diff options
Diffstat (limited to 'runtime')
| -rw-r--r-- | runtime/cryprov.h | 2 | ||||
| -rw-r--r-- | runtime/libgcry.h | 2 | ||||
| -rw-r--r-- | runtime/msg.c | 2 | ||||
| -rw-r--r-- | runtime/msg.h | 1 | ||||
| -rw-r--r-- | runtime/nsd_gtls.c | 19 | ||||
| -rw-r--r-- | runtime/rsyslog.h | 5 |
6 files changed, 23 insertions, 8 deletions
diff --git a/runtime/cryprov.h b/runtime/cryprov.h index 8496b745..005b33f7 100644 --- a/runtime/cryprov.h +++ b/runtime/cryprov.h @@ -24,8 +24,6 @@ #ifndef INCLUDED_CRYPROV_H #define INCLUDED_CRYPROV_H -#include <gcrypt.h> - /* interface */ BEGINinterface(cryprov) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Construct)(void *ppThis); diff --git a/runtime/libgcry.h b/runtime/libgcry.h index b77b0f9e..83f508bf 100644 --- a/runtime/libgcry.h +++ b/runtime/libgcry.h @@ -21,7 +21,7 @@ #ifndef INCLUDED_LIBGCRY_H #define INCLUDED_LIBGCRY_H #include <stdint.h> - +#include <gcrypt.h> struct gcryctx_s { uchar *key; diff --git a/runtime/msg.c b/runtime/msg.c index 36cbd261..03906070 100644 --- a/runtime/msg.c +++ b/runtime/msg.c @@ -43,7 +43,7 @@ #include <libestr.h> #include <json.h> /* For struct json_object_iter, should not be necessary in future versions */ -#include <json/json_object_private.h> +#include <json_object_private.h> #if HAVE_MALLOC_H # include <malloc.h> #endif diff --git a/runtime/msg.h b/runtime/msg.h index ac220b63..e7babdbb 100644 --- a/runtime/msg.h +++ b/runtime/msg.h @@ -62,7 +62,6 @@ struct msg { once data has entered the queue, this property is no longer needed. */ pthread_mutex_t mut; int iRefCount; /* reference counter (0 = unused) */ - sbool bAlreadyFreed; /* aid to help detect a well-hidden bad bug -- TODO: remove when no longer needed */ sbool bParseSuccess; /* set to reflect state of last executed higher level parser */ short iSeverity; /* the severity 0..7 */ short iFacility; /* Facility code 0 .. 23*/ diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index 6ef4feba..1110c7a4 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -2,7 +2,7 @@ * * An implementation of the nsd interface for GnuTLS. * - * Copyright (C) 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * Copyright (C) 2007-2013 Rainer Gerhards and Adiscon GmbH. * * This file is part of the rsyslog runtime library. * @@ -547,10 +547,20 @@ gtlsAddOurCert(void) keyFile = glbl.GetDfltNetstrmDrvrKeyFile(); dbgprintf("GTLS certificate file: '%s'\n", certFile); dbgprintf("GTLS key file: '%s'\n", keyFile); + if(certFile == NULL) { + errmsg.LogError(0, RS_RET_CERT_MISSING, "error: certificate file is not set, cannot " + "continue"); + ABORT_FINALIZE(RS_RET_CERT_MISSING); + } + if(keyFile == NULL) { + errmsg.LogError(0, RS_RET_CERTKEY_MISSING, "error: key file is not set, cannot " + "continue"); + ABORT_FINALIZE(RS_RET_CERTKEY_MISSING); + } CHKgnutls(gnutls_certificate_set_x509_key_file(xcred, (char*)certFile, (char*)keyFile, GNUTLS_X509_FMT_PEM)); finalize_it: - if(iRet != RS_RET_OK) { + if(iRet != RS_RET_OK && iRet != RS_RET_CERT_MISSING && iRet != RS_RET_CERTKEY_MISSING) { pGnuErr = gtlsStrerror(gnuRet); errno = 0; errmsg.LogError(0, iRet, "error adding our certificate. GnuTLS error %d, message: '%s', " @@ -580,6 +590,11 @@ gtlsGlblInit(void) /* sets the trusted cas file */ cafile = glbl.GetDfltNetstrmDrvrCAF(); + if(cafile == NULL) { + errmsg.LogError(0, RS_RET_CA_CERT_MISSING, "error: ca certificate is not set, cannot " + "continue"); + ABORT_FINALIZE(RS_RET_CA_CERT_MISSING); + } dbgprintf("GTLS CA file: '%s'\n", cafile); gnuRet = gnutls_certificate_set_x509_trust_file(xcred, (char*)cafile, GNUTLS_X509_FMT_PEM); if(gnuRet < 0) { diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 47b34783..e62ba867 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -3,7 +3,7 @@ * * Begun 2005-09-15 RGerhards * - * Copyright (C) 2005-2008 by Rainer Gerhards and Adiscon GmbH + * Copyright (C) 2005-2013 by Rainer Gerhards and Adiscon GmbH * * This file is part of the rsyslog runtime library. * @@ -413,6 +413,9 @@ enum rsRetVal_ /** return value. All methods return this if not specified oth RS_RET_CRY_INVLD_ALGO = -2326,/**< user specified invalid (unkonwn) crypto algorithm */ RS_RET_CRY_INVLD_MODE = -2327,/**< user specified invalid (unkonwn) crypto mode */ RS_RET_QUEUE_DISK_NO_FN = -2328,/**< disk queue configured, but filename not set */ + RS_RET_CA_CERT_MISSING = -2329,/**< a CA cert is missing where one is required (e.g. TLS) */ + RS_RET_CERT_MISSING = -2330,/**< a cert is missing where one is required (e.g. TLS) */ + RS_RET_CERTKEY_MISSING = -2331,/**< a cert (private) key is missing where one is required (e.g. TLS) */ /* RainerScript error messages (range 1000.. 1999) */ RS_RET_SYSVAR_NOT_FOUND = 1001, /**< system variable could not be found (maybe misspelled) */ |