mischief/openbsd-src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2024-12-21 23:18:00 -08:00
Code

Move syslogd(8) TLS handshake callback from read to write handler.

Browse Source 
syslogd should immediately detect that the incoming TLS handshake
is complete.  The old logic detected it when the first log message
over TLS was arriving.  For now only a debug message is logged, but
the callback will be used to print the common name of the client
certificate in the future.

OK tb@
This commit is contained in:
bluhm 2024-11-07 10:12:18 +00:00
parent 3174595f5e
commit 18e6fc661f
2 changed files with 6 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
usr.sbin/syslogd/evbuffer_tls.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: evbuffer_tls.c,v 1.13 2022/03/22 22:58:00 bluhm Exp $ */
/* $OpenBSD: evbuffer_tls.c,v 1.14 2024/11/07 10:12:18 bluhm Exp $ */
/*
* Copyright (c) 2002-2004 Niels Provos <provos@citi.umich.edu>
@ -240,7 +240,7 @@ buffertls_handshakecb(int fd, short event, void *arg)
event_set(&bufev->ev_write, fd, EV_WRITE, buffertls_writecb, buftls);
if (bufev->enabled & EV_READ)
bufferevent_add(&bufev->ev_read, bufev->timeout_read);
if (EVBUFFER_LENGTH(bufev->output) != 0 && bufev->enabled & EV_WRITE)
if (bufev->enabled & EV_WRITE)
bufferevent_add(&bufev->ev_write, bufev->timeout_write);
return;

10
usr.sbin/syslogd/syslogd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: syslogd.c,v 1.282 2024/07/01 12:06:45 bluhm Exp $ */
/* $OpenBSD: syslogd.c,v 1.283 2024/11/07 10:12:18 bluhm Exp $ */
/*
* Copyright (c) 2014-2021 Alexander Bluhm <bluhm@genua.de>
@ -1172,8 +1172,8 @@ acceptcb(int lfd, short event, void *arg, int usetls)
return;
}
p->p_fd = fd;
if ((p->p_bufev = bufferevent_new(fd, tcp_readcb, NULL, tcp_closecb,
p)) == NULL) {
if ((p->p_bufev = bufferevent_new(fd, tcp_readcb,
usetls ? tls_handshakecb : NULL, tcp_closecb, p)) == NULL) {
log_warn("bufferevent \"%s\"", peername);
free(p);
close(fd);
@ -1189,7 +1189,6 @@ acceptcb(int lfd, short event, void *arg, int usetls)
close(fd);
return;
}
p->p_bufev->readcb = tls_handshakecb;
buffertls_set(&p->p_buftls, p->p_bufev, p->p_ctx, fd);
buffertls_accept(&p->p_buftls, fd);
log_debug("tcp accept callback: tls context success");
@ -1218,8 +1217,7 @@ tls_handshakecb(struct bufferevent *bufev, void *arg)
log_debug("Completed tls handshake");
bufev->readcb = tcp_readcb;
tcp_readcb(bufev, p);
bufferevent_setcb(bufev, tcp_readcb, NULL, tcp_closecb, p);
}
/*