isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move connect_relay_tls() so we don't need a prototype for it.

Browse Source 
Fixes a warning when sudo is not configured to use OpenSSL.
This commit is contained in:
Todd C. Miller
2021-04-06 16:53:35 -06:00
parent 3aec794b75
commit 3f1a76cb83
1 changed files with 36 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
logsrvd/logsrvd_relay.c
View File

@@ -75,7 +75,6 @@ static void relay_client_msg_cb(int fd, int what, void *v);
static void relay_server_msg_cb(int fd, int what, void *v); static void relay_server_msg_cb(int fd, int what, void *v);
static void connect_cb(int sock, int what, void *v); static void connect_cb(int sock, int what, void *v);
static bool start_relay(int sock, struct connection_closure *closure); static bool start_relay(int sock, struct connection_closure *closure);
static bool connect_relay_tls(struct connection_closure *closure);
/* /*
* Free a struct relay_closure container and its contents. * Free a struct relay_closure container and its contents.
@@ -233,6 +232,42 @@ fmt_client_hello(struct connection_closure *closure)
debug_return_bool(ret); debug_return_bool(ret);
} }
#if defined(HAVE_OPENSSL)
/* Wrapper for start_relay() called via tls_connect_cb() */
static bool
tls_client_start_fn(struct tls_client_closure *tls_client)
{
sudo_ev_free(tls_client->tls_connect_ev);
tls_client->tls_connect_ev = NULL;
return start_relay(SSL_get_fd(tls_client->ssl), tls_client->parent_closure);
}
/* Perform TLS connection to the relay host. */
static bool
connect_relay_tls(struct connection_closure *closure)
{
struct tls_client_closure *tls_client = &closure->relay_closure->tls_client;
SSL_CTX *ssl_ctx = logsrvd_get_tls_runtime()->ssl_ctx;
debug_decl(connect_relay_tls, SUDO_DEBUG_UTIL);
/* Populate struct tls_client_closure. */
tls_client->parent_closure = closure;
tls_client->evbase = closure->evbase;
tls_client->tls_connect_ev = sudo_ev_alloc(closure->relay_closure->sock,
SUDO_EV_WRITE, tls_connect_cb, tls_client);
if (tls_client->tls_connect_ev == NULL)
goto bad;
tls_client->peer_name = &closure->relay_closure->relay_name;
tls_client->start_fn = tls_client_start_fn;
if (!tls_ctx_client_setup(ssl_ctx, closure->relay_closure->sock, tls_client))
goto bad;
debug_return_bool(true);
bad:
debug_return_bool(false);
}
#endif /* HAVE_OPENSSL */
/* /*
* Try to connect to the next relay host. * Try to connect to the next relay host.
* Returns 0 on success, -1 on error, setting errno. * Returns 0 on success, -1 on error, setting errno.
@@ -335,42 +370,6 @@ bad:
debug_return_int(-1); debug_return_int(-1);
} }
#if defined(HAVE_OPENSSL)
/* Wrapper for start_relay() called via tls_connect_cb() */
static bool
tls_client_start_fn(struct tls_client_closure *tls_client)
{
sudo_ev_free(tls_client->tls_connect_ev);
tls_client->tls_connect_ev = NULL;
return start_relay(SSL_get_fd(tls_client->ssl), tls_client->parent_closure);
}
/* Perform TLS connection to the relay host. */
static bool
connect_relay_tls(struct connection_closure *closure)
{
struct tls_client_closure *tls_client = &closure->relay_closure->tls_client;
SSL_CTX *ssl_ctx = logsrvd_get_tls_runtime()->ssl_ctx;
debug_decl(connect_relay_tls, SUDO_DEBUG_UTIL);
/* Populate struct tls_client_closure. */
tls_client->parent_closure = closure;
tls_client->evbase = closure->evbase;
tls_client->tls_connect_ev = sudo_ev_alloc(closure->relay_closure->sock,
SUDO_EV_WRITE, tls_connect_cb, tls_client);
if (tls_client->tls_connect_ev == NULL)
goto bad;
tls_client->peer_name = &closure->relay_closure->relay_name;
tls_client->start_fn = tls_client_start_fn;
if (!tls_ctx_client_setup(ssl_ctx, closure->relay_closure->sock, tls_client))
goto bad;
debug_return_bool(true);
bad:
debug_return_bool(false);
}
#endif /* HAVE_OPENSSL */
static void static void
connect_cb(int sock, int what, void *v) connect_cb(int sock, int what, void *v)
{ {