summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNathan Skrzypczak <nathan.skrzypczak@gmail.com>2019-07-30 16:14:34 +0200
committerFlorin Coras <florin.coras@gmail.com>2019-07-30 16:29:24 +0000
commit874a31ea0be9f6d3fe6e8fb0fa17e8b02ce8d37a (patch)
tree02834e16563dd689b6ec60c4025ccc3eefcb197c
parent1c2af06852fb6d7788f0f4926d062c11e5869ead (diff)
quic: fix cert loading
Type: fix Change-Id: I29d24c8ec7b8e0613d4fbf5eedc72384326dc284 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
-rw-r--r--src/plugins/quic/certs.c14
-rw-r--r--src/plugins/quic/certs.h4
-rw-r--r--src/plugins/quic/quic.c11
3 files changed, 17 insertions, 12 deletions
diff --git a/src/plugins/quic/certs.c b/src/plugins/quic/certs.c
index 20d9881d22c..8b2f05ebabe 100644
--- a/src/plugins/quic/certs.c
+++ b/src/plugins/quic/certs.c
@@ -174,7 +174,7 @@ ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio)
return ret;
}
-void
+int
load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
{
BIO *cert_bio;
@@ -182,13 +182,13 @@ load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
if (ptls_load_bio_certificates (ctx, cert_bio) != 0)
{
BIO_free (cert_bio);
- clib_warning ("failed to load certificate:%s\n", strerror (errno));
- exit (1);
+ return -1;
}
BIO_free (cert_bio);
+ return 0;
}
-void
+int
load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
{
static ptls_openssl_sign_certificate_t sc;
@@ -200,13 +200,11 @@ load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
BIO_free (key_bio);
if (pkey == NULL)
- {
- clib_warning ("failed to read private key from app configuration\n");
- exit (1);
- }
+ return -1;
ptls_openssl_init_sign_certificate (&sc, pkey);
EVP_PKEY_free (pkey);
ctx->sign_certificate = &sc.super;
+ return 0;
}
diff --git a/src/plugins/quic/certs.h b/src/plugins/quic/certs.h
index e60f96d55d2..c26e060a1f4 100644
--- a/src/plugins/quic/certs.h
+++ b/src/plugins/quic/certs.h
@@ -32,9 +32,9 @@ int ptls_load_bio_pem_objects (BIO * bio, const char *label,
int ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio);
-void load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data);
+int load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data);
-void load_bio_private_key (ptls_context_t * ctx, const char *pk_data);
+int load_bio_private_key (ptls_context_t * ctx, const char *pk_data);
#endif /* __included_quic_certs_h__ */
diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c
index 9ec7fd869d5..252f92d3160 100644
--- a/src/plugins/quic/quic.c
+++ b/src/plugins/quic/quic.c
@@ -927,8 +927,15 @@ allocate_quicly_ctx (application_t * app, u8 is_client)
&ptls_openssl_sha256, key_vec);
if (!is_client && app->tls_key != NULL && app->tls_cert != NULL)
{
- load_bio_private_key (quicly_ctx->tls, (char *) app->tls_key);
- load_bio_certificate_chain (quicly_ctx->tls, (char *) app->tls_cert);
+ if (load_bio_private_key (quicly_ctx->tls, (char *) app->tls_key))
+ {
+ QUIC_DBG (1, "failed to read private key from app configuration\n");
+ }
+ if (load_bio_certificate_chain (quicly_ctx->tls,
+ (char *) app->tls_cert))
+ {
+ QUIC_DBG (1, "failed to load certificate\n");
+ }
}
}