[src/trunk]: src/external/bsd/blacklist blacklist: Allow blacklist_sa to work...

[roy <roy%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/b65ecadb3861
branches:  trunk
changeset: 849694:b65ecadb3861
user:      roy <roy%NetBSD.org@localhost>
date:      Wed Mar 11 02:12:08 2020 +0000

description:
blacklist: Allow blacklist_sa to work with an invalid fd

fd -1 is invalid, so don't query it for protocol, port or address.

fd is supposed to represent how the client is connected, but if we are
parsing route(4) messages or log files then there is no client connection
to interogate.

diffstat:

 external/bsd/blacklist/bin/blacklistd.c |  16 +++++++++-------
 external/bsd/blacklist/bin/conf.c       |  13 +++++++++++--
 external/bsd/blacklist/lib/bl.c         |  32 +++++++++++++++++---------------
 3 files changed, 37 insertions(+), 24 deletions(-)

diffs (151 lines):

diff -r 3bad9c2cb4b3 -r b65ecadb3861 external/bsd/blacklist/bin/blacklistd.c
--- a/external/bsd/blacklist/bin/blacklistd.c   Tue Mar 10 22:38:41 2020 +0000
+++ b/external/bsd/blacklist/bin/blacklistd.c   Wed Mar 11 02:12:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: blacklistd.c,v 1.40 2020/03/10 13:36:07 roy Exp $      */
+/*     $NetBSD: blacklistd.c,v 1.41 2020/03/11 02:12:08 roy Exp $      */
 
 /*-
  * Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -32,7 +32,7 @@
 #include "config.h"
 #endif
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: blacklistd.c,v 1.40 2020/03/10 13:36:07 roy Exp $");
+__RCSID("$NetBSD: blacklistd.c,v 1.41 2020/03/11 02:12:08 roy Exp $");
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -119,12 +119,14 @@
        *rsl = sizeof(*rss);
        memset(rss, 0, *rsl);
 
-       if (getpeername(bi->bi_fd, (void *)rss, rsl) != -1)
-               return 0;
+       if (bi->bi_fd != -1) {
+               if (getpeername(bi->bi_fd, (void *)rss, rsl) != -1)
+                       return 0;
 
-       if (errno != ENOTCONN) {
-               (*lfun)(LOG_ERR, "getpeername failed (%m)");
-               return -1;
+               if (errno != ENOTCONN) {
+                       (*lfun)(LOG_ERR, "getpeername failed (%m)");
+                       return -1;
+               }
        }
 
        if (bi->bi_slen == 0) {
diff -r 3bad9c2cb4b3 -r b65ecadb3861 external/bsd/blacklist/bin/conf.c
--- a/external/bsd/blacklist/bin/conf.c Tue Mar 10 22:38:41 2020 +0000
+++ b/external/bsd/blacklist/bin/conf.c Wed Mar 11 02:12:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: conf.c,v 1.26 2020/03/10 13:36:07 roy Exp $    */
+/*     $NetBSD: conf.c,v 1.27 2020/03/11 02:12:08 roy Exp $    */
 
 /*-
  * Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #endif
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: conf.c,v 1.26 2020/03/10 13:36:07 roy Exp $");
+__RCSID("$NetBSD: conf.c,v 1.27 2020/03/11 02:12:08 roy Exp $");
 
 #include <stdio.h>
 #ifdef HAVE_LIBUTIL_H
@@ -1009,6 +1009,14 @@
        char buf[BUFSIZ];
 
        memset(cr, 0, sizeof(*cr));
+
+       if (fd == -1) {
+               cr->c_proto = FSTAR;
+               cr->c_port = FSTAR;
+               memcpy(&lss, rss, sizeof(lss));
+               goto done_fd;
+       }
+
        slen = sizeof(lss);
        memset(&lss, 0, slen);
        if (getsockname(fd, (void *)&lss, &slen) == -1) {
@@ -1051,6 +1059,7 @@
                return NULL;
        }
 
+done_fd:
        cr->c_ss = lss;
        cr->c_lmask = FSTAR;
        cr->c_uid = (int)uid;
diff -r 3bad9c2cb4b3 -r b65ecadb3861 external/bsd/blacklist/lib/bl.c
--- a/external/bsd/blacklist/lib/bl.c   Tue Mar 10 22:38:41 2020 +0000
+++ b/external/bsd/blacklist/lib/bl.c   Wed Mar 11 02:12:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bl.c,v 1.29 2020/03/10 13:36:08 roy Exp $      */
+/*     $NetBSD: bl.c,v 1.30 2020/03/11 02:12:08 roy Exp $      */
 
 /*-
  * Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #endif
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: bl.c,v 1.29 2020/03/10 13:36:08 roy Exp $");
+__RCSID("$NetBSD: bl.c,v 1.30 2020/03/11 02:12:08 roy Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -384,7 +384,6 @@
        if (bl_getsock(b, &ub.bl.bl_ss, sa, slen, ctx) == -1)
                return -1;
 
-
        ub.bl.bl_salen = slen;
        memcpy(ub.bl.bl_data, ctx, ctxlen);
 
@@ -394,15 +393,17 @@
        msg.msg_iovlen = 1;
        msg.msg_flags = 0;
 
-       msg.msg_control = ua.ctrl;
-       msg.msg_controllen = sizeof(ua.ctrl);
+       if (pfd != -1) {
+               msg.msg_control = ua.ctrl;
+               msg.msg_controllen = sizeof(ua.ctrl);
 
-       cmsg = CMSG_FIRSTHDR(&msg);
-       cmsg->cmsg_len = CMSG_LEN(sizeof(int));
-       cmsg->cmsg_level = SOL_SOCKET;
-       cmsg->cmsg_type = SCM_RIGHTS;
+               cmsg = CMSG_FIRSTHDR(&msg);
+               cmsg->cmsg_len = CMSG_LEN(sizeof(int));
+               cmsg->cmsg_level = SOL_SOCKET;
+               cmsg->cmsg_type = SCM_RIGHTS;
 
-       memcpy(CMSG_DATA(cmsg), &pfd, sizeof(pfd));
+               memcpy(CMSG_DATA(cmsg), &pfd, sizeof(pfd));
+       }
 
        tried = 0;
 again:
@@ -494,14 +495,15 @@
 
        }
 
-       if (got != (GOT_CRED|GOT_FD)) {
-               bl_log(b->b_fun, LOG_ERR, "message missing %s %s",
+       if (!(got & GOT_FD))
+               bi->bi_fd = -1;
+
 #if GOT_CRED != 0
-                   (got & GOT_CRED) == 0 ? "cred" :
-#endif
-                   "", (got & GOT_FD) == 0 ? "fd" : "");
+       if (!(got & GOT_CRED)) {
+               bl_log(b->b_fun, LOG_ERR, "message missing cred");
                return NULL;
        }
+#endif
 
        if ((size_t)rlen <= sizeof(ub.bl)) {
                bl_log(b->b_fun, LOG_ERR, "message too short %zd", rlen);