From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 7 Jun 2016 13:58:05 +0000 (+0200)
Subject: resolve: Make sure to clean up if calling resolvconf failed
X-Git-Tag: 5.5.0dr1~28
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=f4a20b74fdf4affdae6042c4cbbfbc35cf6ce1bc;p=thirdparty%2Fstrongswan.git

resolve: Make sure to clean up if calling resolvconf failed

If running resolvconf fails handle() fails release() is not called, which
might leave an interface file on the system (or depending on which script
called by resolvconf actually failed even the installed DNS server).
---

diff --git a/src/libcharon/plugins/resolve/resolve_handler.c b/src/libcharon/plugins/resolve/resolve_handler.c
index ec3decc4dc..aa0bea34db 100644
--- a/src/libcharon/plugins/resolve/resolve_handler.c
+++ b/src/libcharon/plugins/resolve/resolve_handler.c
@@ -149,7 +149,6 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 							  bool install)
 {
 	char cmd[128];
-	bool success = TRUE;
 
 	/* we use the nameserver's IP address as part of the interface name to
 	 * make them unique */
@@ -162,6 +161,7 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 	if (install)
 	{
 		FILE *out;
+		bool success;
 
 		out = popen(cmd, "w");
 		if (!out)
@@ -171,8 +171,9 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 		DBG1(DBG_IKE, "installing DNS server %H via resolvconf", addr);
 		fprintf(out, "nameserver %H\n", addr);
 		success = !ferror(out);
-		if (pclose(out))
+		if (pclose(out) || !success)
 		{
+			invoke_resolvconf(this, server, addr, FALSE);
 			return FALSE;
 		}
 	}
@@ -180,7 +181,7 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 	{
 		ignore_result(system(cmd));
 	}
-	return success;
+	return TRUE;
 }
 
 METHOD(attribute_handler_t, handle, bool,