Re: Unchecked tls_config_new() in relayd

[Theo Buehler]

> diff --git a/src/usr.sbin/relayd/hce.c b/src/usr.sbin/relayd/hce.c
> index 5233e2c..4a1bf1c 100644
> --- a/src/usr.sbin/relayd/hce.c
> +++ b/src/usr.sbin/relayd/hce.c
> @@ -94,6 +94,9 @@ hce_setup_events(void)
>     table->tls_cfg != NULL)
>     continue;
>     table->tls_cfg = tls_config_new();
> +   if (table->tls_cfg == NULL) {
> +   fatalx("%s: tls_config_new", __func__);
> +   }

I have applied a version of this diff. Thanks!

Re: Unchecked tls_config_new() in relayd

[Theo de Raadt]

Theo Buehler  wrote:

> > I'm not sure if there is much value in percolating the error upwards through
> > tls_init() into a careful termination provides a huge amount of value 
> > because
> > the error cannot be resolved without proper build & library support.
> 
> Maybe not, but tls_config_new() can fail for many reasons, so its return
> value should be checked.

Sure but it is a lot of percolation upwards to the same result that relayd
doesn't work because it was built wrong.

Re: Unchecked tls_config_new() in relayd

[Theo Buehler]

> I'm not sure if there is much value in percolating the error upwards through
> tls_init() into a careful termination provides a huge amount of value because
> the error cannot be resolved without proper build & library support.

Maybe not, but tls_config_new() can fail for many reasons, so its return
value should be checked.

Re: Unchecked tls_config_new() in relayd

[Theo de Raadt]

https://pubs.opengroup.org/onlinepubs/009695299/functions/pthread_once.html

POSIX does not specify that pthread_once() can return ENOSYS.  That is a
weird decision to make in libc.

I'm not sure if there is much value in percolating the error upwards through
tls_init() into a careful termination provides a huge amount of value because
the error cannot be resolved without proper build & library support.