From c17ef973d91fa6952ab5f37586bb642905b5b2b4 Mon Sep 17 00:00:00 2001 From: Fabian Mauchle Date: Mon, 23 Jan 2023 08:31:37 +0100 Subject: [PATCH] avoid conreset race condition reported by coverity --- dtls.c | 10 +++++----- radsecproxy.c | 3 +-- radsecproxy.h | 2 +- tcp.c | 10 +++++----- tls.c | 10 +++++----- 5 files changed, 17 insertions(+), 18 deletions(-) diff --git a/dtls.c b/dtls.c index 1ce5ac7..0cee04e 100644 --- a/dtls.c +++ b/dtls.c @@ -35,7 +35,7 @@ static void setprotoopts(struct commonprotoopts *opts); static char **getlistenerargs(); void *dtlslistener(void *arg); -int dtlsconnect(struct server *server, int timeout, char *text); +int dtlsconnect(struct server *server, int timeout, int reconnect); void *dtlsclientrd(void *arg); int clientradputdtls(struct server *server, unsigned char *rad); void addserverextradtls(struct clsrvconf *conf); @@ -489,7 +489,7 @@ static void cleanup_connection(struct server *server) { server->ssl = NULL; } -int dtlsconnect(struct server *server, int timeout, char *text) { +int dtlsconnect(struct server *server, int timeout, int reconnect) { struct timeval socktimeout, now, start; time_t wait; int firsttry = 1; @@ -502,7 +502,7 @@ int dtlsconnect(struct server *server, int timeout, char *text) { char *subj; struct list_node *entry; - debug(DBG_DBG, "dtlsconnect: called from %s", text); + debug(DBG_DBG, "dtlsconnect: %s to %s", reconnect ? "reconnecting" : "initial connection", server->conf->name); pthread_mutex_lock(&server->lock); if (server->state == RSP_SERVER_STATE_CONNECTED) @@ -604,7 +604,7 @@ int dtlsconnect(struct server *server, int timeout, char *text) { gettimeofday(&server->connecttime, NULL); pthread_mutex_unlock(&server->lock); pthread_mutex_lock(&server->newrq_mutex); - server->conreset = 1; + server->conreset = reconnect; pthread_cond_signal(&server->newrq_cond); pthread_mutex_unlock(&server->newrq_mutex); if (source) freeaddrinfo(source); @@ -653,7 +653,7 @@ void *dtlsclientrd(void *arg) { debug (DBG_WARN, "tlscleintrd: connection to server %s lost", server->conf->name); else if (server->lostrqs) debug (DBG_WARN, "dtlsclientrd: server %s did not respond, closing connection.", server->conf->name); - dtlsconnect(server, 0, "dtlsclientrd"); + dtlsconnect(server, 0, 1); server->lostrqs = 0; } continue; diff --git a/radsecproxy.c b/radsecproxy.c index 7afaefc..4a0cb3d 100644 --- a/radsecproxy.c +++ b/radsecproxy.c @@ -1612,7 +1612,7 @@ void *clientwr(void *arg) { laststatsrv = server->lastreply; if (conf->pdef->connecter) { - if (!conf->pdef->connecter(server, server->dynamiclookuparg ? 5 : 0, "clientwr")) { + if (!conf->pdef->connecter(server, server->dynamiclookuparg ? 5 : 0, 0)) { server->state = RSP_SERVER_STATE_FAILING; if (server->dynamiclookuparg) { debug(DBG_WARN, "%s: connect failed, sleeping %ds", __func__, ZZZ); @@ -1627,7 +1627,6 @@ void *clientwr(void *arg) { } } server->state = RSP_SERVER_STATE_CONNECTED; - server->conreset = 0; for (;;) { pthread_mutex_lock(&server->newrq_mutex); diff --git a/radsecproxy.h b/radsecproxy.h index 8835a8f..983e7ab 100644 --- a/radsecproxy.h +++ b/radsecproxy.h @@ -234,7 +234,7 @@ struct protodefs { void (*setprotoopts)(struct commonprotoopts *); char **(*getlistenerargs)(); void *(*listener)(void*); - int (*connecter)(struct server *, int, char *); + int (*connecter)(struct server *, int, int); void *(*clientconnreader)(void*); int (*clientradput)(struct server *, unsigned char *); void (*addclient)(struct client *); diff --git a/tcp.c b/tcp.c index fda3d3d..17a1964 100644 --- a/tcp.c +++ b/tcp.c @@ -30,7 +30,7 @@ static void setprotoopts(struct commonprotoopts *opts); static char **getlistenerargs(); void *tcplistener(void *arg); -int tcpconnect(struct server *server, int timeout, char * text); +int tcpconnect(struct server *server, int timeout, int reconnect); void *tcpclientrd(void *arg); int clientradputtcp(struct server *server, unsigned char *rad); void tcpsetsrcres(); @@ -80,7 +80,7 @@ void tcpsetsrcres() { AF_UNSPEC, NULL, protodefs.socktype); } -int tcpconnect(struct server *server, int timeout, char *text) { +int tcpconnect(struct server *server, int timeout, int reconnect) { struct timeval now, start; int firsttry = 1; time_t wait; @@ -88,7 +88,7 @@ int tcpconnect(struct server *server, int timeout, char *text) { struct list_node *entry; struct hostportres *hp; - debug(DBG_DBG, "tcpconnect: called from %s", text); + debug(DBG_DBG, "tcpconnect: %s to %s", reconnect ? "reconnecting" : "initial connection", server->conf->name); pthread_mutex_lock(&server->lock); if (server->state == RSP_SERVER_STATE_CONNECTED) @@ -143,7 +143,7 @@ int tcpconnect(struct server *server, int timeout, char *text) { server->lostrqs = 0; pthread_mutex_unlock(&server->lock); pthread_mutex_lock(&server->newrq_mutex); - server->conreset = 1; + server->conreset = reconnect; pthread_cond_signal(&server->newrq_cond); pthread_mutex_unlock(&server->newrq_mutex); @@ -244,7 +244,7 @@ void *tcpclientrd(void *arg) { if (!buf) { if (server->dynamiclookuparg) break; - tcpconnect(server, 0, "tcpclientrd"); + tcpconnect(server, 0, 1); continue; } diff --git a/tls.c b/tls.c index 7a1832f..b3f0621 100644 --- a/tls.c +++ b/tls.c @@ -30,7 +30,7 @@ static void setprotoopts(struct commonprotoopts *opts); static char **getlistenerargs(); void *tlslistener(void *arg); -int tlsconnect(struct server *server, int timeout, char *text); +int tlsconnect(struct server *server, int timeout, int reconnect); void *tlsclientrd(void *arg); int clientradputtls(struct server *server, unsigned char *rad); void tlssetsrcres(); @@ -92,7 +92,7 @@ static void cleanup_connection(struct server *server) { server->ssl = NULL; } -int tlsconnect(struct server *server, int timeout, char *text) { +int tlsconnect(struct server *server, int timeout, int reconnect) { struct timeval now, start; time_t wait; int firsttry = 1; @@ -105,7 +105,7 @@ int tlsconnect(struct server *server, int timeout, char *text) { struct list_node *entry; struct hostportres *hp; - debug(DBG_DBG, "tlsconnect: called from %s", text); + debug(DBG_DBG, "tlsconnect: %s to %s", reconnect ? "reconnecting" : "initial connection", server->conf->name); pthread_mutex_lock(&server->lock); if (server->state == RSP_SERVER_STATE_CONNECTED) server->state = RSP_SERVER_STATE_RECONNECTING; @@ -211,7 +211,7 @@ int tlsconnect(struct server *server, int timeout, char *text) { server->lostrqs = 0; pthread_mutex_unlock(&server->lock); pthread_mutex_lock(&server->newrq_mutex); - server->conreset = 1; + server->conreset = reconnect; pthread_cond_signal(&server->newrq_cond); pthread_mutex_unlock(&server->newrq_mutex); if (source) freeaddrinfo(source); @@ -322,7 +322,7 @@ void *tlsclientrd(void *arg) { debug (DBG_WARN, "tlsclientrd: server %s did not respond, closing connection.", server->conf->name); if (server->dynamiclookuparg) break; - tlsconnect(server, 0, "tlsclientrd"); + tlsconnect(server, 0, 1); } if (server->dynamiclookuparg) { gettimeofday(&now, NULL);