From bc2eeb09929974f993c8e4f2ba106685b8e17b4e Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 19 Mar 2016 00:57:32 -0500 Subject: [PATCH] Do not shadow OpenSSL-internal symbol "ssl_ok". This is a backport of commit bfc44622 --- include/ircd.h | 4 ++-- modules/m_connect.c | 4 ++-- modules/m_starttls.c | 2 +- src/ircd.c | 8 ++++---- src/listener.c | 2 +- src/s_conf.c | 4 ++-- src/s_serv.c | 2 +- src/sslproc.c | 14 +++++++------- ssld/ssld.c | 8 ++++---- 9 files changed, 24 insertions(+), 24 deletions(-) diff --git a/include/ircd.h b/include/ircd.h index 2ad4963b..1ce53667 100644 --- a/include/ircd.h +++ b/include/ircd.h @@ -102,8 +102,8 @@ extern int testing_conf; extern struct ev_entry *check_splitmode_ev; -extern int ssl_ok; -extern int zlib_ok; +extern int ircd_ssl_ok; +extern int ircd_zlib_ok; extern int maxconnections; void ircd_shutdown(const char *reason); diff --git a/modules/m_connect.c b/modules/m_connect.c index 59919052..531e8ee4 100644 --- a/modules/m_connect.c +++ b/modules/m_connect.c @@ -97,7 +97,7 @@ mo_connect(struct Client *client_p, struct Client *source_p, int parc, const cha return 0; } - if(ServerConfSSL(server_p) && (!ssl_ok || !get_ssld_count())) + if(ServerConfSSL(server_p) && (!ircd_ssl_ok || !get_ssld_count())) { sendto_one_notice(source_p, ":Connect: Server %s is set to use SSL/TLS but SSL/TLS is not configured.", @@ -192,7 +192,7 @@ ms_connect(struct Client *client_p, struct Client *source_p, int parc, const cha return 0; } - if(ServerConfSSL(server_p) && (!ssl_ok || !get_ssld_count())) + if(ServerConfSSL(server_p) && (!ircd_ssl_ok || !get_ssld_count())) { sendto_one_notice(source_p, ":Connect: Server %s is set to use SSL/TLS but SSL/TLS is not configured.", diff --git a/modules/m_starttls.c b/modules/m_starttls.c index b8a75d12..cc425a68 100644 --- a/modules/m_starttls.c +++ b/modules/m_starttls.c @@ -58,7 +58,7 @@ mr_starttls(struct Client *client_p, struct Client *source_p, int parc, const ch return 1; } - if (!ssl_ok || !get_ssld_count()) + if (!ircd_ssl_ok || !get_ssld_count()) { sendto_one_numeric(client_p, ERR_STARTTLS, form_str(ERR_STARTTLS), "TLS is not configured"); return 1; diff --git a/src/ircd.c b/src/ircd.c index 9a82ae42..5b0648f4 100644 --- a/src/ircd.c +++ b/src/ircd.c @@ -106,8 +106,8 @@ int doremotd = 0; int kline_queued = 0; int server_state_foreground = 0; int opers_see_all_users = 0; -int ssl_ok = 0; -int zlib_ok = 1; +int ircd_ssl_ok = 0; +int ircd_zlib_ok = 1; int testing_conf = 0; time_t startup_time; @@ -712,10 +712,10 @@ main(int argc, char *argv[]) if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list)) { ilog(L_MAIN, "WARNING: Unable to setup SSL."); - ssl_ok = 0; + ircd_ssl_ok = 0; } else - ssl_ok = 1; + ircd_ssl_ok = 1; } if (testing_conf) diff --git a/src/listener.c b/src/listener.c index caea7d39..616b45ef 100644 --- a/src/listener.c +++ b/src/listener.c @@ -525,7 +525,7 @@ accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, voi static time_t last_oper_notice = 0; int len; - if(listener->ssl && (!ssl_ok || !get_ssld_count())) + if(listener->ssl && (!ircd_ssl_ok || !get_ssld_count())) { rb_close(F); return 0; diff --git a/src/s_conf.c b/src/s_conf.c index 3b432c50..305a673b 100644 --- a/src/s_conf.c +++ b/src/s_conf.c @@ -874,9 +874,9 @@ validate_conf(void) if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list)) { ilog(L_MAIN, "WARNING: Unable to setup SSL."); - ssl_ok = 0; + ircd_ssl_ok = 0; } else { - ssl_ok = 1; + ircd_ssl_ok = 1; send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list); } diff --git a/src/s_serv.c b/src/s_serv.c index d47928e6..65058d1d 100644 --- a/src/s_serv.c +++ b/src/s_serv.c @@ -255,7 +255,7 @@ try_connections(void *unused) continue; /* don't allow ssl connections if ssl isn't setup */ - if(ServerConfSSL(tmp_p) && (!ssl_ok || !get_ssld_count())) + if(ServerConfSSL(tmp_p) && (!ircd_ssl_ok || !get_ssld_count())) continue; cltmp = tmp_p->class; diff --git a/src/sslproc.c b/src/sslproc.c index cfd842e5..de94646e 100644 --- a/src/sslproc.c +++ b/src/sslproc.c @@ -303,7 +303,7 @@ start_ssldaemon(int count, const char *ssl_cert, const char *ssl_private_key, co rb_close(F2); rb_close(P1); ctl = allocate_ssl_daemon(F1, P2, pid); - if(ssl_ok) + if(ircd_ssl_ok) { send_init_prng(ctl, RB_PRNG_DEFAULT, NULL); send_certfp_method(ctl, ConfigFileEntry.certfp_method); @@ -446,7 +446,7 @@ ssl_process_cmd_recv(ssl_ctl_t * ctl) switch (*ctl_buf->buf) { case 'N': - ssl_ok = 0; /* ssld says it can't do ssl/tls */ + ircd_ssl_ok = 0; /* ssld says it can't do ssl/tls */ break; case 'D': ssl_process_dead_fd(ctl, ctl_buf); @@ -461,19 +461,19 @@ ssl_process_cmd_recv(ssl_ctl_t * ctl) ssl_process_zipstats(ctl, ctl_buf); break; case 'I': - ssl_ok = 0; + ircd_ssl_ok = 0; ilog(L_MAIN, "%s", cannot_setup_ssl); sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s", cannot_setup_ssl); break; case 'U': - zlib_ok = 0; - ssl_ok = 0; + ircd_zlib_ok = 0; + ircd_ssl_ok = 0; ilog(L_MAIN, "%s", no_ssl_or_zlib); sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s", no_ssl_or_zlib); ssl_killall(); break; case 'z': - zlib_ok = 0; + ircd_zlib_ok = 0; break; default: ilog(L_MAIN, "Received invalid command from ssld: %s", ctl_buf->buf); @@ -679,7 +679,7 @@ send_new_ssl_certs(const char *ssl_cert, const char *ssl_private_key, const char rb_dlink_node *ptr; if(ssl_cert == NULL) { - ssl_ok = 0; + ircd_ssl_ok = 0; return; } RB_DLINK_FOREACH(ptr, ssl_daemons.head) diff --git a/ssld/ssld.c b/ssld/ssld.c index d8f780ac..a680b790 100644 --- a/ssld/ssld.c +++ b/ssld/ssld.c @@ -156,9 +156,9 @@ static const char *remote_closed = "Remote host closed the connection"; static int ssld_ssl_ok; static int certfp_method = RB_SSL_CERTFP_METH_SHA1; #ifdef HAVE_LIBZ -static int zlib_ok = 1; +static int ssld_zlib_ok = 1; #else -static int zlib_ok = 0; +static int ssld_zlib_ok = 0; #endif @@ -1242,7 +1242,7 @@ main(int argc, char **argv) rb_event_add("check_handshake_flood", check_handshake_flood, NULL, 10); read_pipe_ctl(mod_ctl->F_pipe, NULL); mod_read_ctl(mod_ctl->F, mod_ctl); - if(!zlib_ok && !ssld_ssl_ok) + if(!ssld_zlib_ok && !ssld_ssl_ok) { /* this is really useless... */ send_i_am_useless(mod_ctl); @@ -1251,7 +1251,7 @@ main(int argc, char **argv) exit(1); } - if(!zlib_ok) + if(!ssld_zlib_ok) send_nozlib_support(mod_ctl, NULL); if(!ssld_ssl_ok) send_nossl_support(mod_ctl, NULL);