On Thu, 26 Oct 2017, D. Hugh Redelmeier wrote:
I'm just glancing at unbound_ctx_config() because Paul made a minor change to it to silence coverity. A failed stat is now logged (good) but behaviour is not otherwise changed. I've changed it to not use the pathame if stat fails on it.
Thanks, I should have done that.
In several cases (unaffectd by Paul's change), when an error is detected, the code seems to log that error and then continue as if the error had not happened. I would expect this pattern to be a bug, at least in most cases.
We try to read whatever files specified via glob and wildcards as we can, and ignore the rest. That seems better then complete failure on startup. So if you remove a trust anchor file from your DNS setup, things still work as best they can without the file.
libunbound(3) documents nothing about errno and yet unbound_ctx_config() displays strerror(errno) in a couple of cases after a call to libunbound fails. Is errno meaningful after a failed call to libunbound? If so, the libunbound manpage should be updated.
I've CC:ed Wouter :)
If not, this is an error in our code. At a minimum, I think errno should be initialized to 0 before these calls. I've done that.
Yes, thanks! Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
