journal-remote: refuse to specify --trust option when gnutls is disabled

and check_permission() should not be called in that case. Replaces #22847. (cherry picked from commit f7adeaeb897f6d24c50250e2d5fdc9797964b81e) (cherry picked from commit bba396d78ce4752b7446c014b5dfe9a521c870e0)
author: Yu Watanabe <watanabe.yu+github@gmail.com> 2022-03-24 16:58:59 +0900
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2022-04-28 19:13:02 +0200
commit: 7fe76ec72caef21abe4b3c2a948b750652723c55 (patch)
tree: 88d09547ad1d0f9bff212b2b049f7bf8e0e00d80
parent: bce3b46aaf8c7ad7ff7eeaafbf4b321ffdad9c07 (diff)
download: systemd-7fe76ec72caef21abe4b3c2a948b750652723c55.tar.gz
2 files changed, 9 insertions, 6 deletions
diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
index b46b4fc08e..4e2e29ef7c 100644
--- a/src/journal-remote/journal-remote-main.c
+++ b/src/journal-remote/journal-remote-main.c
@@ -46,7 +46,11 @@ static const char* arg_output = NULL;
 static char *arg_key = NULL;
 static char *arg_cert = NULL;
 static char *arg_trust = NULL;
+#if HAVE_GNUTLS
 static bool arg_trust_all = false;
+#else
+static bool arg_trust_all = true;
+#endif
 
 STATIC_DESTRUCTOR_REGISTER(arg_gnutls_log, strv_freep);
 STATIC_DESTRUCTOR_REGISTER(arg_key, freep);
@@ -932,6 +936,7 @@ static int parse_argv(int argc, char *argv[]) {
                         break;
 
                 case ARG_TRUST:
+#if HAVE_GNUTLS
                         if (arg_trust || arg_trust_all)
                                 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                                        "Confusing trusted CA configuration");
@@ -939,16 +944,14 @@ static int parse_argv(int argc, char *argv[]) {
                         if (streq(optarg, "all"))
                                 arg_trust_all = true;
                         else {
-#if HAVE_GNUTLS
                                 arg_trust = strdup(optarg);
                                 if (!arg_trust)
                                         return log_oom();
+                        }
 #else
-                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
-                                                       "Option --trust is not available.");
+                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
+                                               "Option --trust is not available.");
 #endif
-                        }
-
                         break;
 
                 case 'o':
diff --git a/src/journal-remote/microhttpd-util.c b/src/journal-remote/microhttpd-util.c
index e6a8254491..7c59d90ef4 100644
--- a/src/journal-remote/microhttpd-util.c
+++ b/src/journal-remote/microhttpd-util.c
@@ -300,7 +300,7 @@ int check_permissions(struct MHD_Connection *connection, int *code, char **hostn
 
 #else
 int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
-        return -EPERM;
+        assert_not_reached();
 }
 
 int setup_gnutls_logger(char **categories) {
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2022-03-24 16:58:59 +0900
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2022-04-28 19:13:02 +0200
commit	7fe76ec72caef21abe4b3c2a948b750652723c55 (patch)
tree	88d09547ad1d0f9bff212b2b049f7bf8e0e00d80
parent	bce3b46aaf8c7ad7ff7eeaafbf4b321ffdad9c07 (diff)
download	systemd-7fe76ec72caef21abe4b3c2a948b750652723c55.tar.gz