From cedddc1d7419de4cf8c403efeb03fd9277fee40d Mon Sep 17 00:00:00 2001 From: Frank Lichtenheld Date: Sat, 8 Mar 2025 11:04:55 +0100 Subject: [PATCH] Remove various unused function parameters Change-Id: Ia3b0f22b0049a111ce52b3c87dd08a843ea9a919 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Message-Id: <20250308100456.32383-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31064.html Signed-off-by: Gert Doering --- src/openvpn/forward.c | 4 ++-- src/openvpn/multi.c | 17 +++++++-------- src/openvpn/options.c | 7 +++---- src/openvpn/proxy.c | 9 ++++---- src/openvpn/push.c | 5 ++--- src/openvpn/push.h | 3 +-- src/openvpn/route.c | 6 +++--- src/openvpn/route.h | 2 +- src/openvpn/socket.c | 3 +-- src/openvpn/socket.h | 3 +-- src/openvpn/socks.c | 1 - src/openvpn/socks.h | 1 - src/openvpn/ssl.c | 7 +++---- src/openvpn/ssl_verify.c | 25 ++++++++--------------- src/openvpn/tls_crypt.c | 3 +-- src/openvpn/tls_crypt.h | 4 +--- src/openvpn/tun.c | 2 +- tests/unit_tests/openvpn/test_tls_crypt.c | 7 +++---- 18 files changed, 42 insertions(+), 67 deletions(-) diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index fce7ac8bb5e..af1d0085402 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -257,11 +257,11 @@ parse_incoming_control_channel_command(struct context *c, struct buffer *buf) } else if (buf_string_match_head_str(buf, "INFO_PRE")) { - server_pushed_info(c, buf, 8); + server_pushed_info(buf, 8); } else if (buf_string_match_head_str(buf, "INFO")) { - server_pushed_info(c, buf, 4); + server_pushed_info(buf, 4); } else if (buf_string_match_head_str(buf, "CR_RESPONSE")) { diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 9d244be6d79..0292e8dc613 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -1769,8 +1769,7 @@ multi_client_connect_mda(struct multi_context *m, } static void -multi_client_connect_setenv(struct multi_context *m, - struct multi_instance *mi) +multi_client_connect_setenv(struct multi_instance *mi) { struct gc_arena gc = gc_new(); @@ -2565,7 +2564,7 @@ multi_client_connect_early_setup(struct multi_context *m, /* do --client-connect setenvs */ multi_select_virtual_addr(m, mi); - multi_client_connect_setenv(m, mi); + multi_client_connect_setenv(mi); } /** @@ -2658,7 +2657,7 @@ multi_client_connect_source_ccd(struct multi_context *m, */ multi_select_virtual_addr(m, mi); - multi_client_connect_setenv(m, mi); + multi_client_connect_setenv(mi); ret = CC_RET_SUCCEEDED; } @@ -2930,7 +2929,6 @@ static void multi_bcast(struct multi_context *m, const struct buffer *buf, const struct multi_instance *sender_instance, - const struct mroute_addr *sender_addr, uint16_t vid) { struct hash_iterator hi; @@ -3458,7 +3456,7 @@ multi_process_incoming_link(struct multi_context *m, struct multi_instance *inst if (mroute_flags & MROUTE_EXTRACT_MCAST) { /* for now, treat multicast as broadcast */ - multi_bcast(m, &c->c2.to_tun, m->pending, NULL, 0); + multi_bcast(m, &c->c2.to_tun, m->pending, 0); } else /* possible client to client routing */ { @@ -3510,8 +3508,7 @@ multi_process_incoming_link(struct multi_context *m, struct multi_instance *inst { if (mroute_flags & (MROUTE_EXTRACT_BCAST|MROUTE_EXTRACT_MCAST)) { - multi_bcast(m, &c->c2.to_tun, m->pending, NULL, - vid); + multi_bcast(m, &c->c2.to_tun, m->pending, vid); } else /* try client-to-client routing */ { @@ -3604,7 +3601,7 @@ multi_process_incoming_tun(struct multi_context *m, const unsigned int mpp_flags if (mroute_flags & (MROUTE_EXTRACT_BCAST|MROUTE_EXTRACT_MCAST)) { /* for now, treat multicast as broadcast */ - multi_bcast(m, &m->top.c2.buf, NULL, NULL, vid); + multi_bcast(m, &m->top.c2.buf, NULL, vid); } else { @@ -3776,7 +3773,7 @@ gremlin_flood_clients(struct multi_context *m) for (i = 0; i < parm.n_packets; ++i) { - multi_bcast(m, &buf, NULL, NULL, 0); + multi_bcast(m, &buf, NULL, 0); } gc_free(&gc); diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 511ce059c3c..df3ebadbf0d 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2137,7 +2137,6 @@ static struct http_proxy_options * parse_http_proxy_override(const char *server, const char *port, const char *flags, - const int msglevel, struct gc_arena *gc) { if (server && port) @@ -2307,7 +2306,7 @@ alloc_pull_filter_list(struct options *o) } static struct pull_filter * -alloc_pull_filter(struct options *o, const int msglevel) +alloc_pull_filter(struct options *o) { struct pull_filter_list *l = alloc_pull_filter_list(o); struct pull_filter *f; @@ -6345,7 +6344,7 @@ add_option(struct options *options, else if (streq(p[0], "http-proxy-override") && p[1] && p[2] && !p[4]) { VERIFY_PERMISSION(OPT_P_GENERAL); - options->http_proxy_override = parse_http_proxy_override(p[1], p[2], p[3], msglevel, &options->gc); + options->http_proxy_override = parse_http_proxy_override(p[1], p[2], p[3], &options->gc); if (!options->http_proxy_override) { goto err; @@ -7259,7 +7258,7 @@ add_option(struct options *options, { struct pull_filter *f; VERIFY_PERMISSION(OPT_P_GENERAL) - f = alloc_pull_filter(options, msglevel); + f = alloc_pull_filter(options); if (strcmp("accept", p[1]) == 0) { diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index 404ea081d03..560db6f4458 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -573,8 +573,7 @@ http_proxy_close(struct http_proxy_info *hp) static bool add_proxy_headers(struct http_proxy_info *p, socket_descriptor_t sd, /* already open to proxy */ - const char *host, /* openvpn server remote */ - const char *port /* openvpn server port */ + const char *host /* openvpn server remote */ ) { char buf[512]; @@ -694,7 +693,7 @@ establish_http_proxy_passthru(struct http_proxy_info *p, goto error; } - if (!add_proxy_headers(p, sd, host, port)) + if (!add_proxy_headers(p, sd, host)) { goto error; } @@ -833,7 +832,7 @@ establish_http_proxy_passthru(struct http_proxy_info *p, } /* send HOST etc, */ - if (!add_proxy_headers(p, sd, host, port)) + if (!add_proxy_headers(p, sd, host)) { goto error; } @@ -959,7 +958,7 @@ establish_http_proxy_passthru(struct http_proxy_info *p, } /* send HOST etc, */ - if (!add_proxy_headers(p, sd, host, port)) + if (!add_proxy_headers(p, sd, host)) { goto error; } diff --git a/src/openvpn/push.c b/src/openvpn/push.c index 80f90653229..914f5207b3e 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -226,8 +226,7 @@ receive_exit_message(struct context *c) void -server_pushed_info(struct context *c, const struct buffer *buffer, - const int adv) +server_pushed_info(const struct buffer *buffer, const int adv) { const char *m = ""; struct buffer buf = *buffer; @@ -259,7 +258,7 @@ server_pushed_info(struct context *c, const struct buffer *buffer, gc_free(&gc); } - #endif +#endif msg(D_PUSH, "Info command was pushed by server ('%s')", m); } diff --git a/src/openvpn/push.h b/src/openvpn/push.h index 4a1332794ab..6af08537bb5 100644 --- a/src/openvpn/push.h +++ b/src/openvpn/push.h @@ -50,8 +50,7 @@ void server_pushed_signal(struct context *c, const struct buffer *buffer, const void receive_exit_message(struct context *c); -void server_pushed_info(struct context *c, const struct buffer *buffer, - const int adv); +void server_pushed_info(const struct buffer *buffer, const int adv); void receive_cr_response(struct context *c, const struct buffer *buffer); diff --git a/src/openvpn/route.c b/src/openvpn/route.c index bc41492bad5..245b15b6453 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1243,7 +1243,7 @@ add_routes(struct route_list *rl, struct route_ipv6_list *rl6, { if (flags & ROUTE_DELETE_FIRST) { - delete_route_ipv6(r, tt, flags, es, ctx); + delete_route_ipv6(r, tt, es, ctx); } ret = add_route_ipv6(r, tt, flags, es, ctx) && ret; } @@ -1280,7 +1280,7 @@ delete_routes(struct route_list *rl, struct route_ipv6_list *rl6, struct route_ipv6 *r6; for (r6 = rl6->routes_ipv6; r6; r6 = r6->next) { - delete_route_ipv6(r6, tt, flags, es, ctx); + delete_route_ipv6(r6, tt, es, ctx); } rl6->iflags &= ~RL_ROUTES_ADDED; } @@ -2383,7 +2383,7 @@ delete_route(struct route_ipv4 *r, void delete_route_ipv6(const struct route_ipv6 *r6, const struct tuntap *tt, - unsigned int flags, const struct env_set *es, + const struct env_set *es, openvpn_net_ctx_t *ctx) { const char *network; diff --git a/src/openvpn/route.h b/src/openvpn/route.h index 98ea79ea7cc..dda210a5268 100644 --- a/src/openvpn/route.h +++ b/src/openvpn/route.h @@ -280,7 +280,7 @@ void route_ipv6_clear_host_bits( struct route_ipv6 *r6 ); bool add_route_ipv6(struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx); -void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx); +void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, const struct env_set *es, openvpn_net_ctx_t *ctx); bool add_route(struct route_ipv4 *r, const struct tuntap *tt, unsigned int flags, const struct route_gateway_info *rgi, const struct env_set *es, diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index d8cb9f5c654..6b32e303369 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2168,7 +2168,6 @@ phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info) establish_socks_proxy_udpassoc(sock->socks_proxy, sock->ctrl_sd, - sock->sd, &sock->socks_relay.dest, sock->server_poll_timeout, sig_info); @@ -3481,7 +3480,7 @@ link_socket_write_tcp(struct link_socket *sock, #ifdef _WIN32 return link_socket_write_win32(sock, buf, to); #else - return link_socket_write_tcp_posix(sock, buf, to); + return link_socket_write_tcp_posix(sock, buf); #endif } diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h index 2c33319d2b6..29311de7a06 100644 --- a/src/openvpn/socket.h +++ b/src/openvpn/socket.h @@ -1172,8 +1172,7 @@ link_socket_write_udp_posix(struct link_socket *sock, static inline ssize_t link_socket_write_tcp_posix(struct link_socket *sock, - struct buffer *buf, - struct link_socket_actual *to) + struct buffer *buf) { return send(sock->sd, BPTR(buf), BLEN(buf), MSG_NOSIGNAL); } diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index e280453d645..d2105cbebdf 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -516,7 +516,6 @@ establish_socks_proxy_passthru(struct socks_proxy_info *p, void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, /* already open to proxy */ - socket_descriptor_t udp_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info) diff --git a/src/openvpn/socks.h b/src/openvpn/socks.h index 5c4b4a1b430..d5658eedc3d 100644 --- a/src/openvpn/socks.h +++ b/src/openvpn/socks.h @@ -57,7 +57,6 @@ void establish_socks_proxy_passthru(struct socks_proxy_info *p, void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, /* already open to proxy */ - socket_descriptor_t udp_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info); diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 439ce797b20..48f2a49eb7a 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1676,7 +1676,7 @@ tls_session_update_crypto_params_do_work(struct tls_multi *multi, /* If dynamic tls-crypt has been negotiated, and we are on the * first session (key_id = 0), generate a tls-crypt key for the * following renegotiations */ - if (!tls_session_generate_dynamic_tls_crypt_key(multi, session)) + if (!tls_session_generate_dynamic_tls_crypt_key(session)) { return false; } @@ -2241,8 +2241,7 @@ key_method_2_write(struct buffer *buf, struct tls_multi *multi, struct tls_sessi } static void -export_user_keying_material(struct key_state_ssl *ssl, - struct tls_session *session) +export_user_keying_material(struct tls_session *session) { if (session->opt->ekm_size > 0) { @@ -2430,7 +2429,7 @@ key_method_2_read(struct buffer *buf, struct tls_multi *multi, struct tls_sessio if ((ks->authenticated > KS_AUTH_FALSE) && plugin_defined(session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL)) { - export_user_keying_material(&ks->ks_ssl, session); + export_user_keying_material(session); if (plugin_call(session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL, NULL, NULL, session->opt->es) != OPENVPN_PLUGIN_FUNC_SUCCESS) { diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index e7d7ed6f513..1ac94fcb59a 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -401,7 +401,7 @@ verify_peer_cert(const struct tls_options *opt, openvpn_x509_cert_t *peer_cert, */ static void verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert_depth, - const char *subject, const char *common_name, + const char *subject, const struct x509_track *x509_track) { char envname[64]; @@ -422,12 +422,6 @@ verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); setenv_str(es, envname, subject); -#if 0 - /* export common name string as environmental variable */ - snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); - setenv_str(es, envname, common_name); -#endif - /* export X509 cert fingerprints */ { struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc); @@ -518,7 +512,7 @@ verify_cert_call_plugin(const struct plugin_list *plugins, struct env_set *es, */ static result_t verify_cert_call_command(const char *verify_command, struct env_set *es, - int cert_depth, openvpn_x509_cert_t *cert, char *subject) + int cert_depth, char *subject) { int ret; struct gc_arena gc = gc_new(); @@ -744,8 +738,7 @@ verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_dep } } /* export certificate values to the environment */ - verify_cert_set_env(opt->es, cert, cert_depth, subject, common_name, - opt->x509_track); + verify_cert_set_env(opt->es, cert, cert_depth, subject, opt->x509_track); /* export current untrusted IP */ setenv_untrusted(session); @@ -764,7 +757,7 @@ verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_dep /* run --tls-verify script */ if (opt->verify_command && SUCCESS != verify_cert_call_command(opt->verify_command, - opt->es, cert_depth, cert, subject)) + opt->es, cert_depth, subject)) { goto cleanup; } @@ -1017,7 +1010,6 @@ key_state_gen_auth_control_files(struct auth_deferred_status *ads, */ static char * key_state_check_auth_failed_message_file(const struct auth_deferred_status *ads, - struct tls_multi *multi, struct gc_arena *gc) { char *ret = NULL; @@ -1201,8 +1193,8 @@ tls_authentication_status(struct tls_multi *multi) { struct gc_arena gc = gc_new(); const struct key_state *ks = get_primary_key(multi); - const char *plugin_message = key_state_check_auth_failed_message_file(&ks->plugin_auth, multi, &gc); - const char *script_message = key_state_check_auth_failed_message_file(&ks->script_auth, multi, &gc); + const char *plugin_message = key_state_check_auth_failed_message_file(&ks->plugin_auth, &gc); + const char *script_message = key_state_check_auth_failed_message_file(&ks->script_auth, &gc); if (plugin_message) { @@ -1286,7 +1278,7 @@ check_for_client_reason(struct tls_multi *multi, struct auth_deferred_status *status) { struct gc_arena gc = gc_new(); - const char *msg = key_state_check_auth_failed_message_file(status, multi, &gc); + const char *msg = key_state_check_auth_failed_message_file(status, &gc); if (msg) { auth_set_client_reason(multi, msg); @@ -1529,7 +1521,6 @@ verify_user_pass_plugin(struct tls_session *session, struct tls_multi *multi, static int verify_user_pass_management(struct tls_session *session, - struct tls_multi *multi, const struct user_pass *up) { int retval = KMDA_ERROR; @@ -1675,7 +1666,7 @@ verify_user_pass(struct user_pass *up, struct tls_multi *multi, #ifdef ENABLE_MANAGEMENT if (man_def_auth == KMDA_DEF) { - man_def_auth = verify_user_pass_management(session, multi, up); + man_def_auth = verify_user_pass_management(session, up); } #endif if (plugin_defined(session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)) diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index 2e51c1dad8a..eb7b03d163a 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -95,8 +95,7 @@ xor_key2(struct key2 *key, const struct key2 *other) } bool -tls_session_generate_dynamic_tls_crypt_key(struct tls_multi *multi, - struct tls_session *session) +tls_session_generate_dynamic_tls_crypt_key(struct tls_session *session) { session->tls_wrap_reneg.opt = session->tls_wrap.opt; session->tls_wrap_reneg.mode = TLS_WRAP_CRYPT; diff --git a/src/openvpn/tls_crypt.h b/src/openvpn/tls_crypt.h index ffb1f2afdca..e98aae78aa6 100644 --- a/src/openvpn/tls_crypt.h +++ b/src/openvpn/tls_crypt.h @@ -122,13 +122,11 @@ void tls_crypt_init_key(struct key_ctx_bi *key, struct key2 *keydata, * * All renegotiations of a session use the same generated dynamic key. * - * @param multi multi session struct * @param session session that will be used for the TLS EKM exporter * @return true iff generating the key was successful */ bool -tls_session_generate_dynamic_tls_crypt_key(struct tls_multi *multi, - struct tls_session *session); +tls_session_generate_dynamic_tls_crypt_key(struct tls_session *session); /** * Returns the maximum overhead (in bytes) added to the destination buffer by diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index dbe3dfc2518..4817f45e569 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1068,7 +1068,7 @@ delete_route_connected_v6_net(const struct tuntap *tt) r6.metric = 0; /* connected route */ r6.flags = RT_DEFINED | RT_ADDED | RT_METRIC_DEFINED; route_ipv6_clear_host_bits(&r6); - delete_route_ipv6(&r6, tt, 0, NULL, NULL); + delete_route_ipv6(&r6, tt, NULL, NULL); } #endif /* if defined(_WIN32) || defined(TARGET_DARWIN) || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) */ diff --git a/tests/unit_tests/openvpn/test_tls_crypt.c b/tests/unit_tests/openvpn/test_tls_crypt.c index 94cd0ee7ec4..ee252f431b3 100644 --- a/tests/unit_tests/openvpn/test_tls_crypt.c +++ b/tests/unit_tests/openvpn/test_tls_crypt.c @@ -241,7 +241,6 @@ test_tls_crypt_secure_reneg_key(void **state) struct gc_arena gc = gc_new(); - struct tls_multi multi = { 0 }; struct tls_session session = { 0 }; struct tls_options tls_opt = { 0 }; @@ -250,7 +249,7 @@ test_tls_crypt_secure_reneg_key(void **state) tls_opt.frame.buf.payload_size = 512; session.opt = &tls_opt; - tls_session_generate_dynamic_tls_crypt_key(&multi, &session); + tls_session_generate_dynamic_tls_crypt_key(&session); struct tls_wrap_ctx *rctx = &session.tls_wrap_reneg; @@ -272,7 +271,7 @@ test_tls_crypt_secure_reneg_key(void **state) memset(&session.tls_wrap.original_wrap_keydata.keys, 0x00, sizeof(session.tls_wrap.original_wrap_keydata.keys)); session.tls_wrap.original_wrap_keydata.n = 2; - tls_session_generate_dynamic_tls_crypt_key(&multi, &session); + tls_session_generate_dynamic_tls_crypt_key(&session); tls_crypt_wrap(&ctx->source, &rctx->work, &rctx->opt); assert_int_equal(buf_len(&ctx->source) + 40, buf_len(&rctx->work)); @@ -281,7 +280,7 @@ test_tls_crypt_secure_reneg_key(void **state) /* XOR should not force a different key */ memset(&session.tls_wrap.original_wrap_keydata.keys, 0x42, sizeof(session.tls_wrap.original_wrap_keydata.keys)); - tls_session_generate_dynamic_tls_crypt_key(&multi, &session); + tls_session_generate_dynamic_tls_crypt_key(&session); tls_crypt_wrap(&ctx->source, &rctx->work, &rctx->opt); assert_int_equal(buf_len(&ctx->source) + 40, buf_len(&rctx->work));