tls-openssl: SSL_CTX_load_verify_locations nullptr for unused parameter

bareos · Sep 20, 2018 · 28e9a4d · 28e9a4d
1 parent 6136904
commit 28e9a4d
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 12 deletions.
diff --git a/core/src/lib/tls_openssl.cc b/core/src/lib/tls_openssl.cc
@@ -125,11 +125,11 @@ bool TlsOpenSsl::init()
    SSL_CTX_set_default_passwd_cb(d_->openssl_ctx_, TlsOpenSslPrivate::tls_pem_callback_dispatch);
    SSL_CTX_set_default_passwd_cb_userdata(d_->openssl_ctx_, reinterpret_cast<void *>(d_.get()));
 
-   bool certfile_given = !d_->ca_certfile_.empty();
-   bool certdir_given = !d_->ca_certdir_.empty();
+   const char *ca_certfile = d_->ca_certfile_.empty() ? nullptr : d_->ca_certfile_.c_str();
+   const char *ca_certdir = d_->ca_certdir_.empty() ? nullptr : d_->ca_certfile_.c_str();
 
-   if (certfile_given || certdir_given) { /* at least one should be set */
-      if (!SSL_CTX_load_verify_locations(d_->openssl_ctx_, d_->ca_certfile_.c_str(), d_->ca_certdir_.c_str())) {
+   if (ca_certfile || ca_certdir) { /* at least one should be set */
+      if (!SSL_CTX_load_verify_locations(d_->openssl_ctx_, ca_certfile, ca_certdir)) {
          OpensslPostErrors(M_FATAL, _("Error loading certificate verification stores"));
          return false;
       }

diff --git a/core/src/lib/tls_openssl_private.cc b/core/src/lib/tls_openssl_private.cc
@@ -308,31 +308,31 @@ unsigned int TlsOpenSslPrivate::psk_client_cb(SSL *ssl,
  */
 void TlsOpenSsl::SetCaCertfile(const std::string &ca_certfile)
 {
-   Dmsg1(100, "Set ca_certfile: <%s>\n", ca_certfile.c_str());
+   Dmsg1(100, "Set ca_certfile:\t<%s>\n", ca_certfile.c_str());
    d_->ca_certfile_ = ca_certfile;
 }
 
 void TlsOpenSsl::SetCaCertdir(const std::string &ca_certdir)
 {
-   Dmsg1(100, "Set ca_certdir: <%s>\n", ca_certdir.c_str());
+   Dmsg1(100, "Set ca_certdir:\t<%s>\n", ca_certdir.c_str());
    d_->ca_certdir_ = ca_certdir;
 }
 
 void TlsOpenSsl::SetCrlfile(const std::string &crlfile)
 {
-   Dmsg1(100, "Set crlfile: <%s>\n", crlfile.c_str());
+   Dmsg1(100, "Set crlfile:\t<%s>\n", crlfile.c_str());
    d_->crlfile_ = crlfile;
 }
 
 void TlsOpenSsl::SetCertfile(const std::string &certfile)
 {
-   Dmsg1(100, "Set certfile: <%s>\n", certfile.c_str());
+   Dmsg1(100, "Set certfile:\t<%s>\n", certfile.c_str());
    d_->certfile_ = certfile;
 }
 
 void TlsOpenSsl::SetKeyfile(const std::string &keyfile)
 {
-   Dmsg1(100, "Set keyfile: <%s>\n", keyfile.c_str());
+   Dmsg1(100, "Set keyfile:\t<%s>\n", keyfile.c_str());
    d_->keyfile_ = keyfile;
 }
 
@@ -344,28 +344,30 @@ void TlsOpenSsl::SetPemCallback(CRYPTO_PEM_PASSWD_CB pem_callback)
 
 void TlsOpenSsl::SetPemUserdata(void *pem_userdata)
 {
-   Dmsg1(100, "Set pem_userdata to address: <%#>x\n", reinterpret_cast<uint64_t>(pem_userdata));
+   Dmsg1(100, "Set pem_userdata to address: <%#x>\n", reinterpret_cast<uint64_t>(pem_userdata));
    d_->pem_userdata_ = pem_userdata;
 }
 
 void TlsOpenSsl::SetDhFile(const std::string &dhfile)
 {
-   Dmsg1(100, "Set dhfile: <%s>\n", dhfile.c_str());
+   Dmsg1(100, "Set dhfile:\t<%s>\n", dhfile.c_str());
    d_->dhfile_ = dhfile;
 }
 
 void TlsOpenSsl::SetVerifyPeer(const bool &verify_peer)
 {
-   Dmsg1(100, "Set Verify Peer: <%s>\n", verify_peer ? "true" : "false");
+   Dmsg1(100, "Set Verify Peer:\t<%s>\n", verify_peer ? "true" : "false");
    d_->verify_peer_ = verify_peer;
 }
 
 void TlsOpenSsl::SetTcpFileDescriptor(const int& fd)
 {
+   Dmsg1(100, "Set tcp filedescriptor: <%d>\n", fd);
    d_->tcp_file_descriptor_ = fd ;
 }
 
 void TlsOpenSsl::SetCipherList(const std::string &cipherlist)
 {
+   Dmsg1(100, "Set cipherlist:\t<%s>\n", cipherlist.c_str());
    d_->cipherlist_ = cipherlist;
 }