From 874a31ea0be9f6d3fe6e8fb0fa17e8b02ce8d37a Mon Sep 17 00:00:00 2001
From: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Date: Tue, 30 Jul 2019 16:14:34 +0200
Subject: quic: fix cert loading

Type: fix

Change-Id: I29d24c8ec7b8e0613d4fbf5eedc72384326dc284
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
---
 src/plugins/quic/certs.c | 14 ++++++--------
 src/plugins/quic/certs.h |  4 ++--
 src/plugins/quic/quic.c  | 11 +++++++++--
 3 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/src/plugins/quic/certs.c b/src/plugins/quic/certs.c
index 20d9881d22c..8b2f05ebabe 100644
--- a/src/plugins/quic/certs.c
+++ b/src/plugins/quic/certs.c
@@ -174,7 +174,7 @@ ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio)
   return ret;
 }
 
-void
+int
 load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
 {
   BIO *cert_bio;
@@ -182,13 +182,13 @@ load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
   if (ptls_load_bio_certificates (ctx, cert_bio) != 0)
     {
       BIO_free (cert_bio);
-      clib_warning ("failed to load certificate:%s\n", strerror (errno));
-      exit (1);
+      return -1;
     }
   BIO_free (cert_bio);
+  return 0;
 }
 
-void
+int
 load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
 {
   static ptls_openssl_sign_certificate_t sc;
@@ -200,13 +200,11 @@ load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
   BIO_free (key_bio);
 
   if (pkey == NULL)
-    {
-      clib_warning ("failed to read private key from app configuration\n");
-      exit (1);
-    }
+    return -1;
 
   ptls_openssl_init_sign_certificate (&sc, pkey);
   EVP_PKEY_free (pkey);
 
   ctx->sign_certificate = &sc.super;
+  return 0;
 }
diff --git a/src/plugins/quic/certs.h b/src/plugins/quic/certs.h
index e60f96d55d2..c26e060a1f4 100644
--- a/src/plugins/quic/certs.h
+++ b/src/plugins/quic/certs.h
@@ -32,9 +32,9 @@ int ptls_load_bio_pem_objects (BIO * bio, const char *label,
 
 int ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio);
 
-void load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data);
+int load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data);
 
-void load_bio_private_key (ptls_context_t * ctx, const char *pk_data);
+int load_bio_private_key (ptls_context_t * ctx, const char *pk_data);
 
 
 #endif /* __included_quic_certs_h__ */
diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c
index 9ec7fd869d5..252f92d3160 100644
--- a/src/plugins/quic/quic.c
+++ b/src/plugins/quic/quic.c
@@ -927,8 +927,15 @@ allocate_quicly_ctx (application_t * app, u8 is_client)
 				      &ptls_openssl_sha256, key_vec);
   if (!is_client && app->tls_key != NULL && app->tls_cert != NULL)
     {
-      load_bio_private_key (quicly_ctx->tls, (char *) app->tls_key);
-      load_bio_certificate_chain (quicly_ctx->tls, (char *) app->tls_cert);
+      if (load_bio_private_key (quicly_ctx->tls, (char *) app->tls_key))
+	{
+	  QUIC_DBG (1, "failed to read private key from app configuration\n");
+	}
+      if (load_bio_certificate_chain (quicly_ctx->tls,
+				      (char *) app->tls_cert))
+	{
+	  QUIC_DBG (1, "failed to load certificate\n");
+	}
     }
 }
 
-- 
cgit 1.2.3-korg