tls: removed redundant IsTlsConfigured() calls

core/src/dird/verify.cc

@@ -346,10 +346,6 @@ bool DoVerify(JobControlRecord *jcr)
             store->SDDport = store->SDport;
          }
 
-         /*
-          * TLS Requirement
-          */
-
          tls_need = store->IsTlsConfigured() ? TlsPolicy::kBnetTlsAuto : TlsPolicy::kBnetTlsNone;
 
          fd->fsend(storaddrcmd, store->address, store->SDDport, tls_need, jcr->sd_auth_key);

core/src/lib/bsock.cc

@@ -428,19 +428,17 @@ bool BareosSocket::DoTlsHandshakeAsAServer(ConfigurationParser *config, JobContr
 
 void BareosSocket::ParameterizeTlsCert(Tls *tls_conn_init, TlsResource *tls_resource)
 {
-  if (tls_resource->IsTlsConfigured()) {
-    const std::string empty;
-    tls_conn_init->Setca_certfile_(tls_resource->tls_cert_.ca_certfile_ ? *tls_resource->tls_cert_.ca_certfile_ : empty);
-    tls_conn_init->SetCaCertdir(tls_resource->tls_cert_.ca_certdir_ ? *tls_resource->tls_cert_.ca_certdir_ : empty);
-    tls_conn_init->SetCrlfile(tls_resource->tls_cert_.crlfile_ ? *tls_resource->tls_cert_.crlfile_ : empty);
-    tls_conn_init->SetCertfile(tls_resource->tls_cert_.certfile_ ? *tls_resource->tls_cert_.certfile_ : empty);
-    tls_conn_init->SetKeyfile(tls_resource->tls_cert_.keyfile_ ? *tls_resource->tls_cert_.keyfile_ : empty);
-    //      tls_conn_init->SetPemCallback(TlsPemCallback); Ueb: --> Feature not implemented: Console Callback
-    tls_conn_init->SetPemUserdata(tls_resource->tls_cert_.pem_message_);
-    tls_conn_init->SetDhFile(tls_resource->tls_cert_.dhfile_ ? *tls_resource->tls_cert_.dhfile_ : empty);
-    tls_conn_init->SetCipherList(tls_resource->cipherlist_ ? *tls_resource->cipherlist_ : empty);
-    tls_conn_init->SetVerifyPeer(tls_resource->tls_cert_.verify_peer_);
-  }
+  const std::string empty;
+  tls_conn_init->Setca_certfile_(tls_resource->tls_cert_.ca_certfile_ ? *tls_resource->tls_cert_.ca_certfile_ : empty);
+  tls_conn_init->SetCaCertdir(tls_resource->tls_cert_.ca_certdir_ ? *tls_resource->tls_cert_.ca_certdir_ : empty);
+  tls_conn_init->SetCrlfile(tls_resource->tls_cert_.crlfile_ ? *tls_resource->tls_cert_.crlfile_ : empty);
+  tls_conn_init->SetCertfile(tls_resource->tls_cert_.certfile_ ? *tls_resource->tls_cert_.certfile_ : empty);
+  tls_conn_init->SetKeyfile(tls_resource->tls_cert_.keyfile_ ? *tls_resource->tls_cert_.keyfile_ : empty);
+  //      tls_conn_init->SetPemCallback(TlsPemCallback); Ueb: --> Feature not implemented: Console Callback
+  tls_conn_init->SetPemUserdata(tls_resource->tls_cert_.pem_message_);
+  tls_conn_init->SetDhFile(tls_resource->tls_cert_.dhfile_ ? *tls_resource->tls_cert_.dhfile_ : empty);
+  tls_conn_init->SetCipherList(tls_resource->cipherlist_ ? *tls_resource->cipherlist_ : empty);
+  tls_conn_init->SetVerifyPeer(tls_resource->tls_cert_.verify_peer_);
 }
 
 bool BareosSocket::ParameterizeAndInitTlsConnectionAsAServer(ConfigurationParser *config)
@@ -461,9 +459,7 @@ bool BareosSocket::ParameterizeAndInitTlsConnectionAsAServer(ConfigurationParser
 
   ParameterizeTlsCert(tls_conn_init.get(), tls_resource);
 
-  if (tls_resource->IsTlsConfigured()) {
-    tls_conn_init->SetTlsPskServerContext(config, config->GetTlsPskByFullyQualifiedResourceName);
-  }
+  tls_conn_init->SetTlsPskServerContext(config, config->GetTlsPskByFullyQualifiedResourceName);
 
   if (!tls_conn_init->init()) {
     tls_conn_init.reset();
@@ -517,7 +513,7 @@ bool BareosSocket::ParameterizeAndInitTlsConnection(TlsResource *tls_resource,
                                                     const char *password,
                                                     bool initiated_by_remote)
 {
-  if (!tls_resource->IsTlsConfigured() && !tls_resource->IsTlsConfigured()) { return true; }
+  if (!tls_resource->IsTlsConfigured()) { return true; }
 
   tls_conn_init.reset(Tls::CreateNewTlsContext(Tls::TlsImplementationType::kTlsOpenSsl));
   if (!tls_conn_init) {

core/src/lib/parse_conf.cc

@@ -1030,7 +1030,7 @@ bool ConfigurationParser::GetCleartextConfigured(uint32_t r_code,
   }
 
   if (name == std::string("*UserAgent*")) {
-    cleartext = !own_tls_resource->IsTlsConfigured() && !own_tls_resource->IsTlsConfigured();
+    cleartext = !own_tls_resource->IsTlsConfigured();
   } else {
     cleartext = !own_tls_resource->IsTlsConfigured() && !foreign_tls_resource->IsTlsConfigured();
   }

core/src/tests/bsock_test.cc

@@ -84,19 +84,6 @@ void InitForTest()
   InitMsg(NULL, NULL);
 }
 
-#if 0
-static bool check_cipher(const TlsResource &tls, const std::string &cipher)
-{
-   bool success = false;
-   if (tls.IsTlsConfigured() && !tls.IsTlsConfigured()) { /* cert && !psk */
-      success = cipher.find("-RSA-") != std::string::npos;
-   } else if (!tls.IsTlsConfigured() && tls.IsTlsConfigured()) { /* !cert && psk */
-      success = cipher.find("-PSK-") != std::string::npos;
-   }
-   return success;
-}
-#endif
-
 static void clone_a_server_socket(BareosSocket* bs)
 {
    std::unique_ptr<BareosSocket> bs2(bs->clone());
@@ -141,7 +128,7 @@ static void start_bareos_server(std::promise<bool> *promise, std::string console
          Dmsg1(10, "Server used cipher: <%s>\n", cipher.c_str());
          cipher_server = cipher;
       }
-      if (dir_cons_config->IsTlsConfigured() || dir_cons_config->IsTlsConfigured()) {
+      if (dir_cons_config->IsTlsConfigured()) {
          Dmsg0(10, bs->TlsEstablished() ? "Tls enable\n" : "Tls failed to establish\n");
          success = bs->TlsEstablished();
       } else {
@@ -219,7 +206,7 @@ static bool connect_to_server(std::string console_name, std::string console_pass
          Dmsg1(10, "Client used cipher: <%s>\n", cipher.c_str());
          cipher_client = cipher;
       }
-      if (cons_dir_config->IsTlsConfigured() || cons_dir_config->IsTlsConfigured()) {
+      if (cons_dir_config->IsTlsConfigured()) {
          Dmsg0(10, UA_sock->TlsEstablished() ? "Tls enable\n" : "Tls failed to establish\n");
          success = UA_sock->TlsEstablished();
       } else {