Fix obvious problems with relayd config reload.

- fix a TAILQ corruption because of a use after free
- do not reinit the SSL engine since that fails
OK sthen, benno

diff --git a/usr.sbin/relayd/ca.c b/usr.sbin/relayd/ca.c
index 0b79b62..81f9971 100644 (file)
--- a/usr.sbin/relayd/ca.c
+++ b/usr.sbin/relayd/ca.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ca.c,v 1.12 2015/01/22 17:42:09 reyk Exp $    */
+/*     $OpenBSD: ca.c,v 1.13 2015/05/02 13:15:24 claudio Exp $ */
 
 /*
  * Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org>
@@ -417,12 +417,15 @@ rsae_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
 void
 ca_engine_init(struct relayd *x_env)
 {
-       ENGINE          *e;
+       ENGINE          *e = NULL;
        const char      *errstr, *name;
 
        if (env == NULL)
                env = x_env;
 
+       if (rsa_default != NULL)
+               return;
+
        if ((e = ENGINE_get_default_RSA()) == NULL) {
                if ((e = ENGINE_new()) == NULL) {
                        errstr = "ENGINE_new";

diff --git a/usr.sbin/relayd/config.c b/usr.sbin/relayd/config.c
index 9cfbdca..2992df0 100644 (file)
--- a/usr.sbin/relayd/config.c
+++ b/usr.sbin/relayd/config.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: config.c,v 1.24 2015/01/22 17:42:09 reyk Exp $        */
+/*     $OpenBSD: config.c,v 1.25 2015/05/02 13:15:24 claudio Exp $     */
 
 /*
  * Copyright (c) 2011 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -142,7 +142,7 @@ config_purge(struct relayd *env, u_int reset)
 
        if (what & CONFIG_TABLES && env->sc_tables != NULL) {
                while ((table = TAILQ_FIRST(env->sc_tables)) != NULL)
-                       purge_table(env->sc_tables, table);
+                       purge_table(env, env->sc_tables, table);
                env->sc_tablecount = 0;
        }
        if (what & CONFIG_RDRS && env->sc_rdrs != NULL) {

diff --git a/usr.sbin/relayd/parse.y b/usr.sbin/relayd/parse.y
index 2b58e87..ae83e49 100644 (file)
--- a/usr.sbin/relayd/parse.y
+++ b/usr.sbin/relayd/parse.y
@@ -1,4 +1,4 @@
-/*     $OpenBSD: parse.y,v 1.203 2015/02/08 04:50:32 reyk Exp $        */
+/*     $OpenBSD: parse.y,v 1.204 2015/05/02 13:15:24 claudio Exp $     */
 
 /*
  * Copyright (c) 2007 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -531,12 +531,12 @@ rdroptsl  : forwardmode TO tablespec interface    {
 
                        if ($3->conf.check == CHECK_NOCHECK) {
                                yyerror("table %s has no check", $3->conf.name);
-                               purge_table(conf->sc_tables, $3);
+                               purge_table(conf, conf->sc_tables, $3);
                                YYERROR;
                        }
                        if (rdr->backup) {
                                yyerror("only one backup table is allowed");
-                               purge_table(conf->sc_tables, $3);
+                               purge_table(conf, conf->sc_tables, $3);
                                YYERROR;
                        }
                        if (rdr->table) {
@@ -1930,7 +1930,7 @@ routeoptsl        : ROUTE address '/' NUMBER {
                        if (router->rt_gwtable) {
                                yyerror("router %s table already specified",
                                    router->rt_conf.name);
-                               purge_table(conf->sc_tables, $3);
+                               purge_table(conf, conf->sc_tables, $3);
                                YYERROR;
                        }
                        router->rt_gwtable = $3;
@@ -3091,7 +3091,7 @@ table_inherit(struct table *tb)
                goto fail;
        }
        if ((oldtb = table_findbyconf(conf, tb)) != NULL) {
-               purge_table(NULL, tb);
+               purge_table(conf, NULL, tb);
                return (oldtb);
        }
 
@@ -3134,7 +3134,7 @@ table_inherit(struct table *tb)
        return (tb);
 
  fail:
-       purge_table(NULL, tb);
+       purge_table(conf, NULL, tb);
        return (NULL);
 }
 

diff --git a/usr.sbin/relayd/relayd.c b/usr.sbin/relayd/relayd.c
index de92195..729af4b 100644 (file)
--- a/usr.sbin/relayd/relayd.c
+++ b/usr.sbin/relayd/relayd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: relayd.c,v 1.138 2015/01/22 17:42:09 reyk Exp $       */
+/*     $OpenBSD: relayd.c,v 1.139 2015/05/02 13:15:24 claudio Exp $    */
 
 /*
  * Copyright (c) 2007 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -546,12 +546,13 @@ parent_dispatch_ca(int fd, struct privsep_proc *p, struct imsg *imsg)
 }
 
 void
-purge_table(struct tablelist *head, struct table *table)
+purge_table(struct relayd *env, struct tablelist *head, struct table *table)
 {
        struct host             *host;
 
        while ((host = TAILQ_FIRST(&table->hosts)) != NULL) {
                TAILQ_REMOVE(&table->hosts, host, entry);
+               TAILQ_REMOVE(&env->sc_hosts, host, globalentry);
                if (event_initialized(&host->cte.ev)) {
                        event_del(&host->cte.ev);
                        close(host->cte.s);

diff --git a/usr.sbin/relayd/relayd.h b/usr.sbin/relayd/relayd.h
index 66bc59a..f9f2a0f 100644 (file)
--- a/usr.sbin/relayd/relayd.h
+++ b/usr.sbin/relayd/relayd.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: relayd.h,v 1.208 2015/03/09 17:20:38 reyk Exp $       */
+/*     $OpenBSD: relayd.h,v 1.209 2015/05/02 13:15:24 claudio Exp $    */
 
 /*
  * Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org>
@@ -1253,7 +1253,8 @@ struct ca_pkey    *pkey_add(struct relayd *, EVP_PKEY *, objid_t);
 int             expand_string(char *, size_t, const char *, const char *);
 void            translate_string(char *);
 void            purge_key(char **, off_t);
-void            purge_table(struct tablelist *, struct table *);
+void            purge_table(struct relayd *, struct tablelist *,
+                   struct table *);
 void            purge_relay(struct relayd *, struct relay *);
 char           *digeststr(enum digest_type, const u_int8_t *, size_t, char *);
 const char     *canonicalize_host(const char *, char *, size_t);