diff options
| author | Ricardo Mestre <mestre@cvs.openbsd.org> | 2016-11-30 07:57:22 +0000 |
|---|---|---|
| committer | Ricardo Mestre <mestre@cvs.openbsd.org> | 2016-11-30 07:57:22 +0000 |
| commit | d72c28992014a89be48b15bb6880a10241001df9 (patch) | |
| tree | db974c7f943184a79d86eb533c0d2cce6c9db395 /usr.sbin/ldapd/parse.y | |
| parent | 121bc50407670446db455d652bbd2e46f1cc4c31 (diff) | |
Check return value of tls_config_set_protocols(3) and bail out in case of
failure
Feedback and OK jsing@
Diffstat (limited to 'usr.sbin/ldapd/parse.y')
| -rw-r--r-- | usr.sbin/ldapd/parse.y | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/usr.sbin/ldapd/parse.y b/usr.sbin/ldapd/parse.y index b1971bf3d3a..d38dce4c644 100644 --- a/usr.sbin/ldapd/parse.y +++ b/usr.sbin/ldapd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.19 2016/07/13 16:35:47 jsing Exp $ */ +/* $OpenBSD: parse.y,v 1.20 2016/11/30 07:57:21 mestre Exp $ */ /* * Copyright (c) 2009, 2010 Martin Hedenfalk <martinh@openbsd.org> @@ -1213,7 +1213,11 @@ load_certfile(struct ldapd_config *env, const char *name, u_int8_t flags) if (s->config == NULL) goto err; - tls_config_set_protocols(s->config, TLS_PROTOCOLS_ALL); + if (tls_config_set_protocols(s->config, TLS_PROTOCOLS_ALL) != 0) { + log_warn("load_certfile: failed to set tls protocols: %s", + tls_config_error(s->config)); + goto err; + } if (tls_config_set_ciphers(s->config, "all")) { log_warn("load_certfile: failed to set tls ciphers: %s", tls_config_error(s->config)); |