Compare commits

..

No commits in common. "161bc525bbd7e3707cc71f0258f663bed9a354dd" and "972e81629d405b2a9fe0781c483feb3775546609" have entirely different histories.

2 changed files with 15 additions and 26 deletions

View File

@ -5,21 +5,19 @@ KERNEL!="event*", GOTO="evdev_end"
# skip later rules when we find something for this input device # skip later rules when we find something for this input device
IMPORT{builtin}="hwdb --subsystem=input --lookup-prefix=evdev:", \ IMPORT{builtin}="hwdb --subsystem=input --lookup-prefix=evdev:", \
IMPORT{builtin}="keyboard", GOTO="evdev_end" RUN{builtin}+="keyboard", GOTO="evdev_end"
# AT keyboard matching by the machine's DMI data # AT keyboard matching by the machine's DMI data
DRIVERS=="atkbd", \ DRIVERS=="atkbd", \
IMPORT{builtin}="hwdb 'evdev:atkbd:$attr{[dmi/id]modalias}'", \ IMPORT{builtin}="hwdb 'evdev:atkbd:$attr{[dmi/id]modalias}'", \
IMPORT{builtin}="keyboard", GOTO="evdev_end" RUN{builtin}+="keyboard", GOTO="evdev_end"
# device matching the input device name + properties + the machine's DMI data # device matching the input device name + properties + the machine's DMI data
KERNELS=="input*", \ KERNELS=="input*", IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:phys:$attr{phys}:ev:$attr{capabilities/ev}:$attr{[dmi/id]modalias}'", \
IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:phys:$attr{phys}:ev:$attr{capabilities/ev}:$attr{[dmi/id]modalias}'", \ RUN{builtin}+="keyboard", GOTO="evdev_end"
IMPORT{builtin}="keyboard", GOTO="evdev_end"
# device matching the input device name and the machine's DMI data # device matching the input device name and the machine's DMI data
KERNELS=="input*", \ KERNELS=="input*", IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:$attr{[dmi/id]modalias}'", \
IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:$attr{[dmi/id]modalias}'", \ RUN{builtin}+="keyboard", GOTO="evdev_end"
IMPORT{builtin}="keyboard", GOTO="evdev_end"
LABEL="evdev_end" LABEL="evdev_end"

View File

@ -73,9 +73,7 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) {
return -ENOMEM; return -ENOMEM;
SSL_set_connect_state(s); SSL_set_connect_state(s);
r = SSL_set_session(s, server->dnstls_data.session); SSL_set_session(s, server->dnstls_data.session);
if (r == 0)
return -EIO;
SSL_set_bio(s, TAKE_PTR(rb), TAKE_PTR(wb)); SSL_set_bio(s, TAKE_PTR(rb), TAKE_PTR(wb));
if (server->manager->dns_over_tls_mode == DNS_OVER_TLS_YES) { if (server->manager->dns_over_tls_mode == DNS_OVER_TLS_YES) {
@ -85,7 +83,7 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) {
SSL_set_verify(s, SSL_VERIFY_PEER, NULL); SSL_set_verify(s, SSL_VERIFY_PEER, NULL);
v = SSL_get0_param(s); v = SSL_get0_param(s);
ip = server->family == AF_INET ? (const unsigned char*) &server->address.in.s_addr : server->address.in6.s6_addr; ip = server->family == AF_INET ? (const unsigned char*) &server->address.in.s_addr : server->address.in6.s6_addr;
if (X509_VERIFY_PARAM_set1_ip(v, ip, FAMILY_ADDRESS_SIZE(server->family)) == 0) if (!X509_VERIFY_PARAM_set1_ip(v, ip, FAMILY_ADDRESS_SIZE(server->family)))
return -ECONNREFUSED; return -ECONNREFUSED;
} }
@ -108,8 +106,8 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) {
char errbuf[256]; char errbuf[256];
ERR_error_string_n(error, errbuf, sizeof(errbuf)); ERR_error_string_n(error, errbuf, sizeof(errbuf));
return log_debug_errno(SYNTHETIC_ERRNO(ECONNREFUSED), log_debug("Failed to invoke SSL_do_handshake: %s", errbuf);
"Failed to invoke SSL_do_handshake: %s", errbuf); return -ECONNREFUSED;
} }
} }
@ -370,27 +368,20 @@ void dnstls_server_free(DnsServer *server) {
int dnstls_manager_init(Manager *manager) { int dnstls_manager_init(Manager *manager) {
int r; int r;
assert(manager); assert(manager);
ERR_load_crypto_strings(); ERR_load_crypto_strings();
SSL_load_error_strings(); SSL_load_error_strings();
manager->dnstls_data.ctx = SSL_CTX_new(TLS_client_method()); manager->dnstls_data.ctx = SSL_CTX_new(TLS_client_method());
if (!manager->dnstls_data.ctx) if (!manager->dnstls_data.ctx)
return -ENOMEM; return -ENOMEM;
r = SSL_CTX_set_min_proto_version(manager->dnstls_data.ctx, TLS1_2_VERSION); SSL_CTX_set_min_proto_version(manager->dnstls_data.ctx, TLS1_2_VERSION);
if (r == 0) SSL_CTX_set_options(manager->dnstls_data.ctx, SSL_OP_NO_COMPRESSION);
return -EIO;
(void) SSL_CTX_set_options(manager->dnstls_data.ctx, SSL_OP_NO_COMPRESSION);
r = SSL_CTX_set_default_verify_paths(manager->dnstls_data.ctx); r = SSL_CTX_set_default_verify_paths(manager->dnstls_data.ctx);
if (r == 0) if (r < 0)
return log_warning_errno(SYNTHETIC_ERRNO(EIO), log_warning("Failed to load system trust store: %s", ERR_error_string(ERR_get_error(), NULL));
"Failed to load system trust store: %s",
ERR_error_string(ERR_get_error(), NULL));
return 0; return 0;
} }