---------------------
PatchSet 5548 
Date: 2002/12/09 16:57:53
Author: hno
Branch: ssl-2_5
Tag: (none) 
Log:
MFC: Complain loudly about certificate errors

Members: 
	src/cache_cf.c:1.38.6.9.2.1->1.38.6.9.2.2 
	src/ssl_support.c:1.6.6.1.2.1->1.6.6.1.2.2 

Index: squid/src/cache_cf.c
===================================================================
RCS file: /cvsroot/squid-sf//squid/src/cache_cf.c,v
retrieving revision 1.38.6.9.2.1
retrieving revision 1.38.6.9.2.2
diff -u -r1.38.6.9.2.1 -r1.38.6.9.2.2
--- squid/src/cache_cf.c	29 Nov 2002 17:49:18 -0000	1.38.6.9.2.1
+++ squid/src/cache_cf.c	9 Dec 2002 16:57:53 -0000	1.38.6.9.2.2
@@ -1,6 +1,6 @@
 
 /*
- * $Id: cache_cf.c,v 1.38.6.9.2.1 2002/11/29 17:49:18 hno Exp $
+ * $Id: cache_cf.c,v 1.38.6.9.2.2 2002/12/09 16:57:53 hno Exp $
  *
  * DEBUG: section 3     Configuration File Parsing
  * AUTHOR: Harvest Derived
@@ -2393,6 +2393,8 @@
     while (*head)
 	head = &(*head)->next;
     s->sslContext = sslCreateServerContext(s->cert, s->key, s->version, s->cipher, s->options, s->sslflags, s->clientca, s->cafile, s->capath);
+    if (!s->sslContext)
+	self_destruct();
     *head = s;
 }
 
Index: squid/src/ssl_support.c
===================================================================
RCS file: /cvsroot/squid-sf//squid/src/ssl_support.c,v
retrieving revision 1.6.6.1.2.1
retrieving revision 1.6.6.1.2.2
diff -u -r1.6.6.1.2.1 -r1.6.6.1.2.2
--- squid/src/ssl_support.c	29 Nov 2002 17:49:20 -0000	1.6.6.1.2.1
+++ squid/src/ssl_support.c	9 Dec 2002 16:57:53 -0000	1.6.6.1.2.2
@@ -381,14 +381,14 @@
     debug(83, 1) ("Using certificate in %s\n", certfile);
     if (!SSL_CTX_use_certificate_chain_file(sslContext, certfile)) {
 	ssl_error = ERR_get_error();
-	debug(83, 1) ("Failed to acquire SSL certificate '%s': %s\n",
+	debug(83, 0) ("Failed to acquire SSL certificate '%s': %s\n",
 	    certfile, ERR_error_string(ssl_error, NULL));
 	goto error;
     }
     debug(83, 1) ("Using private key in %s\n", keyfile);
     if (!SSL_CTX_use_PrivateKey_file(sslContext, keyfile, SSL_FILETYPE_PEM)) {
 	ssl_error = ERR_get_error();
-	debug(83, 1) ("Failed to acquire SSL private key '%s': %s\n",
+	debug(83, 0) ("Failed to acquire SSL private key '%s': %s\n",
 	    keyfile, ERR_error_string(ssl_error, NULL));
 	goto error;
     }