[Spice-devel] [PATCH 5/7] reds: Report errors from load_dh_params
Christophe Fergeau
cfergeau at redhat.com
Wed Sep 12 07:17:59 PDT 2012
---
server/reds.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/server/reds.c b/server/reds.c
index 983ca0f..2d312e9 100644
--- a/server/reds.c
+++ b/server/reds.c
@@ -3160,25 +3160,30 @@ static int reds_init_net(void)
return 0;
}
-static void load_dh_params(SSL_CTX *ctx, char *file)
+static int load_dh_params(SSL_CTX *ctx, char *file)
{
DH *ret = 0;
BIO *bio;
if ((bio = BIO_new_file(file, "r")) == NULL) {
spice_warning("Could not open DH file");
+ return -1;
}
ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
+ BIO_free(bio);
if (ret == 0) {
spice_warning("Could not read DH params");
+ return -1;
}
- BIO_free(bio);
if (SSL_CTX_set_tmp_dh(ctx, ret) < 0) {
spice_warning("Could not set DH params");
+ return -1;
}
+
+ return 0;
}
/*The password code is not thread safe*/
@@ -3289,7 +3294,9 @@ static int reds_init_ssl(void)
#endif
if (strlen(ssl_parameters.dh_key_file) > 0) {
- load_dh_params(reds->ctx, ssl_parameters.dh_key_file);
+ if (load_dh_params(reds->ctx, ssl_parameters.dh_key_file) < 0) {
+ return -1;
+ }
}
SSL_CTX_set_session_id_context(reds->ctx, (const unsigned char *)"SPICE", 5);
--
1.7.11.4
More information about the Spice-devel
mailing list