From fa56b7e6af638e1836a608d1e023437f08bf1f4f Mon Sep 17 00:00:00 2001 From: kn Date: Wed, 14 Jul 2021 13:33:57 +0000 Subject: [PATCH] Remove unneeded calls to tls_init(3) As per the manual and lib/libtls/tls.c revision 1.79 from 2018 "Automatically handle library initialisation for libtls." initialisation is handled automatically by other tls_*(3) functions. Remove explicit tls_init() calls from base to not give the impression of it being needed. Feedback tb OK Tests mestre --- libexec/spamd/spamd.c | 4 +--- usr.bin/ftp/main.c | 4 +--- usr.sbin/acme-client/http.c | 7 +------ usr.sbin/httpd/server.c | 6 +----- usr.sbin/ldapd/ldapd.c | 3 +-- usr.sbin/ocspcheck/http.c | 7 +------ usr.sbin/relayd/config.c | 4 +--- usr.sbin/smtpd/smtpc.c | 3 +-- usr.sbin/smtpd/smtpd.c | 4 +--- usr.sbin/syslogd/syslogd.c | 37 +++++++++++++++++-------------------- 10 files changed, 26 insertions(+), 53 deletions(-) diff --git a/libexec/spamd/spamd.c b/libexec/spamd/spamd.c index 74575cb5637..963532f8bfe 100644 --- a/libexec/spamd/spamd.c +++ b/libexec/spamd/spamd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spamd.c,v 1.157 2021/07/07 07:28:56 mestre Exp $ */ +/* $OpenBSD: spamd.c,v 1.158 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2015 Henning Brauer @@ -446,8 +446,6 @@ spamd_tls_init() if (tlskeyfile == NULL || tlscertfile == NULL) errx(1, "need key and certificate for TLS"); - if (tls_init() != 0) - errx(1, "failed to initialise tls"); if ((tlscfg = tls_config_new()) == NULL) errx(1, "failed to get tls config"); if ((tlsctx = tls_server()) == NULL) diff --git a/usr.bin/ftp/main.c b/usr.bin/ftp/main.c index 6af1f318854..decebcb995c 100644 --- a/usr.bin/ftp/main.c +++ b/usr.bin/ftp/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.137 2021/02/02 21:41:12 jmc Exp $ */ +/* $OpenBSD: main.c,v 1.138 2021/07/14 13:33:57 kn Exp $ */ /* $NetBSD: main.c,v 1.24 1997/08/18 10:20:26 lukem Exp $ */ /* @@ -403,8 +403,6 @@ main(volatile int argc, char *argv[]) #ifndef NOSSL cookiefile = getenv("http_cookies"); - if (tls_init() != 0) - errx(1, "tls init failed"); if (tls_config == NULL) { tls_config = tls_config_new(); if (tls_config == NULL) diff --git a/usr.sbin/acme-client/http.c b/usr.sbin/acme-client/http.c index 17298814382..d22a4f55fca 100644 --- a/usr.sbin/acme-client/http.c +++ b/usr.sbin/acme-client/http.c @@ -1,4 +1,4 @@ -/* $Id: http.c,v 1.29 2020/01/20 22:10:27 sthen Exp $ */ +/* $Id: http.c,v 1.30 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons * @@ -124,11 +124,6 @@ http_init() if (tlscfg != NULL) return 0; - if (tls_init() == -1) { - warn("tls_init"); - goto err; - } - tlscfg = tls_config_new(); if (tlscfg == NULL) { warn("tls_config_new"); diff --git a/usr.sbin/httpd/server.c b/usr.sbin/httpd/server.c index 5ec3fac6a29..90a47d67c80 100644 --- a/usr.sbin/httpd/server.c +++ b/usr.sbin/httpd/server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: server.c,v 1.125 2021/04/10 10:10:07 claudio Exp $ */ +/* $OpenBSD: server.c,v 1.126 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2006 - 2015 Reyk Floeter @@ -245,10 +245,6 @@ server_tls_init(struct server *srv) log_debug("%s: setting up tls for %s", __func__, srv->srv_conf.name); - if (tls_init() != 0) { - log_warnx("%s: failed to initialise tls", __func__); - return (-1); - } if ((srv->srv_tls_config = tls_config_new()) == NULL) { log_warnx("%s: failed to get tls config", __func__); return (-1); diff --git a/usr.sbin/ldapd/ldapd.c b/usr.sbin/ldapd/ldapd.c index 165cb10374d..eb3ff811e34 100644 --- a/usr.sbin/ldapd/ldapd.c +++ b/usr.sbin/ldapd/ldapd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldapd.c,v 1.28 2021/07/12 15:09:21 beck Exp $ */ +/* $OpenBSD: ldapd.c,v 1.29 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2009, 2010 Martin Hedenfalk @@ -183,7 +183,6 @@ main(int argc, char *argv[]) log_setverbose(verbose); stats.started_at = time(0); - tls_init(); if (parse_config(conffile) != 0) exit(2); diff --git a/usr.sbin/ocspcheck/http.c b/usr.sbin/ocspcheck/http.c index 6666bb070c7..6a19ad31cb6 100644 --- a/usr.sbin/ocspcheck/http.c +++ b/usr.sbin/ocspcheck/http.c @@ -1,4 +1,4 @@ -/* $Id: http.c,v 1.13 2020/01/11 17:37:19 sthen Exp $ */ +/* $Id: http.c,v 1.14 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons * @@ -124,11 +124,6 @@ http_init() if (tlscfg != NULL) return 0; - if (tls_init() == -1) { - warn("tls_init"); - goto err; - } - tlscfg = tls_config_new(); if (tlscfg == NULL) { warn("tls_config_new"); diff --git a/usr.sbin/relayd/config.c b/usr.sbin/relayd/config.c index 3e60d63ef52..d982f356cb3 100644 --- a/usr.sbin/relayd/config.c +++ b/usr.sbin/relayd/config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: config.c,v 1.41 2019/09/15 19:23:29 rob Exp $ */ +/* $OpenBSD: config.c,v 1.42 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2011 - 2014 Reyk Floeter @@ -296,8 +296,6 @@ config_getcfg(struct relayd *env, struct imsg *imsg) ssl_init(env); if (what & CONFIG_CA_ENGINE) ca_engine_init(env); - if (tls_init() == -1) - fatalx("unable to initialize TLS"); } if (privsep_process != PROC_PARENT) diff --git a/usr.sbin/smtpd/smtpc.c b/usr.sbin/smtpd/smtpc.c index e5ac9530eb4..46ecf7ed33b 100644 --- a/usr.sbin/smtpd/smtpc.c +++ b/usr.sbin/smtpd/smtpc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpc.c,v 1.18 2021/06/14 17:58:16 eric Exp $ */ +/* $OpenBSD: smtpc.c,v 1.19 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2018 Eric Faurot @@ -217,7 +217,6 @@ main(int argc, char **argv) mail.rcptcount = argc; } - tls_init(); event_init(); tls_config = tls_config_new(); diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c index 27802f6b6cc..dd3a7de8ebe 100644 --- a/usr.sbin/smtpd/smtpd.c +++ b/usr.sbin/smtpd/smtpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.c,v 1.340 2021/06/14 17:58:16 eric Exp $ */ +/* $OpenBSD: smtpd.c,v 1.341 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2008 Gilles Chehade @@ -593,8 +593,6 @@ main(int argc, char *argv[]) env->sc_opts |= opts; - tls_init(); - if (parse_config(conf, conffile, opts)) exit(1); diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 98c79c80b82..a7c1e505c6c 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: syslogd.c,v 1.265 2021/03/09 15:08:23 bluhm Exp $ */ +/* $OpenBSD: syslogd.c,v 1.266 2021/07/14 13:33:57 kn Exp $ */ /* * Copyright (c) 2014-2017 Alexander Bluhm @@ -597,27 +597,24 @@ main(int argc, char *argv[]) if (fd_sendsys != -1) close(pair[1]); - if (tls_init() == -1) { - log_warn("tls_init"); - } else { - if ((client_config = tls_config_new()) == NULL) - log_warn("tls_config_new client"); - if (tls_hostport) { - if ((server_config = tls_config_new()) == NULL) - log_warn("tls_config_new server"); - if ((server_ctx = tls_server()) == NULL) { - log_warn("tls_server"); - for (i = 0; i < ntls; i++) - close(fd_tls[i]); - free(fd_tls); - fd_tls = NULL; - free(tls_host); - free(tls_port); - tls_host = tls_port = NULL; - ntls = 0; - } + if ((client_config = tls_config_new()) == NULL) + log_warn("tls_config_new client"); + if (tls_hostport) { + if ((server_config = tls_config_new()) == NULL) + log_warn("tls_config_new server"); + if ((server_ctx = tls_server()) == NULL) { + log_warn("tls_server"); + for (i = 0; i < ntls; i++) + close(fd_tls[i]); + free(fd_tls); + fd_tls = NULL; + free(tls_host); + free(tls_port); + tls_host = tls_port = NULL; + ntls = 0; } } + if (client_config) { if (NoVerify) { tls_config_insecure_noverifycert(client_config); -- 2.20.1