kezhuw commented on code in PR #2257:
URL: https://github.com/apache/zookeeper/pull/2257#discussion_r2123355809
##########
zookeeper-client/zookeeper-client-c/src/zookeeper.c:
##########
@@ -2769,27 +2769,30 @@ static int init_ssl_for_socket(zsock_t *fd, zhandle_t
*zh, int fail_on_error) {
errno = EINVAL;
return ZBADARGUMENTS;
}
- /*CLIENT CA FILE (With Certificate Chain)*/
- if (SSL_CTX_use_certificate_chain_file(*ctx, fd->cert->cert) != 1) {
- SSL_CTX_free(*ctx);
- LOG_ERROR(LOGCALLBACK(zh), "Failed to load client certificate
chain from %s", fd->cert->cert);
- errno = EINVAL;
- return ZBADARGUMENTS;
- }
- /*CLIENT PRIVATE KEY*/
- SSL_CTX_set_default_passwd_cb_userdata(*ctx, fd->cert->passwd);
- if (SSL_CTX_use_PrivateKey_file(*ctx, fd->cert->key, SSL_FILETYPE_PEM)
!= 1) {
- SSL_CTX_free(*ctx);
- LOG_ERROR(LOGCALLBACK(zh), "Failed to load client private key from
%s", fd->cert->key);
- errno = EINVAL;
- return ZBADARGUMENTS;
- }
- /*CHECK*/
- if (SSL_CTX_check_private_key(*ctx) != 1) {
- SSL_CTX_free(*ctx);
- LOG_ERROR(LOGCALLBACK(zh), "SSL_CTX_check_private_key failed");
- errno = EINVAL;
- return ZBADARGUMENTS;
+ if (fd->cert->cert != NULL && fd->cert->passwd != NULL &&
fd->cert->key != NULL)
Review Comment:
Hi @eseabrook1, I created eseabrook1/zookeeper#1 to add test case for this
pr. Would you mind take a look ? This pr will be updated automatically once you
merged that pr.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
