From: Ben Pfaff Date: Thu, 5 Mar 2009 20:27:46 +0000 (-0800) Subject: vconn-ssl: Log all errors when trying to create a connection, not just the first. X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3b4b4e17c67c4fef2baaf82350e836d7534d2fa;p=openvswitch vconn-ssl: Log all errors when trying to create a connection, not just the first. This will, I hope, help administrators to see whether just one setting or all of them are unconfigured. --- diff --git a/lib/vconn-ssl.c b/lib/vconn-ssl.c index 7f415a09..9318f705 100644 --- a/lib/vconn-ssl.c +++ b/lib/vconn-ssl.c @@ -207,21 +207,25 @@ new_ssl_vconn(const char *name, int fd, enum session_type type, int retval; /* Check for all the needful configuration. */ + retval = 0; if (!has_private_key) { VLOG_ERR("Private key must be configured to use SSL"); - goto error; + retval = ENOPROTOOPT; } if (!has_certificate) { VLOG_ERR("Certificate must be configured to use SSL"); - goto error; + retval = ENOPROTOOPT; } if (!has_ca_cert && !bootstrap_ca_cert) { VLOG_ERR("CA certificate must be configured to use SSL"); - goto error; + retval = ENOPROTOOPT; } if (!SSL_CTX_check_private_key(ctx)) { VLOG_ERR("Private key does not match certificate public key: %s", ERR_error_string(ERR_get_error(), NULL)); + retval = ENOPROTOOPT; + } + if (retval) { goto error; } @@ -229,19 +233,20 @@ new_ssl_vconn(const char *name, int fd, enum session_type type, retval = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof on); if (retval) { VLOG_ERR("%s: setsockopt(TCP_NODELAY): %s", name, strerror(errno)); - close(fd); - return errno; + retval = errno; + goto error; } /* Create and configure OpenSSL stream. */ ssl = SSL_new(ctx); if (ssl == NULL) { VLOG_ERR("SSL_new: %s", ERR_error_string(ERR_get_error(), NULL)); - close(fd); - return ENOPROTOOPT; + retval = ENOPROTOOPT; + goto error; } if (SSL_set_fd(ssl, fd) == 0) { VLOG_ERR("SSL_set_fd: %s", ERR_error_string(ERR_get_error(), NULL)); + retval = ENOPROTOOPT; goto error; } if (bootstrap_ca_cert && type == CLIENT) { @@ -268,7 +273,7 @@ error: SSL_free(ssl); } close(fd); - return ENOPROTOOPT; + return retval; } static struct ssl_vconn *