From: Guido Vranken Date: Tue, 27 Jun 2017 10:06:12 +0000 (+0200) Subject: Replace all open()/close() with platform_open()/platform_open2()/platform_close() X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=17a15f050682258bade2221cb4eaafbcde4165a3;p=thirdparty%2Fopenvpn.git Replace all open()/close() with platform_open()/platform_open2()/platform_close() --- diff --git a/src/openvpn/console_builtin.c b/src/openvpn/console_builtin.c index d3bfc6655..bccc0501e 100644 --- a/src/openvpn/console_builtin.c +++ b/src/openvpn/console_builtin.c @@ -209,7 +209,7 @@ get_console_input(const char *prompt, const bool echo, char *input, const int ca */ if (!isatty(0) && !isatty(2) ) { - int fd = open( "/dev/tty", O_RDWR ); + int fd = platform_open2( "/dev/tty", O_RDWR ); if (fd < 0) { msg(M_FATAL, "neither stdin nor stderr are a tty device and you have neither a " @@ -217,7 +217,7 @@ get_console_input(const char *prompt, const bool echo, char *input, const int ca "you need to use --askpass to make passphrase-protected keys work, and you " "can not use --auth-nocache.", prompt ); } - close(fd); + platform_close(fd); } if (echo) diff --git a/src/openvpn/console_systemd.c b/src/openvpn/console_systemd.c index 1d18b1a7d..bf81ff7d6 100644 --- a/src/openvpn/console_systemd.c +++ b/src/openvpn/console_systemd.c @@ -83,7 +83,7 @@ get_console_input_systemd(const char *prompt, const bool echo, char *input, cons chomp(input); ret = true; } - close(std_out); + platform_close(std_out); argv_reset(&argv); diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 81f15051a..ec85ae4e4 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -1272,7 +1272,7 @@ read_key_file(struct key2 *key2, const char *file, const unsigned int flags) { msg(M_FATAL, "Key file ('%s') can be a maximum of %d bytes", file, (int)in.capacity); } - close(fd); + platform_close(fd); } cp = (unsigned char *)in.data; @@ -1483,7 +1483,7 @@ write_key_file(const int nkeys, const char *filename) /* write key file, now formatted in out, to file */ buf_write_string_file(&out, filename, fd); - if (close(fd)) + if (platform_close(fd)) { msg(M_ERR, "Close error on shared secret file %s", filename); } diff --git a/src/openvpn/error.c b/src/openvpn/error.c index e439c0189..9743b078c 100644 --- a/src/openvpn/error.c +++ b/src/openvpn/error.c @@ -41,6 +41,7 @@ #include "integer.h" #include "ps.h" #include "mstats.h" +#include "platform.h" #if SYSLOG_CAPABILITY @@ -603,7 +604,7 @@ redirect_stdout_stderr(const char *file, bool append) #elif defined(HAVE_DUP2) if (!std_redir) { - int out = open(file, + int out = platform_open(file, O_CREAT | O_WRONLY | (append ? O_APPEND : O_TRUNC), S_IRUSR | S_IWUSR); @@ -624,7 +625,7 @@ redirect_stdout_stderr(const char *file, bool append) if (out > 2) { - close(out); + platform_close(out); } std_redir = true; diff --git a/src/openvpn/event.c b/src/openvpn/event.c index 9dc079373..0decc1488 100644 --- a/src/openvpn/event.c +++ b/src/openvpn/event.c @@ -34,6 +34,7 @@ #include "integer.h" #include "event.h" #include "fdmisc.h" +#include "platform.h" #include "memdbg.h" @@ -533,7 +534,7 @@ static void ep_free(struct event_set *es) { struct ep_set *eps = (struct ep_set *) es; - close(eps->epfd); + platform_close(eps->epfd); free(eps->events); free(eps); } diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index 092fba802..81b7e6fa4 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -44,6 +44,7 @@ #include "route.h" #include "console.h" #include "win32.h" +#include "platform.h" #include "memdbg.h" @@ -174,7 +175,7 @@ set_std_files_to_null(bool stdin_only) { #if defined(HAVE_DUP) && defined(HAVE_DUP2) int fd; - if ((fd = open("/dev/null", O_RDWR, 0)) != -1) + if ((fd = platform_open("/dev/null", O_RDWR, 0)) != -1) { dup2(fd, 0); if (!stdin_only) @@ -184,7 +185,7 @@ set_std_files_to_null(bool stdin_only) } if (fd > 2) { - close(fd); + platform_close(fd); } } #endif @@ -398,7 +399,7 @@ openvpn_popen(const struct argv *a, const struct env_set *es) pid = fork(); if (pid == (pid_t)0) /* child side */ { - close(pipe_stdout[0]); /* Close read end */ + platform_close(pipe_stdout[0]); /* Close read end */ dup2(pipe_stdout[1],1); execve(cmd, argv, envp); exit(127); @@ -407,14 +408,14 @@ openvpn_popen(const struct argv *a, const struct env_set *es) { int status = 0; - close(pipe_stdout[1]); /* Close write end */ + platform_close(pipe_stdout[1]); /* Close write end */ waitpid(pid, &status, 0); ret = pipe_stdout[0]; } else /* fork failed */ { - close(pipe_stdout[0]); - close(pipe_stdout[1]); + platform_close(pipe_stdout[0]); + platform_close(pipe_stdout[1]); msg(M_ERR, "openvpn_popen: unable to fork %s", cmd); } } @@ -941,7 +942,7 @@ create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) fd = platform_open(retfname, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | S_IWUSR); if (fd != -1) { - close(fd); + platform_close(fd); return retfname; } else if (fd == -1 && errno != EEXIST) diff --git a/src/openvpn/mstats.c b/src/openvpn/mstats.c index 4d02654f2..3184bf5b8 100644 --- a/src/openvpn/mstats.c +++ b/src/openvpn/mstats.c @@ -67,7 +67,7 @@ mstats_open(const char *fn) } /* create file that will be memory mapped */ - fd = open(fn, O_CREAT | O_TRUNC | O_RDWR, S_IRUSR | S_IWUSR); + fd = platform_open(fn, O_CREAT | O_TRUNC | O_RDWR, S_IRUSR | S_IWUSR); if (fd < 0) { msg(M_ERR, "mstats_open: cannot open: %s", fn); @@ -82,7 +82,7 @@ mstats_open(const char *fn) if (stat != sizeof(ms)) { msg(M_ERR, "mstats_open: write error: %s", fn); - close(fd); + platform_close(fd); return; } @@ -91,12 +91,12 @@ mstats_open(const char *fn) if (data == MAP_FAILED) { msg(M_ERR, "mstats_open: write error: %s", fn); - close(fd); + platform_close(fd); return; } /* close the fd (mmap now controls the file) */ - if (close(fd)) + if (platform_close(fd)) { msg(M_ERR, "mstats_open: close error: %s", fn); } diff --git a/src/openvpn/mtcp.c b/src/openvpn/mtcp.c index cb940d8a1..416de3e1c 100644 --- a/src/openvpn/mtcp.c +++ b/src/openvpn/mtcp.c @@ -29,11 +29,11 @@ #include "syshead.h" +#include "platform.h" #if P2MP_SERVER #include "multi.h" #include "forward-inline.h" - #include "memdbg.h" #ifdef HAVE_SYS_INOTIFY_H @@ -830,7 +830,7 @@ tunnel_server_tcp(struct context *top) } #ifdef ENABLE_ASYNC_PUSH - close(top->c2.inotify_fd); + platform_close(top->c2.inotify_fd); #endif /* shut down management interface */ diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c index 793678d8a..5fe3d1a2e 100644 --- a/src/openvpn/mudp.c +++ b/src/openvpn/mudp.c @@ -34,6 +34,7 @@ #include "multi.h" #include #include "forward-inline.h" +#include "platform.h" #include "memdbg.h" @@ -358,7 +359,7 @@ tunnel_server_udp_single_threaded(struct context *top) } #ifdef ENABLE_ASYNC_PUSH - close(top->c2.inotify_fd); + platform_close(top->c2.inotify_fd); #endif /* shut down management interface */ diff --git a/src/openvpn/packet_id.c b/src/openvpn/packet_id.c index e544dfa64..efa4f217e 100644 --- a/src/openvpn/packet_id.c +++ b/src/openvpn/packet_id.c @@ -423,7 +423,7 @@ packet_id_persist_close(struct packet_id_persist *p) { if (packet_id_persist_enabled(p)) { - if (close(p->fd)) + if (platform_close(p->fd)) { msg(D_PID_PERSIST | M_ERRNO, "Close error on --replay-persist file %s", p->filename); } diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c index 0efa6e270..8db515376 100644 --- a/src/openvpn/platform.c +++ b/src/openvpn/platform.c @@ -369,6 +369,13 @@ platform_open(const char *path, int flags, int mode) #endif } +int +platform_open2(const char *path, int flags) +{ + FUZZING_BLOCK; + return open(path, flags); +} + int platform_stat(const char *path, platform_stat_t *buf) { @@ -405,6 +412,11 @@ ssize_t platform_write(int fd, const void* buf, size_t len) return platform_send(fd, buf, len, 0); } +int platform_close(int fd) +{ + return 0; +} + ssize_t platform_select(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout) { return 1; diff --git a/src/openvpn/platform.h b/src/openvpn/platform.h index c633959d1..b6ffb2494 100644 --- a/src/openvpn/platform.h +++ b/src/openvpn/platform.h @@ -139,6 +139,7 @@ int platform_fclose(FILE *stream); FILE *platform_fopen(const char *path, const char *mode); int platform_open(const char *path, int flags, int mode); +int platform_open2(const char *path, int flags); #ifdef _WIN32 typedef struct _stat platform_stat_t; @@ -151,6 +152,7 @@ ssize_t platform_recv(int sockfd, void* buf, size_t len, int flags); ssize_t platform_send(int sockfd, const void* buf, size_t len, int flags); ssize_t platform_read(int fd, void* buf, size_t len); ssize_t platform_write(int fd, const void* buf, size_t len); +int platform_close(int fd); ssize_t platform_select(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout); char* platform_fgets(char *s, int size, FILE *stream); int platform_fgetc(FILE *stream); diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c index b2bc4da9a..755c6c5ba 100644 --- a/src/openvpn/ps.c +++ b/src/openvpn/ps.c @@ -366,7 +366,7 @@ journal_add(const char *journal_dir, struct proxy_connection *pc, struct proxy_c { msg(M_WARN, "PORT SHARE: writing to journal file (%s) failed", jfn); } - close(fd); + platform_close(fd); cp->jfn = jfn; } else diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 96388e8b1..43750c8ed 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -3345,7 +3345,7 @@ get_default_gateway(struct route_gateway_info *rgi) done: if (sd >= 0) { - close(sd); + platform_close(sd); } gc_free(&gc); } @@ -3513,7 +3513,7 @@ get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi6, done: if (nls >= 0) { - close(nls); + platform_close(nls); } } @@ -3635,7 +3635,7 @@ get_default_gateway(struct route_gateway_info *rgi) { l = platform_read(sockfd, (char *)&m_rtmsg, sizeof(m_rtmsg)); } while (l > 0 && (rtm.rtm_seq != seq || rtm.rtm_pid != pid)); - close(sockfd); + platform_close(sockfd); sockfd = -1; /* extract return data from routing socket */ @@ -3709,7 +3709,7 @@ get_default_gateway(struct route_gateway_info *rgi) msg(M_WARN, "GDG: ioctl #1 failed"); goto done; } - close(sockfd); + platform_close(sockfd); sockfd = -1; rgi->gateway.netmask = ntohl(((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr); @@ -3740,7 +3740,7 @@ get_default_gateway(struct route_gateway_info *rgi) msg(M_WARN, "GDG: ioctl #2 failed"); goto done; } - close(sockfd); + platform_close(sockfd); sockfd = -1; for (cp = buffer; cp <= buffer + ifc.ifc_len - sizeof(struct ifreq); ) @@ -3772,7 +3772,7 @@ get_default_gateway(struct route_gateway_info *rgi) done: if (sockfd >= 0) { - close(sockfd); + platform_close(sockfd); } gc_free(&gc); } @@ -3865,7 +3865,7 @@ get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi6, } while (l > 0 && (rtm.rtm_seq != seq || rtm.rtm_pid != pid)); - close(sockfd); + platform_close(sockfd); sockfd = -1; /* extract return data from routing socket */ @@ -3938,7 +3938,7 @@ get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi6, done: if (sockfd >= 0) { - close(sockfd); + platform_close(sockfd); } } diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h index 1384b3aa8..828e463ca 100644 --- a/src/openvpn/socket.h +++ b/src/openvpn/socket.h @@ -34,6 +34,7 @@ #include "proxy.h" #include "socks.h" #include "misc.h" +#include "platform.h" /* * OpenVPN's default port number as assigned by IANA. @@ -274,7 +275,7 @@ int socket_finalize( #else /* ifdef _WIN32 */ -#define openvpn_close_socket(s) close(s) +#define openvpn_close_socket(s) platform_close(s) #endif diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 84ebe8c17..e07a9a454 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -42,6 +42,7 @@ #include "base64.h" #include "ssl_verify.h" #include "ssl_verify_backend.h" +#include "platform.h" #ifdef ENABLE_CRYPTO_OPENSSL #include "ssl_verify_openssl.h" @@ -655,7 +656,7 @@ cleanup: if (fd != -1) { - close(fd); + platform_close(fd); } gc_free(&gc); return ret; diff --git a/src/openvpn/status.c b/src/openvpn/status.c index 0b6ac8795..61d00378a 100644 --- a/src/openvpn/status.c +++ b/src/openvpn/status.c @@ -212,7 +212,7 @@ status_close(struct status_output *so) } if (so->fd >= 0) { - if (close(so->fd) < 0) + if (platform_close(so->fd) < 0) { ret = false; } diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 7ec3025c9..f001de4ba 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1740,7 +1740,7 @@ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node, if (dynamic && strcmp( dev, "tap" ) == 0) { struct ifreq ifr; - if ((tt->fd = open( "/dev/tap", O_RDWR)) < 0) + if ((tt->fd = platform_open( "/dev/tap", O_RDWR)) < 0) { msg(M_FATAL, "Cannot allocate NetBSD TAP dev dynamically"); } @@ -1765,7 +1765,7 @@ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node, "/dev/%s%d", dev, i); openvpn_snprintf(dynamic_name, sizeof(dynamic_name), "%s%d", dev, i); - if ((tt->fd = open(tunname, O_RDWR)) > 0) + if ((tt->fd = platform_open(tunname, O_RDWR)) > 0) { dynamic_opened = true; break; @@ -1795,7 +1795,7 @@ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node, tt->persistent_if = true; } - if ((tt->fd = open(tunname, O_RDWR)) < 0) + if ((tt->fd = platform_open(tunname, O_RDWR)) < 0) { msg(M_ERR, "Cannot open TUN/TAP dev %s", tunname); } @@ -1817,7 +1817,7 @@ close_tun_generic(struct tuntap *tt) { if (tt->fd >= 0) { - close(tt->fd); + platform_close(tt->fd); } if (tt->actual_name) { @@ -1862,7 +1862,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun /* Android 4.4 workaround */ if (oldtunfd >=0 && android_method == ANDROID_OPEN_AFTER_CLOSE) { - close(oldtunfd); + platform_close(oldtunfd); openvpn_sleep(2); } @@ -1882,7 +1882,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun if (oldtunfd>=0 && android_method == ANDROID_OPEN_BEFORE_CLOSE) { - close(oldtunfd); + platform_close(oldtunfd); } /* Set the actual name to a dummy name */ @@ -1952,7 +1952,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun /* * Open the interface */ - if ((tt->fd = open(node, O_RDWR)) < 0) + if ((tt->fd = platform_open2(node, O_RDWR)) < 0) { msg(M_ERR, "ERROR: Cannot open TUN/TAP dev %s", node); } @@ -2025,7 +2025,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun { msg(M_WARN | M_ERRNO, "Note: Cannot set tx queue length on %s", ifr.ifr_name); } - close(ctl_fd); + platform_close(ctl_fd); } else { @@ -2246,12 +2246,12 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun dev); } - if ((tt->ip_fd = open(ip_node, O_RDWR, 0)) < 0) + if ((tt->ip_fd = platform_open(ip_node, O_RDWR, 0)) < 0) { msg(M_ERR, "Can't open %s", ip_node); } - if ((tt->fd = open(dev_node, O_RDWR, 0)) < 0) + if ((tt->fd = platform_open(dev_node, O_RDWR, 0)) < 0) { msg(M_ERR, "Can't open %s", dev_node); } @@ -2305,7 +2305,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun } } - if ((if_fd = open(dev_node, O_RDWR, 0)) < 0) + if ((if_fd = platform_open(dev_node, O_RDWR, 0)) < 0) { msg(M_ERR, "Can't open %s (2)", dev_node); } @@ -2367,7 +2367,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun } /* Open arp_fd */ - if ((arp_fd = open(arp_node, O_RDWR, 0)) < 0) + if ((arp_fd = platform_open(arp_node, O_RDWR, 0)) < 0) { msg(M_ERR, "Can't open %s\n", arp_node); } @@ -2399,7 +2399,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun { msg(M_ERR, "Can't link %s device to ARP", dev_tuntap_type); } - close(arp_fd); + platform_close(arp_fd); } CLEAR(ifr); @@ -2472,13 +2472,13 @@ solaris_close_tun(struct tuntap *tt) msg(M_WARN | M_ERRNO, "Can't unlink interface(ip)"); } - close(tt->ip_fd); + platform_close(tt->ip_fd); tt->ip_fd = -1; } if (tt->fd >= 0) { - close(tt->fd); + platform_close(tt->fd); tt->fd = -1; } } @@ -3030,7 +3030,7 @@ utun_open_helper(struct ctl_info ctlInfo, int utunnum) if (ioctl(fd, CTLIOCGINFO, &ctlInfo) == -1) { - close(fd); + platform_close(fd); msg(M_INFO, "Opening utun (%s): %s", "ioctl(CTLIOCGINFO)", strerror(errno)); return -2; @@ -3052,7 +3052,7 @@ utun_open_helper(struct ctl_info ctlInfo, int utunnum) { msg(M_INFO, "Opening utun (%s): %s", "connect(AF_SYS_CONTROL)", strerror(errno)); - close(fd); + platform_close(fd); return -1; } @@ -3319,7 +3319,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun tt->persistent_if = TRUE; } - if ((tt->fd = open(tunname, O_RDWR)) < 0) + if ((tt->fd = platform_open(tunname, O_RDWR)) < 0) { msg(M_ERR, "Cannot open TAP device '%s'", tunname); }