git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Steffan Karger <steffan.karger@fox-it.com>
	Wed, 1 Nov 2017 22:03:41 +0000 (23:03 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Fri, 24 Nov 2017 12:26:47 +0000 (13:26 +0100)
commit	3e0fd2b0471cf4e53959902ca10d88db7a1ef916
tree	f15345bddfd39730c4bec52cb9d71b428515d968	tree \| snapshot
parent	492e42d35f141346fe21b3e984ed1bd86e5aac40	commit \| diff

Don't throw fatal errors from create_temp_file()

This function is called in response to connecting clients, and can fail
when I/O fails for some (possibly temporary) reason. In such cases we
should not exit the process, but just reject the connecting client.

This commit changes the function to actually return NULL on errors, and
(where needed) changes the callers to check for and handle errors.

Since the tls-crypt-v2 metadata code also calls create_temp_file() when
clients connect, I consider this a prerequisite for tls-crypt-v2.

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20171101220342.14648-4-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15701.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/misc.c		diff \| blob \| blame \| history
src/openvpn/ssl_verify.c		diff \| blob \| blame \| history