diff options
| author | Michael Brown | 2013-07-19 15:53:38 +0200 |
|---|---|---|
| committer | Michael Brown | 2013-07-19 16:15:28 +0200 |
| commit | 72fb55e437474f1322ae6c748ab0df75e5eb84b6 (patch) | |
| tree | 92dfebcce96b3ed40dfbac43256c6d8e76527167 /src/crypto/clientcert.c | |
| parent | [settings] Expose parse_setting_name() (diff) | |
| download | ipxe-72fb55e437474f1322ae6c748ab0df75e5eb84b6.tar.gz ipxe-72fb55e437474f1322ae6c748ab0df75e5eb84b6.tar.xz ipxe-72fb55e437474f1322ae6c748ab0df75e5eb84b6.zip | |
[settings] Change "not-found" semantics of fetch_setting_copy()
fetch_settings_copy() currently returns success and a NULL data
pointer to indicate a non-existent setting. This is intended to allow
the caller to differentiate between a non-existent setting and an
error in allocating memory for the copy of the setting.
The underlying settings blocks' fetch() methods provide no way to
perform an existence check separate from an attempt to fetch the
setting. A "non-existent setting" therefore means simply a setting
for which an error was encountered when attempting to fetch from every
settings block within the subtree.
Since any underlying error within a settings block (e.g. a GuestRPC
failure when attempting to retrieve a VMware GuestInfo setting) will
produce the effect of a "non-existent setting", it seems somewhat
meaningless to give special treatment to memory allocation errors
within fetch_setting_copy().
Remove the special treatment and simplify the semantics of
fetch_setting_copy() by directly passing through any underlying error
(including non-existence) encountered while fetching the setting.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto/clientcert.c')
| -rw-r--r-- | src/crypto/clientcert.c | 21 |
1 files changed, 4 insertions, 17 deletions
diff --git a/src/crypto/clientcert.c b/src/crypto/clientcert.c index 5ce1f6c1a..6f6bf1135 100644 --- a/src/crypto/clientcert.c +++ b/src/crypto/clientcert.c @@ -116,7 +116,6 @@ static int clientcert_apply_settings ( void ) { static void *cert = NULL; static void *key = NULL; int len; - int rc; /* Allow client certificate to be overridden only if * not explicitly specified at build time. @@ -129,14 +128,8 @@ static int clientcert_apply_settings ( void ) { /* Fetch new client certificate, if any */ free ( cert ); - len = fetch_setting_copy ( NULL, &cert_setting, &cert ); - if ( len < 0 ) { - rc = len; - DBGC ( &client_certificate, "CLIENTCERT cannot fetch " - "client certificate: %s\n", strerror ( rc ) ); - return rc; - } - if ( cert ) { + if ( ( len = fetch_setting_copy ( NULL, &cert_setting, + &cert ) ) >= 0 ) { client_certificate.data = cert; client_certificate.len = len; } @@ -147,14 +140,8 @@ static int clientcert_apply_settings ( void ) { /* Fetch new client private key, if any */ free ( key ); - len = fetch_setting_copy ( NULL, &privkey_setting, &key ); - if ( len < 0 ) { - rc = len; - DBGC ( &client_certificate, "CLIENTCERT cannot fetch " - "client private key: %s\n", strerror ( rc ) ); - return rc; - } - if ( key ) { + if ( ( len = fetch_setting_copy ( NULL, &privkey_setting, + &key ) ) >= 0 ) { client_private_key.data = key; client_private_key.len = len; } |