shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Code

journal-remote: refuse to specify --trust option when gnutls is disabled

Browse Source 
and check_permission() should not be called in that case.

Replaces #22847.

(cherry picked from commit f7adeaeb89)
This commit is contained in:
Yu Watanabe 2022-03-24 16:58:59 +09:00 committed by Zbigniew Jędrzejewski-Szmek
parent 8d4c0d2383
commit bba396d78c
2 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/journal-remote/journal-remote-main.c
View File

@ -46,7 +46,11 @@ static const char* arg_output = NULL;
static char *arg_key = NULL;
static char *arg_cert = NULL;
static char *arg_trust = NULL;
#if HAVE_GNUTLS
static bool arg_trust_all = false;
#else
static bool arg_trust_all = true;
#endif
STATIC_DESTRUCTOR_REGISTER(arg_gnutls_log, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_key, freep);
@ -932,6 +936,7 @@ static int parse_argv(int argc, char *argv[]) {
break;
case ARG_TRUST:
#if HAVE_GNUTLS
if (arg_trust || arg_trust_all)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Confusing trusted CA configuration");
@ -939,16 +944,14 @@ static int parse_argv(int argc, char *argv[]) {
if (streq(optarg, "all"))
arg_trust_all = true;
else {
#if HAVE_GNUTLS
arg_trust = strdup(optarg);
if (!arg_trust)
return log_oom();
#else
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Option --trust is not available.");
#endif
}
#else
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Option --trust is not available.");
#endif
break;
case 'o':

2
src/journal-remote/microhttpd-util.c
View File

@ -300,7 +300,7 @@ int check_permissions(struct MHD_Connection *connection, int *code, char **hostn
#else
int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
return -EPERM;
assert_not_reached();
}
int setup_gnutls_logger(char **categories) {