packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
systemd/backport-resolved-log-error-messages-for-openssl-gnutls-conte.patch
w30023233 9aab60fdba sync patches from systemd community
2024-12-24 16:16:41 +08:00

75 lines
3.3 KiB
Diff
Raw Blame History

From 17a3a8e91be80c93347458a1a6508bc19646607d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 3 Nov 2024 12:58:12 +0100
Subject: [PATCH] resolved: log error messages for openssl/gnutls context
creation
In https://bugzilla.redhat.com/show_bug.cgi?id=2322937 we're getting
an error message:
Okt 29 22:21:03 fedora systemd-resolved[29311]: Could not create manager: Cannot allocate memory
I expect that this actually comes from dnstls_manager_init(), the
openssl version. But without real logs it's hard to know for sure.
Use EIO instead of ENOMEM, because the problem is unlikely to be actually
related to memory.
(cherry picked from commit ee95e86ae163e436384f1b782a77a7e18deba890)
(cherry picked from commit abd1e408203d5d445b05f4dc0ac07e35114532d1)
(cherry picked from commit 67954b455473b29f8a41be14f5b778044b7cfafa)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/ee95e86ae163e436384f1b782a77a7e18deba890
---
src/resolve/resolved-dnstls-gnutls.c | 4 +++-
src/resolve/resolved-dnstls-openssl.c | 9 ++++++---
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/resolve/resolved-dnstls-gnutls.c b/src/resolve/resolved-dnstls-gnutls.c
index acdad6fa91..c086e2c198 100644
--- a/src/resolve/resolved-dnstls-gnutls.c
+++ b/src/resolve/resolved-dnstls-gnutls.c
@@ -236,7 +236,9 @@ int dnstls_manager_init(Manager *manager) {
r = gnutls_certificate_allocate_credentials(&manager->dnstls_data.cert_cred);
if (r < 0)
- return -ENOMEM;
+ return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+ "Failed to allocate SSL credentials: %s",
+ gnutls_strerror(r));
r = gnutls_certificate_set_x509_system_trust(manager->dnstls_data.cert_cred);
if (r < 0)
diff --git a/src/resolve/resolved-dnstls-openssl.c b/src/resolve/resolved-dnstls-openssl.c
index 4a0132ad3d..74fb79e58d 100644
--- a/src/resolve/resolved-dnstls-openssl.c
+++ b/src/resolve/resolved-dnstls-openssl.c
@@ -397,11 +397,15 @@ int dnstls_manager_init(Manager *manager) {
manager->dnstls_data.ctx = SSL_CTX_new(TLS_client_method());
if (!manager->dnstls_data.ctx)
- return -ENOMEM;
+ return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+ "Failed to create SSL context: %s",
+ ERR_error_string(ERR_get_error(), NULL));
r = SSL_CTX_set_min_proto_version(manager->dnstls_data.ctx, TLS1_2_VERSION);
if (r == 0)
- return -EIO;
+ return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+ "Failed to set protocol version on SSL context: %s",
+ ERR_error_string(ERR_get_error(), NULL));
(void) SSL_CTX_set_options(manager->dnstls_data.ctx, SSL_OP_NO_COMPRESSION);
@@ -410,7 +414,6 @@ int dnstls_manager_init(Manager *manager) {
return log_warning_errno(SYNTHETIC_ERRNO(EIO),
"Failed to load system trust store: %s",
ERR_error_string(ERR_get_error(), NULL));
-
return 0;
}
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink