blocklist: blacklist: Chase recent upstream changes

Upstream fixed a couple of bugs: 1. Only attempt to restore the blocking rules if the database file exists. Otherwise, when the service starts for the first time, it fails (PR 258411). 2. Revert a commit that removed a call to close(bi->bi_fd), preventing the descriptor from being deleted. PR: 258411 PR: 291680 MFC after: 1 week
2026-01-11 19:57:22 +00:00 · 2025-12-16 07:57:07 +00:00 · 2025-12-16 07:57:07 +00:00 · 9c844b6110
commit 9c844b6110
parent 27554189e5
1 changed files with 17 additions and 13 deletions
--- a/contrib/blocklist/bin/blacklistd.c
+++ b/contrib/blocklist/bin/blacklistd.c
@ -1,4 +1,4 @@
-/*	$NetBSD: blocklistd.c,v 1.12 2025/10/25 18:43:51 christos Exp $	*/
+/*	$NetBSD: blocklistd.c,v 1.14 2025/12/15 15:51:37 christos Exp $	*/

 /*-
 * Copyright (c) 2015 The NetBSD Foundation, Inc.
@ -35,7 +35,7 @@
 #ifdef HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: blocklistd.c,v 1.12 2025/10/25 18:43:51 christos Exp $");
+__RCSID("$NetBSD: blocklistd.c,v 1.14 2025/12/15 15:51:37 christos Exp $");

 #include <sys/types.h>
 #include <sys/socket.h>
@ -191,12 +191,13 @@ process(bl_t bl)
 	}

 	if (getremoteaddress(bi, &rss, &rsl) == -1)
-		return;
+		goto out;

 	if (debug || bi->bi_msg[0]) {
 		sockaddr_snprintf(rbuf, sizeof(rbuf), "%a:%p", (void *)&rss);
 		(*lfun)(bi->bi_msg[0] ? LOG_INFO : LOG_DEBUG,
-		    "processing type=%d fd=%d remote=%s msg=\"%s\" uid=%lu gid=%lu",
+		    "processing type=%d fd=%d remote=%s msg=\"%s\" "
+		    "uid=%lu gid=%lu",
 		    bi->bi_type, bi->bi_fd, rbuf,
 		    bi->bi_msg, (unsigned long)bi->bi_uid,
 		    (unsigned long)bi->bi_gid);
@ -204,12 +205,12 @@ process(bl_t bl)

 	if (conf_find(bi->bi_fd, bi->bi_uid, &rss, &c) == NULL) {
 		(*lfun)(LOG_DEBUG, "no rule matched");
-		return;
+		goto out;
 	}


 	if (state_get(state, &c, &dbi) == -1)
-		return;
+		goto out;

 	if (debug) {
 		char b1[128], b2[128];
@ -269,6 +270,8 @@ process(bl_t bl)
 	state_put(state, &c, &dbi);

 out:
+	close(bi->bi_fd);
+
 	if (debug) {
 		char b1[128], b2[128];
 		(*lfun)(LOG_DEBUG, "%s: final db state for %s: count=%d/%d "
@ -541,15 +544,16 @@ main(int argc, char *argv[])
 	state = state_open(dbfile, flags, 0600);
 	if (state == NULL)
 		state = state_open(dbfile,  flags | O_CREAT, 0600);
+	else {
+		if (restore) {
+			if (!flush)
+				rules_flush();
+			rules_restore();
+		}
+	}
 	if (state == NULL)
 		return EXIT_FAILURE;

-	if (restore) {
-		if (!flush)
-			rules_flush();
-		rules_restore();
-	}
-
 	if (!debug) {
 		if (daemon(0, 0) == -1)
 			err(EXIT_FAILURE, "daemon failed");
@ -563,7 +567,7 @@ main(int argc, char *argv[])
 			conf_parse(configfile);
 		}
 		ret = poll(pfd, (nfds_t)nfd, tout);
-		if (debug && ret != 0)
+		if (debug)
 			(*lfun)(LOG_DEBUG, "received %d from poll()", ret);
 		switch (ret) {
 		case -1: