diff options
| -rw-r--r-- | src/core/settings.c | 16 | ||||
| -rw-r--r-- | src/crypto/clientcert.c | 21 | ||||
| -rw-r--r-- | src/crypto/rootcert.c | 18 |
3 files changed, 8 insertions, 47 deletions
diff --git a/src/core/settings.c b/src/core/settings.c index a0a09d4e1..0be1a2dd0 100644 --- a/src/core/settings.c +++ b/src/core/settings.c @@ -722,11 +722,6 @@ int fetch_setting_len ( struct settings *settings, struct setting *setting ) { * * The caller is responsible for eventually freeing the allocated * buffer. - * - * To allow the caller to distinguish between a non-existent setting - * and an error in allocating memory for the copy, this function will - * return success (and a NULL buffer pointer) for a non-existent - * setting. */ int fetch_setting_copy ( struct settings *settings, struct setting *setting, void **data ) { @@ -736,10 +731,10 @@ int fetch_setting_copy ( struct settings *settings, struct setting *setting, /* Avoid returning uninitialised data on error */ *data = NULL; - /* Fetch setting length, and return success if non-existent */ + /* Check existence, and fetch setting length */ len = fetch_setting_len ( settings, setting ); if ( len < 0 ) - return 0; + return len; /* Allocate buffer */ *data = malloc ( len ); @@ -1055,12 +1050,6 @@ int fetchf_setting ( struct settings *settings, struct setting *setting, goto err_fetch_copy; } - /* Return error if setting does not exist */ - if ( ! raw ) { - ret = -ENOENT; - goto err_exists; - } - /* Sanity check */ assert ( setting->type != NULL ); assert ( setting->type->format != NULL ); @@ -1071,7 +1060,6 @@ int fetchf_setting ( struct settings *settings, struct setting *setting, err_format: free ( raw ); - err_exists: err_fetch_copy: return ret; } diff --git a/src/crypto/clientcert.c b/src/crypto/clientcert.c index 5ce1f6c1a..6f6bf1135 100644 --- a/src/crypto/clientcert.c +++ b/src/crypto/clientcert.c @@ -116,7 +116,6 @@ static int clientcert_apply_settings ( void ) { static void *cert = NULL; static void *key = NULL; int len; - int rc; /* Allow client certificate to be overridden only if * not explicitly specified at build time. @@ -129,14 +128,8 @@ static int clientcert_apply_settings ( void ) { /* Fetch new client certificate, if any */ free ( cert ); - len = fetch_setting_copy ( NULL, &cert_setting, &cert ); - if ( len < 0 ) { - rc = len; - DBGC ( &client_certificate, "CLIENTCERT cannot fetch " - "client certificate: %s\n", strerror ( rc ) ); - return rc; - } - if ( cert ) { + if ( ( len = fetch_setting_copy ( NULL, &cert_setting, + &cert ) ) >= 0 ) { client_certificate.data = cert; client_certificate.len = len; } @@ -147,14 +140,8 @@ static int clientcert_apply_settings ( void ) { /* Fetch new client private key, if any */ free ( key ); - len = fetch_setting_copy ( NULL, &privkey_setting, &key ); - if ( len < 0 ) { - rc = len; - DBGC ( &client_certificate, "CLIENTCERT cannot fetch " - "client private key: %s\n", strerror ( rc ) ); - return rc; - } - if ( key ) { + if ( ( len = fetch_setting_copy ( NULL, &privkey_setting, + &key ) ) >= 0 ) { client_private_key.data = key; client_private_key.len = len; } diff --git a/src/crypto/rootcert.c b/src/crypto/rootcert.c index 30ca170f5..2aa313340 100644 --- a/src/crypto/rootcert.c +++ b/src/crypto/rootcert.c @@ -91,7 +91,6 @@ struct x509_root root_certificates = { static void rootcert_init ( void ) { void *external = NULL; int len; - int rc; /* Allow trusted root certificates to be overridden only if * not explicitly specified at build time. @@ -101,21 +100,8 @@ static void rootcert_init ( void ) { /* Fetch copy of "trust" setting, if it exists. This * memory will never be freed. */ - len = fetch_setting_copy ( NULL, &trust_setting, &external ); - if ( len < 0 ) { - rc = len; - DBGC ( &root_certificates, "ROOTCERT cannot fetch " - "trusted root certificate fingerprints: %s\n", - strerror ( rc ) ); - /* No way to prevent startup; fail safe by - * trusting no certificates. - */ - root_certificates.count = 0; - return; - } - - /* Use certificates from "trust" setting, if present */ - if ( external ) { + if ( ( len = fetch_setting_copy ( NULL, &trust_setting, + &external ) ) >= 0 ) { root_certificates.fingerprints = external; root_certificates.count = ( len / FINGERPRINT_LEN ); } |