diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2022-03-24 16:58:59 +0900 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2022-04-28 19:13:02 +0200 |
commit | 7fe76ec72caef21abe4b3c2a948b750652723c55 (patch) | |
tree | 88d09547ad1d0f9bff212b2b049f7bf8e0e00d80 | |
parent | bce3b46aaf8c7ad7ff7eeaafbf4b321ffdad9c07 (diff) | |
download | systemd-7fe76ec72caef21abe4b3c2a948b750652723c55.tar.gz |
journal-remote: refuse to specify --trust option when gnutls is disabled
and check_permission() should not be called in that case.
Replaces #22847.
(cherry picked from commit f7adeaeb897f6d24c50250e2d5fdc9797964b81e)
(cherry picked from commit bba396d78ce4752b7446c014b5dfe9a521c870e0)
-rw-r--r-- | src/journal-remote/journal-remote-main.c | 13 | ||||
-rw-r--r-- | src/journal-remote/microhttpd-util.c | 2 |
2 files changed, 9 insertions, 6 deletions
diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c index b46b4fc08e..4e2e29ef7c 100644 --- a/src/journal-remote/journal-remote-main.c +++ b/src/journal-remote/journal-remote-main.c @@ -46,7 +46,11 @@ static const char* arg_output = NULL; static char *arg_key = NULL; static char *arg_cert = NULL; static char *arg_trust = NULL; +#if HAVE_GNUTLS static bool arg_trust_all = false; +#else +static bool arg_trust_all = true; +#endif STATIC_DESTRUCTOR_REGISTER(arg_gnutls_log, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_key, freep); @@ -932,6 +936,7 @@ static int parse_argv(int argc, char *argv[]) { break; case ARG_TRUST: +#if HAVE_GNUTLS if (arg_trust || arg_trust_all) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Confusing trusted CA configuration"); @@ -939,16 +944,14 @@ static int parse_argv(int argc, char *argv[]) { if (streq(optarg, "all")) arg_trust_all = true; else { -#if HAVE_GNUTLS arg_trust = strdup(optarg); if (!arg_trust) return log_oom(); + } #else - return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "Option --trust is not available."); + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), + "Option --trust is not available."); #endif - } - break; case 'o': diff --git a/src/journal-remote/microhttpd-util.c b/src/journal-remote/microhttpd-util.c index e6a8254491..7c59d90ef4 100644 --- a/src/journal-remote/microhttpd-util.c +++ b/src/journal-remote/microhttpd-util.c @@ -300,7 +300,7 @@ int check_permissions(struct MHD_Connection *connection, int *code, char **hostn #else int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) { - return -EPERM; + assert_not_reached(); } int setup_gnutls_logger(char **categories) { |