Compare commits

..

2 Commits

Author SHA1 Message Date
Peter Hutterer 161bc525bb rules.d: import the keyboard builtin instead of running it
RUN seems to be used primarily for historical reasons over the more
immediate IMPORT command. As a side-effect, RUN also runs *after* all the
rules have been processed which is not really what we want here - we expect
the device to be updated immediately. Other rules that rely on accurate evdev
axes should be able to assume the axes are already present. So let's use
IMPORT here.

For consistency, the second two rules are split across multiple lines as well.
2020-03-01 14:04:30 +01:00
Yu Watanabe df70539f9f resolve: error handling improvements 2020-03-01 14:02:23 +01:00
2 changed files with 26 additions and 15 deletions

View File

@ -5,19 +5,21 @@ KERNEL!="event*", GOTO="evdev_end"
# skip later rules when we find something for this input device # skip later rules when we find something for this input device
IMPORT{builtin}="hwdb --subsystem=input --lookup-prefix=evdev:", \ IMPORT{builtin}="hwdb --subsystem=input --lookup-prefix=evdev:", \
RUN{builtin}+="keyboard", GOTO="evdev_end" IMPORT{builtin}="keyboard", GOTO="evdev_end"
# AT keyboard matching by the machine's DMI data # AT keyboard matching by the machine's DMI data
DRIVERS=="atkbd", \ DRIVERS=="atkbd", \
IMPORT{builtin}="hwdb 'evdev:atkbd:$attr{[dmi/id]modalias}'", \ IMPORT{builtin}="hwdb 'evdev:atkbd:$attr{[dmi/id]modalias}'", \
RUN{builtin}+="keyboard", GOTO="evdev_end" IMPORT{builtin}="keyboard", GOTO="evdev_end"
# device matching the input device name + properties + the machine's DMI data # device matching the input device name + properties + the machine's DMI data
KERNELS=="input*", IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:phys:$attr{phys}:ev:$attr{capabilities/ev}:$attr{[dmi/id]modalias}'", \ KERNELS=="input*", \
RUN{builtin}+="keyboard", GOTO="evdev_end" IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:phys:$attr{phys}:ev:$attr{capabilities/ev}:$attr{[dmi/id]modalias}'", \
IMPORT{builtin}="keyboard", GOTO="evdev_end"
# device matching the input device name and the machine's DMI data # device matching the input device name and the machine's DMI data
KERNELS=="input*", IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:$attr{[dmi/id]modalias}'", \ KERNELS=="input*", \
RUN{builtin}+="keyboard", GOTO="evdev_end" IMPORT{builtin}="hwdb 'evdev:name:$attr{name}:$attr{[dmi/id]modalias}'", \
IMPORT{builtin}="keyboard", GOTO="evdev_end"
LABEL="evdev_end" LABEL="evdev_end"

View File

@ -73,7 +73,9 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) {
return -ENOMEM; return -ENOMEM;
SSL_set_connect_state(s); SSL_set_connect_state(s);
SSL_set_session(s, server->dnstls_data.session); r = SSL_set_session(s, server->dnstls_data.session);
if (r == 0)
return -EIO;
SSL_set_bio(s, TAKE_PTR(rb), TAKE_PTR(wb)); SSL_set_bio(s, TAKE_PTR(rb), TAKE_PTR(wb));
if (server->manager->dns_over_tls_mode == DNS_OVER_TLS_YES) { if (server->manager->dns_over_tls_mode == DNS_OVER_TLS_YES) {
@ -83,7 +85,7 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) {
SSL_set_verify(s, SSL_VERIFY_PEER, NULL); SSL_set_verify(s, SSL_VERIFY_PEER, NULL);
v = SSL_get0_param(s); v = SSL_get0_param(s);
ip = server->family == AF_INET ? (const unsigned char*) &server->address.in.s_addr : server->address.in6.s6_addr; ip = server->family == AF_INET ? (const unsigned char*) &server->address.in.s_addr : server->address.in6.s6_addr;
if (!X509_VERIFY_PARAM_set1_ip(v, ip, FAMILY_ADDRESS_SIZE(server->family))) if (X509_VERIFY_PARAM_set1_ip(v, ip, FAMILY_ADDRESS_SIZE(server->family)) == 0)
return -ECONNREFUSED; return -ECONNREFUSED;
} }
@ -106,8 +108,8 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) {
char errbuf[256]; char errbuf[256];
ERR_error_string_n(error, errbuf, sizeof(errbuf)); ERR_error_string_n(error, errbuf, sizeof(errbuf));
log_debug("Failed to invoke SSL_do_handshake: %s", errbuf); return log_debug_errno(SYNTHETIC_ERRNO(ECONNREFUSED),
return -ECONNREFUSED; "Failed to invoke SSL_do_handshake: %s", errbuf);
} }
} }
@ -368,20 +370,27 @@ void dnstls_server_free(DnsServer *server) {
int dnstls_manager_init(Manager *manager) { int dnstls_manager_init(Manager *manager) {
int r; int r;
assert(manager); assert(manager);
ERR_load_crypto_strings(); ERR_load_crypto_strings();
SSL_load_error_strings(); SSL_load_error_strings();
manager->dnstls_data.ctx = SSL_CTX_new(TLS_client_method());
manager->dnstls_data.ctx = SSL_CTX_new(TLS_client_method());
if (!manager->dnstls_data.ctx) if (!manager->dnstls_data.ctx)
return -ENOMEM; return -ENOMEM;
SSL_CTX_set_min_proto_version(manager->dnstls_data.ctx, TLS1_2_VERSION); r = SSL_CTX_set_min_proto_version(manager->dnstls_data.ctx, TLS1_2_VERSION);
SSL_CTX_set_options(manager->dnstls_data.ctx, SSL_OP_NO_COMPRESSION); if (r == 0)
return -EIO;
(void) SSL_CTX_set_options(manager->dnstls_data.ctx, SSL_OP_NO_COMPRESSION);
r = SSL_CTX_set_default_verify_paths(manager->dnstls_data.ctx); r = SSL_CTX_set_default_verify_paths(manager->dnstls_data.ctx);
if (r < 0) if (r == 0)
log_warning("Failed to load system trust store: %s", ERR_error_string(ERR_get_error(), NULL)); return log_warning_errno(SYNTHETIC_ERRNO(EIO),
"Failed to load system trust store: %s",
ERR_error_string(ERR_get_error(), NULL));
return 0; return 0;
} }