ([172.27.255.8]) by director9.mail.ord1d.rsapps.net with LMTP id SKMaHRDAkl9OFQAAalYnBA (envelope-from ) for ; Fri, 23 Oct 2020 07:35:44 -0400 Received: from smtp24.gate.iad3a ([172.27.255.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy6.mail.iad3a.rsapps.net with LMTPS id wJs8FxDAkl9/VwAA8udqhg (envelope-from ) for ; Fri, 23 Oct 2020 07:35:44 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp24.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: e10e2e26-1523-11eb-b29f-5254009f6f51-1-1 Received: from [216.105.38.7] ([216.105.38.7:38430] helo=lists.sourceforge.net) by smtp24.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 56/A4-08455-D00C29F5; Fri, 23 Oct 2020 07:35:41 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1kVvLQ-0002Hh-1i; Fri, 23 Oct 2020 11:34:52 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kVvLL-0002HC-Qg for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pzvGf2r1MPOv+YkY0F8T9eTwebyHz0rNNy52BbrepO0=; b=DH/UHEh/LIPdC24j0hB/4aH7bA D80y8Zfs1hYHQrF7nnmc5n1oEMRHt8Q1wmIJ+rn68vaKC0rlFGjeRvI9+97TG0ruNHSx/Nw7+nTAh cdc8KSFT+JDk9qvJCcntHHL7gmd8y/tV9wA/YKzNvLjrhn+JVQAUnsjCAJVbx33dbrdA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=pzvGf2r1MPOv+YkY0F8T9eTwebyHz0rNNy52BbrepO0=; b=B6PVSLZlAY83gTsCAgi834L8Oq l4dTpRRNQVVFNMJe4PQdZlT0biVit/rfpBhZ9WRQEQ8tHegixxM4CASPC/A4XiOnYmJSKlS2lwA2z Ix5NpjCGiS9cINxRWlcznyjj256E2gwVzBEmpyzjnCVxEjWRuvDoH3FMnZDBDqE9++2M=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1kVvLF-00A1Lx-K2 for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:47 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1kVvL5-000J9z-W2 for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 13:34:31 +0200 Received: (nullmailer pid 26744 invoked by uid 10006); Fri, 23 Oct 2020 11:34:31 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 23 Oct 2020 13:34:29 +0200 Message-Id: <20201023113431.26691-3-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20201023113431.26691-1-arne@rfc2549.org> References: <20201023113431.26691-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rfc2549.org] 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1kVvLF-00A1Lx-K2 Subject: [Openvpn-devel] [PATCH 3/5] Align reliable_free with other free methods to accept NULL X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The semantic of most free methods is to free a pointer and all its contents and also free the pointer itself. Align reliable_free to this semantic. Also clean up the other free uses in key_state_free. Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/reliable.c | 5 +++++ src/openvpn/reliable.h | 4 +++- src/openvpn/ssl.c | 24 ++++-------------------- 3 files changed, 12 insertions(+), 21 deletions(-) diff --git a/src/openvpn/reliable.c b/src/openvpn/reliable.c index eae1e0cb..6c1f2da1 100644 --- a/src/openvpn/reliable.c +++ b/src/openvpn/reliable.c @@ -326,12 +326,17 @@ reliable_init(struct reliable *rel, int buf_size, int offset, int array_size, bo void reliable_free(struct reliable *rel) { + if (!rel) + { + return; + } int i; for (i = 0; i < rel->size; ++i) { struct reliable_entry *e = &rel->array[i]; free_buf(&e->buf); } + free(rel); } /* no active buffers? */ diff --git a/src/openvpn/reliable.h b/src/openvpn/reliable.h index 688c65c8..a84d4290 100644 --- a/src/openvpn/reliable.h +++ b/src/openvpn/reliable.h @@ -192,7 +192,9 @@ bool reliable_ack_write(struct reliable_ack *ack, void reliable_init(struct reliable *rel, int buf_size, int offset, int array_size, bool hold); /** - * Free allocated memory associated with a reliable structure. + * Free allocated memory associated with a reliable structure and the pointer + * itself. + * Does nothing if rel is NULL. * * @param rel The reliable structured to clean up. */ diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 87b51d96..7a3eb146 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -969,27 +969,11 @@ key_state_free(struct key_state *ks, bool clear) free_buf(&ks->ack_write_buf); buffer_list_free(ks->paybuf); - if (ks->send_reliable) - { - reliable_free(ks->send_reliable); - free(ks->send_reliable); - } - - if (ks->rec_reliable) - { - reliable_free(ks->rec_reliable); - free(ks->rec_reliable); - } + reliable_free(ks->send_reliable); + reliable_free(ks->rec_reliable); - if (ks->rec_ack) - { - free(ks->rec_ack); - } - - if (ks->key_src) - { - free(ks->key_src); - } + free(ks->rec_ack); + free(ks->key_src); packet_id_free(&ks->crypto_options.packet_id); From patchwork Fri Oct 23 00:34:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1516 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.27.255.8]) by backend41.mail.ord1d.rsapps.net with LMTP id uMD0NwPAkl8/fQAAqwncew (envelope-from ) for ; Fri, 23 Oct 2020 07:35:31 -0400 Received: from proxy13.mail.iad3a.rsapps.net ([172.27.255.8]) by director10.mail.ord1d.rsapps.net with LMTP id kNvANwPAkl+SLgAApN4f7A (envelope-from ) for ; Fri, 23 Oct 2020 07:35:31 -0400 Received: from smtp30.gate.iad3a ([172.27.255.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy13.mail.iad3a.rsapps.net with LMTPS id CKmHMAPAkl+BAQAAwhxzoA (envelope-from ) for ; Fri, 23 Oct 2020 07:35:31 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp30.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: daea7108-1523-11eb-9c4e-525400089674-1-1 Received: from [216.105.38.7] ([216.105.38.7:43324] helo=lists.sourceforge.net) by smtp30.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 66/C0-32303-300C29F5; Fri, 23 Oct 2020 07:35:31 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1kVvLQ-0007zs-Sq; Fri, 23 Oct 2020 11:34:52 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kVvLO-0007zf-TW for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=+KY+a5C3wo7HIdqoIHqZfiVeF9ET2sgi4sypmX1aJQo=; b=G7SB2WIedanAJW0PIOLzIYo6BM 4MxnZaJBnjcxY48Ni2Uj761YG0SdkDlnfEK7v2dW+z2WQSgJpxsqcsDu/vOZ/MrG5yg1OVlT+XtG3 ayonazArfQEwPgx13Zt8jZp2pX+KtmegLvLnAmd6S4hkpgJD/OblnlZuDbB1ol3T9nf8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=+KY+a5C3wo7HIdqoIHqZfiVeF9ET2sgi4sypmX1aJQo=; b=mt6uxLPbgOIorBNvfIk5aZz+XZ 3PDaNLXI4TKqGmZv322S6LKAPSpqViDPftsVMIiMA7tHdQPzawD6SxZM2KZ+rd5DZyg91taydruaM dY5P8c/SR6v/NPOz12Xm2ZDQlK7D9xJt1ncwsS0qPPIfQ6+LCemQxPyNSEEpVlJC1lc4=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1kVvLK-003oJV-8m for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:50 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1kVvL6-000JA3-3V for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 13:34:32 +0200 Received: (nullmailer pid 26747 invoked by uid 10006); Fri, 23 Oct 2020 11:34:31 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 23 Oct 2020 13:34:30 +0200 Message-Id: <20201023113431.26691-4-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20201023113431.26691-1-arne@rfc2549.org> References: <20201023113431.26691-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rfc2549.org] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1kVvLK-003oJV-8m Subject: [Openvpn-devel] [PATCH 4/5] Remove explicit setting of peer_id to false X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Almost everywhere in OpenVPN we rely on zero initialisation to initialise all bool attributes to false. ret is cleared by ALLOC_OBJ_CLEAR(ret, struct tls_multi); Having this one variable treated different is a bit confusing. Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/ssl.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 7a3eb146..f6f06fa9 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1219,9 +1219,6 @@ tls_multi_init(struct tls_options *tls_options) ret->key_scan[1] = &ret->session[TM_ACTIVE].key[KS_LAME_DUCK]; ret->key_scan[2] = &ret->session[TM_LAME_DUCK].key[KS_LAME_DUCK]; - /* By default not use P_DATA_V2 */ - ret->use_peer_id = false; - return ret; } From patchwork Fri Oct 23 00:34:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1519 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.27.255.58]) by backend41.mail.ord1d.rsapps.net with LMTP id QI+3Dw/Akl8/fQAAqwncew (envelope-from ) for ; Fri, 23 Oct 2020 07:35:43 -0400 Received: from proxy6.mail.iad3a.rsapps.net ([172.27.255.58]) by director10.mail.ord1d.rsapps.net with LMTP id oHx5Dw/Akl/PLQAApN4f7A (envelope-from ) for ; Fri, 23 Oct 2020 07:35:43 -0400 Received: from smtp2.gate.iad3a ([172.27.255.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy6.mail.iad3a.rsapps.net with LMTPS id iNSbBw/Akl+sVgAA8udqhg (envelope-from ) for ; Fri, 23 Oct 2020 07:35:43 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp2.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: e1c4b42a-1523-11eb-95b2-525400de56ae-1-1 Received: from [216.105.38.7] ([216.105.38.7:43440] helo=lists.sourceforge.net) by smtp2.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 14/CF-30344-E00C29F5; Fri, 23 Oct 2020 07:35:42 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1kVvLM-0007zP-PT; Fri, 23 Oct 2020 11:34:48 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kVvLL-0007zI-Qu for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=TaqxP4amfWxzIh28REoLyt5hil2Q0Zt8Od032qD/YoE=; b=aZPIuWfn0kKwmF24I9FPzDt9Si MVBrx+8GsORaqzq0h3lgcZqjwsroSmEc20tIDgIBQsNZEjM4K88E56zpU6Ftj2UPA2X/5KOVqGmcG UDzc2beRZj6HGujSXEVSximjpSOlH7ZH2CMHr6Sy7wR+CDawmE9eoVLAsiKumaMQLPEg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=TaqxP4amfWxzIh28REoLyt5hil2Q0Zt8Od032qD/YoE=; b=fefpcw7KdZHrnBUuoeOJ5ltsmM msJQS/nPAtS5UbEvHkwxsgO4xfR9uEBLuJ980sTKcasEUKw1QDEO1v5kJSNfBuDNrCu6mBfsdot25 YLqTPBB1ScoTMB9ov9IeIn781n20DeS4DUXFuLvORLmIXi/wCGCCMBaoRSgpNWM/OtrY=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1kVvLG-003oIx-RT for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 11:34:47 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1kVvL6-000JA5-4F for openvpn-devel@lists.sourceforge.net; Fri, 23 Oct 2020 13:34:32 +0200 Received: (nullmailer pid 26750 invoked by uid 10006); Fri, 23 Oct 2020 11:34:32 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 23 Oct 2020 13:34:31 +0200 Message-Id: <20201023113431.26691-5-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20201023113431.26691-1-arne@rfc2549.org> References: <20201023113431.26691-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rfc2549.org] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1kVvLG-003oIx-RT Subject: [Openvpn-devel] [PATCH 5/5] Remove NULL checks before calling free X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox We (and OpenSSL) already use calling free on null pointers in a number of places and also C99 standards says free(NULL) does nothing. The if (x) free(x) calls more often make code harder to read, instead of easier, remove these NULL checks in favour of directly calling free(x). The OpenSSL *_free methods are also safe to call with NULL and pkcs11h_certificate_freeCertificateIdList is also safe to be called with NULL. Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- .../client-connect/sample-client-connect.c | 5 +- src/openvpn/buffer.c | 5 +- src/openvpn/error.c | 7 +-- src/openvpn/init.c | 11 ++--- src/openvpn/manage.c | 37 +++++--------- src/openvpn/mtcp.c | 5 +- src/openvpn/multi.c | 10 +--- src/openvpn/packet_id.c | 5 +- src/openvpn/pkcs11.c | 49 ++++++------------- src/openvpn/pkcs11_openssl.c | 28 +++-------- src/openvpn/proxy.c | 5 +- src/openvpn/ssl.c | 17 ++----- src/openvpn/ssl_mbedtls.c | 36 +++----------- src/openvpn/ssl_openssl.c | 47 ++++-------------- src/openvpn/ssl_verify.c | 8 ++- src/openvpn/ssl_verify_openssl.c | 6 +-- src/openvpn/status.c | 6 +-- src/openvpn/tun.c | 16 ++---- src/plugins/auth-pam/auth-pam.c | 5 +- src/plugins/down-root/down-root.c | 5 +- 20 files changed, 79 insertions(+), 234 deletions(-) diff --git a/sample/sample-plugins/client-connect/sample-client-connect.c b/sample/sample-plugins/client-connect/sample-client-connect.c index 6168076f..7ed2f72c 100644 --- a/sample/sample-plugins/client-connect/sample-client-connect.c +++ b/sample/sample-plugins/client-connect/sample-client-connect.c @@ -173,10 +173,7 @@ openvpn_plugin_open_v3(const int v3structver, return OPENVPN_PLUGIN_FUNC_SUCCESS; error: - if (context) - { - free(context); - } + free(context); return OPENVPN_PLUGIN_FUNC_ERROR; } diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index b32bc8b2..35d9ecdc 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -184,10 +184,7 @@ buf_assign(struct buffer *dest, const struct buffer *src) void free_buf(struct buffer *buf) { - if (buf->data) - { - free(buf->data); - } + free(buf->data); CLEAR(*buf); } diff --git a/src/openvpn/error.c b/src/openvpn/error.c index d6247fec..7d0fcb2d 100644 --- a/src/openvpn/error.c +++ b/src/openvpn/error.c @@ -488,11 +488,8 @@ close_syslog(void) { closelog(); use_syslog = false; - if (pgmname_syslog) - { - free(pgmname_syslog); - pgmname_syslog = NULL; - } + free(pgmname_syslog); + pgmname_syslog = NULL; } #endif } diff --git a/src/openvpn/init.c b/src/openvpn/init.c index fdd9a6cc..7a4bac58 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -3600,14 +3600,9 @@ do_close_tls(struct context *c) } /* free options compatibility strings */ - if (c->c2.options_string_local) - { - free(c->c2.options_string_local); - } - if (c->c2.options_string_remote) - { - free(c->c2.options_string_remote); - } + free(c->c2.options_string_local); + free(c->c2.options_string_remote); + c->c2.options_string_local = c->c2.options_string_remote = NULL; if (c->c2.pulled_options_state) diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index ac142177..85bd1227 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -826,14 +826,8 @@ man_pkcs11_id_get(struct management *man, const int index) msg(M_CLIENT, ">PKCS11ID-ENTRY:'%d'", index); } - if (id != NULL) - { - free(id); - } - if (base64 != NULL) - { - free(base64); - } + free(id); + free(base64); } #endif /* ifdef ENABLE_PKCS11 */ @@ -2613,10 +2607,7 @@ man_connection_close(struct management *man) { struct man_connection *mc = &man->connection; - if (mc->es) - { - event_free(mc->es); - } + event_free(mc->es); #ifdef _WIN32 net_event_win32_close(&mc->ne32); #endif @@ -2629,14 +2620,10 @@ man_connection_close(struct management *man) { man_close_socket(man, mc->sd_cli); } - if (mc->in) - { - command_line_free(mc->in); - } - if (mc->out) - { - buffer_list_free(mc->out); - } + + command_line_free(mc->in); + buffer_list_free(mc->out); + in_extra_reset(&man->connection, IER_RESET); buffer_list_free(mc->ext_key_input); man_connection_clear(mc); @@ -3896,6 +3883,10 @@ command_line_reset(struct command_line *cl) void command_line_free(struct command_line *cl) { + if (!cl) + { + return; + } command_line_reset(cl); free_buf(&cl->buf); free_buf(&cl->residual); @@ -4015,10 +4006,8 @@ log_entry_print(const struct log_entry *e, unsigned int flags, struct gc_arena * static void log_entry_free_contents(struct log_entry *e) { - if (e->string) - { - free((char *)e->string); - } + /* Cast away constness of const char* */ + free((char *)e->string); CLEAR(*e); } diff --git a/src/openvpn/mtcp.c b/src/openvpn/mtcp.c index 458e6e4c..22c824aa 100644 --- a/src/openvpn/mtcp.c +++ b/src/openvpn/mtcp.c @@ -229,10 +229,7 @@ multi_tcp_free(struct multi_tcp *mtcp) if (mtcp) { event_free(mtcp->es); - if (mtcp->esr) - { - free(mtcp->esr); - } + free(mtcp->esr); free(mtcp); } } diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 009b46fa..ad4ec1c2 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -73,10 +73,7 @@ id(struct multi_instance *mi) static void set_cc_config(struct multi_instance *mi, struct buffer_list *cc_config) { - if (mi->cc_config) - { - buffer_list_free(mi->cc_config); - } + buffer_list_free(mi->cc_config); mi->cc_config = cc_config; } #endif @@ -4016,10 +4013,7 @@ management_client_pf(void *arg, ret = pf_load_from_buffer_list(&mi->context, pf_config); } - if (pf_config) - { - buffer_list_free(pf_config); - } + buffer_list_free(pf_config); return ret; } #endif /* ifdef MANAGEMENT_PF */ diff --git a/src/openvpn/packet_id.c b/src/openvpn/packet_id.c index 0c744875..2b9ef079 100644 --- a/src/openvpn/packet_id.c +++ b/src/openvpn/packet_id.c @@ -103,10 +103,7 @@ packet_id_free(struct packet_id *p) if (p) { dmsg(D_PID_DEBUG, "PID packet_id_free"); - if (p->rec.seq_list) - { - free(p->rec.seq_list); - } + free(p->rec.seq_list); CLEAR(*p); } } diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c index d40ca458..52422918 100644 --- a/src/openvpn/pkcs11.c +++ b/src/openvpn/pkcs11.c @@ -461,11 +461,8 @@ pkcs11_management_id_count(void) cleanup: - if (id_list != NULL) - { - pkcs11h_certificate_freeCertificateIdList(id_list); - id_list = NULL; - } + pkcs11h_certificate_freeCertificateIdList(id_list); + id_list = NULL; dmsg( D_PKCS11_DEBUG, @@ -630,29 +627,17 @@ pkcs11_management_id_get( cleanup: - if (id_list != NULL) - { - pkcs11h_certificate_freeCertificateIdList(id_list); - id_list = NULL; - } + pkcs11h_certificate_freeCertificateIdList(id_list); + id_list = NULL; - if (internal_id != NULL) - { - free(internal_id); - internal_id = NULL; - } + free(internal_id); + internal_id = NULL; - if (internal_base64 != NULL) - { - free(internal_base64); - internal_base64 = NULL; - } + free(internal_base64); + internal_base64 = NULL; - if (certificate_blob != NULL) - { - free(certificate_blob); - certificate_blob = NULL; - } + free(certificate_blob); + certificate_blob = NULL; dmsg( D_PKCS11_DEBUG, @@ -1005,19 +990,13 @@ cleanup1: certificate = NULL; } - if (ser != NULL) - { - free(ser); - ser = NULL; - } + free(ser); + ser = NULL; } cleanup: - if (user_certificates != NULL) - { - pkcs11h_certificate_freeCertificateIdList(user_certificates); - user_certificates = NULL; - } + pkcs11h_certificate_freeCertificateIdList(user_certificates); + user_certificates = NULL; pkcs11h_terminate(); gc_free(&gc); diff --git a/src/openvpn/pkcs11_openssl.c b/src/openvpn/pkcs11_openssl.c index 642769cc..a84bc635 100644 --- a/src/openvpn/pkcs11_openssl.c +++ b/src/openvpn/pkcs11_openssl.c @@ -102,17 +102,11 @@ cleanup: * openssl objects have reference * count, so release them */ - if (x509 != NULL) - { - X509_free(x509); - x509 = NULL; - } + X509_free(x509); + x509 = NULL; - if (evp != NULL) - { - EVP_PKEY_free(evp); - evp = NULL; - } + EVP_PKEY_free(evp); + evp = NULL; if (openssl_session != NULL) { @@ -138,11 +132,8 @@ pkcs11_certificate_dn(pkcs11h_certificate_t certificate, struct gc_arena *gc) dn = x509_get_subject(x509, gc); cleanup: - if (x509 != NULL) - { - X509_free(x509); - x509 = NULL; - } + X509_free(x509); + x509 = NULL; return dn; } @@ -183,12 +174,9 @@ pkcs11_certificate_serial(pkcs11h_certificate_t certificate, char *serial, ret = 0; cleanup: + X509_free(x509); + x509 = NULL; - if (x509 != NULL) - { - X509_free(x509); - x509 = NULL; - } return ret; } #endif /* defined(ENABLE_PKCS11) && defined(ENABLE_OPENSSL) */ diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index 9998623a..f390daed 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -366,10 +366,7 @@ get_proxy_authenticate(socket_descriptor_t sd, static void store_proxy_authenticate(struct http_proxy_info *p, char *data) { - if (p->proxy_authenticate) - { - free(p->proxy_authenticate); - } + free(p->proxy_authenticate); p->proxy_authenticate = data; } diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index f6f06fa9..53dad9ff 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1105,10 +1105,7 @@ tls_session_free(struct tls_session *session, bool clear) key_state_free(&session->key[i], false); } - if (session->common_name) - { - free(session->common_name); - } + free(session->common_name); cert_hash_free(session->cert_hash_set); @@ -1297,16 +1294,8 @@ tls_multi_free(struct tls_multi *multi, bool clear) auth_set_client_reason(multi, NULL); free(multi->peer_info); - - if (multi->locked_cn) - { - free(multi->locked_cn); - } - - if (multi->locked_username) - { - free(multi->locked_username); - } + free(multi->locked_cn); + free(multi->locked_username); cert_hash_free(multi->locked_cert_hash_set); diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index 11fbeae4..b30b6b9d 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -138,53 +138,31 @@ tls_ctx_free(struct tls_root_ctx *ctx) if (ctx) { mbedtls_pk_free(ctx->priv_key); - if (ctx->priv_key) - { - free(ctx->priv_key); - } + free(ctx->priv_key); mbedtls_x509_crt_free(ctx->ca_chain); - if (ctx->ca_chain) - { - free(ctx->ca_chain); - } + free(ctx->ca_chain); mbedtls_x509_crt_free(ctx->crt_chain); - if (ctx->crt_chain) - { - free(ctx->crt_chain); - } + free(ctx->crt_chain); mbedtls_dhm_free(ctx->dhm_ctx); - if (ctx->dhm_ctx) - { - free(ctx->dhm_ctx); - } + free(ctx->dhm_ctx); mbedtls_x509_crl_free(ctx->crl); - if (ctx->crl) - { - free(ctx->crl); - } + free(ctx->crl); #if defined(ENABLE_PKCS11) pkcs11h_certificate_freeCertificate(ctx->pkcs11_cert); #endif - if (ctx->allowed_ciphers) - { - free(ctx->allowed_ciphers); - } + free(ctx->allowed_ciphers); - if (ctx->groups) - { - free(ctx->groups); - } + free(ctx->groups); CLEAR(*ctx); ctx->initialised = false; - } } diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 122083a8..d161f48b 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -144,10 +144,7 @@ void tls_ctx_free(struct tls_root_ctx *ctx) { ASSERT(NULL != ctx); - if (NULL != ctx->ctx) - { - SSL_CTX_free(ctx->ctx); - } + SSL_CTX_free(ctx->ctx); ctx->ctx = NULL; } @@ -978,14 +975,8 @@ end: crypto_print_openssl_errors(M_DEBUG); } - if (in != NULL) - { - BIO_free(in); - } - if (x) - { - X509_free(x); - } + BIO_free(in); + X509_free(x); } int @@ -1044,14 +1035,8 @@ tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, ret = 0; end: - if (pkey) - { - EVP_PKEY_free(pkey); - } - if (in) - { - BIO_free(in); - } + EVP_PKEY_free(pkey); + BIO_free(in); return ret; } @@ -1312,12 +1297,9 @@ err: { RSA_free(rsa); } - else + else if (rsa_meth) { - if (rsa_meth) - { - RSA_meth_free(rsa_meth); - } + RSA_meth_free(rsa_meth); } return 0; } @@ -1441,14 +1423,8 @@ tls_ctx_use_external_ec_key(struct tls_root_ctx *ctx, EVP_PKEY *pkey) err: /* Reach here only when ec and privkey can be independenly freed */ - if (privkey) - { - EVP_PKEY_free(privkey); - } - if (ec) - { - EC_KEY_free(ec); - } + EVP_PKEY_free(privkey); + EC_KEY_free(ec); return 0; } #endif /* OPENSSL_VERSION_NUMBER > 1.1.0 dev && !defined(OPENSSL_NO_EC) */ @@ -1645,10 +1621,7 @@ tls_ctx_load_ca(struct tls_root_ctx *ctx, const char *ca_file, } } - if (in) - { - BIO_free(in); - } + BIO_free(in); } /* Set a store for certs (CA & CRL) with a lookup on the "capath" hash directory */ diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 2d7abdde..95d8c918 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -841,11 +841,9 @@ cleanup: void auth_set_client_reason(struct tls_multi *multi, const char *client_reason) { - if (multi->client_reason) - { - free(multi->client_reason); - multi->client_reason = NULL; - } + free(multi->client_reason); + multi->client_reason = NULL; + if (client_reason && strlen(client_reason)) { multi->client_reason = string_alloc(client_reason, NULL); diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c index 39d381a1..d063aeda 100644 --- a/src/openvpn/ssl_verify_openssl.c +++ b/src/openvpn/ssl_verify_openssl.c @@ -372,11 +372,7 @@ x509_get_subject(X509 *cert, struct gc_arena *gc) subject[subject_mem->length] = '\0'; err: - if (subject_bio) - { - BIO_free(subject_bio); - } - + BIO_free(subject_bio); return subject; } diff --git a/src/openvpn/status.c b/src/openvpn/status.c index e8dcf7cd..11e24ae4 100644 --- a/src/openvpn/status.c +++ b/src/openvpn/status.c @@ -203,10 +203,8 @@ status_close(struct status_output *so) ret = false; } } - if (so->filename) - { - free(so->filename); - } + free(so->filename); + if (buf_defined(&so->read_buf)) { free_buf(&so->read_buf); diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 8315a426..400a50ca 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1835,10 +1835,8 @@ close_tun_generic(struct tuntap *tt) { close(tt->fd); } - if (tt->actual_name) - { - free(tt->actual_name); - } + + free(tt->actual_name); clear_tuntap(tt); } #endif /* !_WIN32 */ @@ -2522,10 +2520,7 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx) solaris_close_tun(tt); - if (tt->actual_name) - { - free(tt->actual_name); - } + free(tt->actual_name); clear_tuntap(tt); free(tt); @@ -6901,10 +6896,7 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx) } } - if (tt->actual_name) - { - free(tt->actual_name); - } + free(tt->actual_name); if (tt->windows_driver == WINDOWS_DRIVER_WINTUN) { diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c index f537652e..3d167233 100644 --- a/src/plugins/auth-pam/auth-pam.c +++ b/src/plugins/auth-pam/auth-pam.c @@ -506,10 +506,7 @@ openvpn_plugin_open_v3(const int v3structver, } error: - if (context) - { - free(context); - } + free(context); return OPENVPN_PLUGIN_FUNC_ERROR; } diff --git a/src/plugins/down-root/down-root.c b/src/plugins/down-root/down-root.c index da445c61..7a3d34a0 100644 --- a/src/plugins/down-root/down-root.c +++ b/src/plugins/down-root/down-root.c @@ -238,10 +238,7 @@ free_context(struct down_root_context *context) { if (context) { - if (context->command) - { - free(context->command); - } + free(context->command); free(context); } }