experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added validation of clixon-restconf.yang: server-key-path and server-cert-path must be present if ssl enabled.

Browse source
This commit is contained in:
Olof hagsand 2021-01-21 12:11:26 +01:00
parent f1449a2542
commit 2d402b7ba5
6 changed files with 222 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

13
apps/restconf/restconf_main_evhtp.c
View file

@ -530,8 +530,16 @@ cx_get_ssl_server_certs(clicon_handle h,
int retval = -1;
struct stat f_stat;
if (ssl_config == NULL || server_cert_path == NULL){
clicon_err(OE_CFG, EINVAL, "Input parameter is NULL");
if (ssl_config == NULL){
clicon_err(OE_CFG, EINVAL, "ssl_config is NULL");
goto done;
}
if (server_cert_path == NULL){
clicon_err(OE_CFG, EINVAL, "server_cert_path is not set but is required when ssl is enabled");
goto done;
}
if (server_key_path == NULL){
clicon_err(OE_CFG, EINVAL, "server_key_path is not set but is required when ssl is enabled");
goto done;
}
if ((ssl_config->pemfile = strdup(server_cert_path)) == NULL){
@ -695,7 +703,6 @@ restconf_socket_init(clicon_handle h,
// return evhtp_bind_sockaddr(htp, sa, sin_len, SOCKET_LISTEN_BACKLOG);
}
/*! Usage help routine
* @param[in] argv0 command line
* @param[in] h Clicon handle