I'm just glancing at unbound_ctx_config() because Paul made a minor change to it to silence coverity. A failed stat is now logged (good) but behaviour is not otherwise changed. I've changed it to not use the pathame if stat fails on it.
I haven't gone so far as to actually understand the code. In several cases (unaffectd by Paul's change), when an error is detected, the code seems to log that error and then continue as if the error had not happened. I would expect this pattern to be a bug, at least in most cases. This kind of bug doesn't show up often because errors are rare. But bad behaviour when an error occurs likely compounds the problem. libunbound(3) documents nothing about errno and yet unbound_ctx_config() displays strerror(errno) in a couple of cases after a call to libunbound fails. Is errno meaningful after a failed call to libunbound? If so, the libunbound manpage should be updated. If not, this is an error in our code. At a minimum, I think errno should be initialized to 0 before these calls. I've done that. Summary: I think that there are likely bugs here. I've papered over a couple. _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
