tls-openssl: removed all c++ exceptions

core/src/lib/tls_openssl.cc

@@ -59,7 +59,7 @@ TlsOpenSsl::TlsOpenSsl()
 
    if (!d_->openssl_ctx_) {
       OpensslPostErrors(M_FATAL, _("Error initializing SSL context"));
-      throw std::runtime_error(_("Error initializing SSL context"));
+      return;
    }
 
    SSL_CTX_set_options(d_->openssl_ctx_, SSL_OP_ALL);
@@ -126,7 +126,7 @@ return true;
    if (!d_->ca_certfile_.empty() || !d_->ca_certdir_.empty()) { /* at least one should be set */
       if (!SSL_CTX_load_verify_locations(d_->openssl_ctx_, d_->ca_certfile_.c_str(), d_->ca_certdir_.c_str())) {
          OpensslPostErrors(M_FATAL, _("Error loading certificate verification stores"));
-         throw std::runtime_error(_("Error loading certificate verification stores"));
+         return false;
       }
    } else if (d_->verify_peer_) {
       /* At least one CA is required for peer verification */
@@ -146,18 +146,18 @@ return true;
       store = SSL_CTX_get_cert_store(d_->openssl_ctx_);
       if (!store) {
          OpensslPostErrors(M_FATAL, _("Error loading revocation list file"));
-         throw std::runtime_error(_("Error loading revocation list file"));
+         return false;
       }
 
       lookup = X509_STORE_add_lookup(store, X509_LOOKUP_crl_reloader());
       if (!lookup) {
          OpensslPostErrors(M_FATAL, _("Error loading revocation list file"));
-         throw std::runtime_error(_("Error loading revocation list file"));
+         return false;
       }
 
       if (!LoadNewCrlFile(lookup, (char *)crlfile)) {
          OpensslPostErrors(M_FATAL, _("Error loading revocation list file"));
-         throw std::runtime_error(_("Error loading revocation list file"));
+         return false;
       }
 
       X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
@@ -171,32 +171,32 @@ return true;
    if (!d_->certfile_.empty()) {
       if (!SSL_CTX_use_certificate_chain_file(d_->openssl_ctx_, d_->certfile_.c_str())) {
          OpensslPostErrors(M_FATAL, _("Error loading certificate file"));
-         throw std::runtime_error(_("Error loading certificate file"));
+         return false;
       }
    }
 
    if (!d_->keyfile_.empty()) {
       if (!SSL_CTX_use_PrivateKey_file(d_->openssl_ctx_, d_->keyfile_.c_str(), SSL_FILETYPE_PEM)) {
          OpensslPostErrors(M_FATAL, _("Error loading private key"));
-         throw std::runtime_error(_("Error loading private key"));
+         return false;
       }
    }
 
    if (!d_->dhfile_.empty()) { /* Diffie-Hellman parameters */
       if (!(bio = BIO_new_file(d_->dhfile_.c_str(), "r"))) {
          OpensslPostErrors(M_FATAL, _("Unable to open DH parameters file"));
-         throw std::runtime_error(_("Unable to open DH parameters file"));
+         return false;
       }
 //      dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); Ueb: bio richtig initialisieren
 //      BIO_free(bio);
 //      if (!dh) {
 //         OpensslPostErrors(M_FATAL, _("Unable to load DH parameters from specified file"));
-//         throw std::runtime_error(_("Unable to load DH parameters from specified file"));
+//         return false;
 //      }
 //      if (!SSL_CTX_set_tmp_dh(d_->openssl_ctx_, dh)) {
 //         OpensslPostErrors(M_FATAL, _("Failed to set TLS Diffie-Hellman parameters"));
 //         DH_free(dh);
-//         throw std::runtime_error(_("Failed to set TLS Diffie-Hellman parameters"));
+//         return false;
 //      }
 
       SSL_CTX_set_options(d_->openssl_ctx_, SSL_OP_SINGLE_DH_USE);

core/src/lib/tls_openssl_private.cc

@@ -247,22 +247,18 @@ unsigned int TlsOpenSslPrivate::psk_server_cb(SSL *ssl,
    Dmsg1(100, "psk_server_cb. identitiy: %s.\n", identity);
 
    if (openssl_ctx) {
-      try {
+      if (psk_server_credentials.find(openssl_ctx) != psk_server_credentials.end()) {
          const PskCredentials &credentials = psk_server_credentials.at(openssl_ctx);
 
          if (credentials.get_identity() == std::string(identity)) {
             int psklen = Bsnprintf((char *)psk, max_psk_len, "%s", credentials.get_psk().c_str());
-            result = (psklen < 0) ? 0 : psklen;
             Dmsg1(100, "psk_server_cb. psk: %s.\n", psk);
-        }
-         return result;
-      } catch (const std::out_of_range & /* exception */) {
-         // ssl context unknown
+            result = (psklen < 0) ? 0 : psklen;
+         }
+      } else {
          Dmsg0(100, "Error, TLS-PSK credentials not found.\n");
-         return 0;
       }
    }
-   Dmsg0(100, "Error, SSL_CTX not set.\n");
    return result;
 }
 
@@ -277,7 +273,7 @@ unsigned int TlsOpenSslPrivate::psk_client_cb(SSL *ssl,
    const SSL_CTX *openssl_ctx = SSL_get_SSL_CTX(ssl);
 
    if (openssl_ctx) {
-      try {
+      if (psk_client_credentials.find(openssl_ctx) != psk_client_credentials.end()) {
          const PskCredentials &credentials = TlsOpenSslPrivate::psk_client_credentials.at(openssl_ctx);
          int ret =
              Bsnprintf(identity, max_identity_len, "%s", credentials.get_identity().c_str());
@@ -296,8 +292,7 @@ unsigned int TlsOpenSslPrivate::psk_client_cb(SSL *ssl,
          Dmsg1(100, "psk_client_cb. psk: %s.\n", psk);
 
          return ret;
-      } catch (const std::out_of_range &exception) {
-         // ssl context unknown
+      } else {
          Dmsg0(100, "Error, TLS-PSK CALLBACK not set.\n");
          return 0;
       }