git: 9c844b6110b3 - main - blocklist: blacklist: Chase recent upstream changes

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Jose Luis Duran <jlduran_at_FreeBSD.org>
Date: Tue, 16 Dec 2025 08:14:36 UTC
The branch main has been updated by jlduran:

URL: https://cgit.FreeBSD.org/src/commit/?id=9c844b6110b3768a4fc3ce47cd9d1b30915213ec

commit 9c844b6110b3768a4fc3ce47cd9d1b30915213ec
Author:     Jose Luis Duran <jlduran@FreeBSD.org>
AuthorDate: 2025-12-16 07:57:07 +0000
Commit:     Jose Luis Duran <jlduran@FreeBSD.org>
CommitDate: 2025-12-16 08:13:39 +0000

    blocklist: blacklist: Chase recent upstream changes
    
    Upstream fixed a couple of bugs:
    
    1. Only attempt to restore the blocking rules if the database file
       exists.  Otherwise, when the service starts for the first time, it
       fails (PR 258411).
    
    2. Revert a commit that removed a call to close(bi->bi_fd), preventing
       the descriptor from being deleted.
    
    PR:             258411
    PR:             291680
    MFC after:      1 week
---
 contrib/blocklist/bin/blacklistd.c | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/contrib/blocklist/bin/blacklistd.c b/contrib/blocklist/bin/blacklistd.c
index cb6ce6578d9c..7dec62cfa58b 100644
--- a/contrib/blocklist/bin/blacklistd.c
+++ b/contrib/blocklist/bin/blacklistd.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: blocklistd.c,v 1.12 2025/10/25 18:43:51 christos Exp $	*/
+/*	$NetBSD: blocklistd.c,v 1.14 2025/12/15 15:51:37 christos Exp $	*/
 
 /*-
  * Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
 #ifdef HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: blocklistd.c,v 1.12 2025/10/25 18:43:51 christos Exp $");
+__RCSID("$NetBSD: blocklistd.c,v 1.14 2025/12/15 15:51:37 christos Exp $");
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -191,12 +191,13 @@ process(bl_t bl)
 	}
 
 	if (getremoteaddress(bi, &rss, &rsl) == -1)
-		return;
+		goto out;
 
 	if (debug || bi->bi_msg[0]) {
 		sockaddr_snprintf(rbuf, sizeof(rbuf), "%a:%p", (void *)&rss);
 		(*lfun)(bi->bi_msg[0] ? LOG_INFO : LOG_DEBUG,
-		    "processing type=%d fd=%d remote=%s msg=\"%s\" uid=%lu gid=%lu",
+		    "processing type=%d fd=%d remote=%s msg=\"%s\" "
+		    "uid=%lu gid=%lu",
 		    bi->bi_type, bi->bi_fd, rbuf,
 		    bi->bi_msg, (unsigned long)bi->bi_uid,
 		    (unsigned long)bi->bi_gid);
@@ -204,12 +205,12 @@ process(bl_t bl)
 
 	if (conf_find(bi->bi_fd, bi->bi_uid, &rss, &c) == NULL) {
 		(*lfun)(LOG_DEBUG, "no rule matched");
-		return;
+		goto out;
 	}
 
 
 	if (state_get(state, &c, &dbi) == -1)
-		return;
+		goto out;
 
 	if (debug) {
 		char b1[128], b2[128];
@@ -269,6 +270,8 @@ process(bl_t bl)
 	state_put(state, &c, &dbi);
 
 out:
+	close(bi->bi_fd);
+
 	if (debug) {
 		char b1[128], b2[128];
 		(*lfun)(LOG_DEBUG, "%s: final db state for %s: count=%d/%d "
@@ -541,15 +544,16 @@ main(int argc, char *argv[])
 	state = state_open(dbfile, flags, 0600);
 	if (state == NULL)
 		state = state_open(dbfile,  flags | O_CREAT, 0600);
+	else {
+		if (restore) {
+			if (!flush)
+				rules_flush();
+			rules_restore();
+		}
+	}
 	if (state == NULL)
 		return EXIT_FAILURE;
 
-	if (restore) {
-		if (!flush)
-			rules_flush();
-		rules_restore();
-	}
-
 	if (!debug) {
 		if (daemon(0, 0) == -1)
 			err(EXIT_FAILURE, "daemon failed");
@@ -563,7 +567,7 @@ main(int argc, char *argv[])
 			conf_parse(configfile);
 		}
 		ret = poll(pfd, (nfds_t)nfd, tout);
-		if (debug && ret != 0)
+		if (debug)
 			(*lfun)(LOG_DEBUG, "received %d from poll()", ret);
 		switch (ret) {
 		case -1: