term_ua_server();
term_msg(); /* terminate message handler */
stop_watchdog();
-#ifdef HAVE_TLS
cleanup_tls();
-#endif
close_memory_pool(); /* release free memory in pool */
sm_dump(false);
exit(sig);
#ifdef HAVE_TLS
/* tls_require implies tls_enable */
if (director->tls_require) {
- director->tls_enable = true;
+ director->tls_enable = true;
}
if (!director->tls_certfile && director->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
if (!director->tls_keyfile && director->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
if ((!director->tls_ca_certfile && !director->tls_ca_certdir) && director->tls_enable && director->tls_verify_peer) {
- Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
- " Certificate Dir\" are defined for Director \"%s\" in %s."
- " At least one CA certificate store is required"
- " when using \"TLS Verify Peer\".\n"),
- director->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
+ " Certificate Dir\" are defined for Director \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
/* If everything is well, attempt to initialize our per-resource TLS context */
if (OK && (director->tls_enable || director->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- director->tls_ctx = new_tls_context(director->tls_ca_certfile,
- director->tls_ca_certdir, director->tls_certfile,
- director->tls_keyfile, NULL, NULL, director->tls_dhfile,
- director->tls_verify_peer);
-
- if (!director->tls_ctx) {
- Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
- }
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ director->tls_ctx = new_tls_context(director->tls_ca_certfile,
+ director->tls_ca_certdir, director->tls_certfile,
+ director->tls_keyfile, NULL, NULL, director->tls_dhfile,
+ director->tls_verify_peer);
+
+ if (!director->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
+ }
}
#endif /* HAVE_TLS */
}
}
#ifdef HAVE_TLS
- /* tls_require implies tls_enable */
- if (store->tls_require) {
- store->tls_enable = true;
- }
-
- if ((!store->tls_ca_certfile && !store->tls_ca_certdir) && store->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
- " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s.\n"),
- store->hdr.name, configfile);
- OK = false;
- }
-
- /* If everything is well, attempt to initialize our per-resource TLS context */
- if (OK && (store->tls_enable || store->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- store->tls_ctx = new_tls_context(store->tls_ca_certfile,
- store->tls_ca_certdir, store->tls_certfile,
- store->tls_keyfile, NULL, NULL, NULL, true);
-
- if (!store->tls_ctx) {
- Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
- store->hdr.name, configfile);
- OK = false;
- }
- }
+ /* tls_require implies tls_enable */
+ if (store->tls_require) {
+ store->tls_enable = true;
+ }
+
+ if ((!store->tls_ca_certfile && !store->tls_ca_certdir) && store->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
+ }
+
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (store->tls_enable || store->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ store->tls_ctx = new_tls_context(store->tls_ca_certfile,
+ store->tls_ca_certdir, store->tls_certfile,
+ store->tls_keyfile, NULL, NULL, NULL, true);
+
+ if (!store->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
+ }
+ }
#endif /* HAVE_TLS */
}
foreach_res(cons, R_CONSOLE) {
/* tls_require implies tls_enable */
if (cons->tls_require) {
- cons->tls_enable = true;
+ cons->tls_enable = true;
}
if (!cons->tls_certfile && cons->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Console \"%s\" in %s.\n"),
- cons->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Console \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
}
if (!cons->tls_keyfile && cons->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Console \"%s\" in %s.\n"),
- cons->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Console \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
}
if ((!cons->tls_ca_certfile && !cons->tls_ca_certdir) && cons->tls_enable && cons->tls_verify_peer) {
- Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
- " Certificate Dir\" are defined for Console \"%s\" in %s."
- " At least one CA certificate store is required"
- " when using \"TLS Verify Peer\".\n"),
- cons->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
+ " Certificate Dir\" are defined for Console \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ cons->hdr.name, configfile);
+ OK = false;
}
/* If everything is well, attempt to initialize our per-resource TLS context */
if (OK && (cons->tls_enable || cons->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- cons->tls_ctx = new_tls_context(cons->tls_ca_certfile,
- cons->tls_ca_certdir, cons->tls_certfile,
- cons->tls_keyfile, NULL, NULL, cons->tls_dhfile, cons->tls_verify_peer);
-
- if (!cons->tls_ctx) {
- Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
- cons->hdr.name, configfile);
- OK = false;
- }
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ cons->tls_ctx = new_tls_context(cons->tls_ca_certfile,
+ cons->tls_ca_certdir, cons->tls_certfile,
+ cons->tls_keyfile, NULL, NULL, cons->tls_dhfile, cons->tls_verify_peer);
+
+ if (!cons->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
}
}
foreach_res(client, R_CLIENT) {
/* tls_require implies tls_enable */
if (client->tls_require) {
- client->tls_enable = true;
+ client->tls_enable = true;
}
if ((!client->tls_ca_certfile && !client->tls_ca_certdir) && client->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
- " or \"TLS CA Certificate Dir\" are defined for File daemon \"%s\" in %s.\n"),
- client->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for File daemon \"%s\" in %s.\n"),
+ client->hdr.name, configfile);
+ OK = false;
}
/* If everything is well, attempt to initialize our per-resource TLS context */
if (OK && (client->tls_enable || client->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- client->tls_ctx = new_tls_context(client->tls_ca_certfile,
- client->tls_ca_certdir, client->tls_certfile,
- client->tls_keyfile, NULL, NULL, NULL,
- true);
-
- if (!client->tls_ctx) {
- Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
- client->hdr.name, configfile);
- OK = false;
- }
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ client->tls_ctx = new_tls_context(client->tls_ca_certfile,
+ client->tls_ca_certdir, client->tls_certfile,
+ client->tls_keyfile, NULL, NULL, NULL,
+ true);
+
+ if (!client->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
+ client->hdr.name, configfile);
+ OK = false;
+ }
}
}
#endif /* HAVE_TLS */
free_config_resources();
term_msg();
stop_watchdog();
-#ifdef HAVE_TLS
cleanup_tls();
-#endif
close_memory_pool(); /* release free memory in pool */
sm_dump(false); /* dump orphaned buffers */
exit(sig);
OK = false;
} else {
if (GetNextRes(R_CLIENT, (RES *) me) != NULL) {
- Emsg1(M_FATAL, 0, _("Only one Client resource permitted in %s\n"),
- configfile);
- OK = false;
+ Emsg1(M_FATAL, 0, _("Only one Client resource permitted in %s\n"),
+ configfile);
+ OK = false;
}
my_name_is(0, NULL, me->hdr.name);
if (!me->messages) {
- me->messages = (MSGS *)GetNextRes(R_MSGS, NULL);
+ me->messages = (MSGS *)GetNextRes(R_MSGS, NULL);
if (!me->messages) {
Emsg1(M_FATAL, 0, _("No Messages resource defined in %s\n"), configfile);
- OK = false;
+ OK = false;
}
}
#ifdef HAVE_TLS
/* tls_require implies tls_enable */
if (me->tls_require) {
- me->tls_enable = true;
+ me->tls_enable = true;
}
if ((!me->tls_ca_certfile && !me->tls_ca_certdir) && me->tls_enable) {
- Emsg1(M_FATAL, 0, _("Neither \"TLS CA Certificate\""
- " or \"TLS CA Certificate Dir\" are defined for File daemon in %s.\n"),
- configfile);
- OK = false;
+ Emsg1(M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for File daemon in %s.\n"),
+ configfile);
+ OK = false;
}
/* If everything is well, attempt to initialize our per-resource TLS context */
if (OK && (me->tls_enable || me->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- me->tls_ctx = new_tls_context(me->tls_ca_certfile,
- me->tls_ca_certdir, me->tls_certfile, me->tls_keyfile,
- NULL, NULL, NULL, true);
-
- if (!me->tls_ctx) {
- Emsg2(M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
- me->hdr.name, configfile);
- OK = false;
- }
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ me->tls_ctx = new_tls_context(me->tls_ca_certfile,
+ me->tls_ca_certdir, me->tls_certfile, me->tls_keyfile,
+ NULL, NULL, NULL, true);
+
+ if (!me->tls_ctx) {
+ Emsg2(M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
+ me->hdr.name, configfile);
+ OK = false;
+ }
}
#endif /* HAVE_TLS */
UnlockRes();
if (!director) {
Emsg1(M_FATAL, 0, _("No Director resource defined in %s\n"),
- configfile);
+ configfile);
OK = false;
}
foreach_res(director, R_DIRECTOR) {
/* tls_require implies tls_enable */
if (director->tls_require) {
- director->tls_enable = true;
+ director->tls_enable = true;
}
if (!director->tls_certfile && director->tls_enable) {
- Emsg2(M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
+ Emsg2(M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
if (!director->tls_keyfile && director->tls_enable) {
- Emsg2(M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
+ Emsg2(M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
if ((!director->tls_ca_certfile && !director->tls_ca_certdir) && director->tls_enable && director->tls_verify_peer) {
- Emsg2(M_FATAL, 0, _("Neither \"TLS CA Certificate\""
- " or \"TLS CA Certificate Dir\" are defined for Director \"%s\" in %s."
- " At least one CA certificate store is required"
- " when using \"TLS Verify Peer\".\n"),
- director->hdr.name, configfile);
- OK = false;
+ Emsg2(M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for Director \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
/* If everything is well, attempt to initialize our per-resource TLS context */
if (OK && (director->tls_enable || director->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- director->tls_ctx = new_tls_context(director->tls_ca_certfile,
- director->tls_ca_certdir, director->tls_certfile,
- director->tls_keyfile, NULL, NULL, director->tls_dhfile,
- director->tls_verify_peer);
-
- if (!director->tls_ctx) {
- Emsg2(M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
- }
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ director->tls_ctx = new_tls_context(director->tls_ca_certfile,
+ director->tls_ca_certdir, director->tls_certfile,
+ director->tls_keyfile, NULL, NULL, director->tls_dhfile,
+ director->tls_verify_peer);
+
+ if (!director->tls_ctx) {
+ Emsg2(M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
+ }
}
}
#endif /* HAVE_TLS */
return OK;
}
-
bool bnet_sig (BSOCK *bs, int sig);
#ifdef HAVE_TLS
int bnet_tls_server (TLS_CONTEXT *ctx, BSOCK *bsock,
- alist *verify_list);
+ alist *verify_list);
int bnet_tls_client (TLS_CONTEXT *ctx, BSOCK *bsock);
#endif /* HAVE_TLS */
BSOCK * bnet_connect (JCR *jcr, int retry_interval,
/* tls.c */
-#ifdef HAVE_TLS
int init_tls (void);
int cleanup_tls (void);
+
+#ifdef HAVE_TLS
TLS_CONTEXT *new_tls_context (const char *ca_certfile,
const char *ca_certdir,
- const char *certfile,
- const char *keyfile,
- TLS_PEM_PASSWD_CB *pem_callback,
- const void *pem_userdata,
- const char *dhfile,
- bool verify_peer);
+ const char *certfile,
+ const char *keyfile,
+ TLS_PEM_PASSWD_CB *pem_callback,
+ const void *pem_userdata,
+ const char *dhfile,
+ bool verify_peer);
void free_tls_context (TLS_CONTEXT *ctx);
-bool tls_postconnect_verify_host (TLS_CONNECTION *tls,
- const char *host);
-bool tls_postconnect_verify_cn (TLS_CONNECTION *tls,
- alist *verify_list);
+bool tls_postconnect_verify_host (TLS_CONNECTION *tls,
+ const char *host);
+bool tls_postconnect_verify_cn (TLS_CONNECTION *tls,
+ alist *verify_list);
TLS_CONNECTION *new_tls_connection (TLS_CONTEXT *ctx, int fd);
void free_tls_connection (TLS_CONNECTION *tls);
bool tls_bsock_connect (BSOCK *bsock);
bool tls_bsock_accept (BSOCK *bsock);
void tls_bsock_shutdown (BSOCK *bsock);
-int tls_bsock_writen (BSOCK *bsock, char *ptr, int32_t nbytes);
-int tls_bsock_readn (BSOCK *bsock, char *ptr, int32_t nbytes);
+int tls_bsock_writen (BSOCK *bsock, char *ptr, int32_t nbytes);
+int tls_bsock_readn (BSOCK *bsock, char *ptr, int32_t nbytes);
#endif /* HAVE_TLS */
#else
+/* Dummy routines */
int init_tls(void) { return 0; }
+int cleanup_tls (void) { return 0; }
#endif /* HAVE_TLS */
{
bool OK = true;
AUTOCHANGER *changer;
-#ifdef HAVE_TLS
- DIRRES *director;
- STORES *store;
-#endif
LockRes();
if (!me->messages) {
Jmsg1(NULL, M_ERROR, 0, _("No Messages resource defined in %s. Cannot continue.\n"),
configfile);
- OK = false;
+ OK = false;
}
}
}
#ifdef HAVE_TLS
+ DIRRES *director;
+ STORES *store;
foreach_res(store, R_STORAGE) {
/* tls_require implies tls_enable */
if (store->tls_require) {
- store->tls_enable = true;
+ store->tls_enable = true;
}
if (!store->tls_certfile && store->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Storage \"%s\" in %s.\n"),
- store->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
}
if (!store->tls_keyfile && store->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Storage \"%s\" in %s.\n"),
- store->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
}
if ((!store->tls_ca_certfile && !store->tls_ca_certdir) && store->tls_enable && store->tls_verify_peer) {
- Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
- " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s."
- " At least one CA certificate store is required"
- " when using \"TLS Verify Peer\".\n"),
- store->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ store->hdr.name, configfile);
+ OK = false;
}
/* If everything is well, attempt to initialize our per-resource TLS context */
if (OK && (store->tls_enable || store->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- store->tls_ctx = new_tls_context(store->tls_ca_certfile,
- store->tls_ca_certdir, store->tls_certfile,
- store->tls_keyfile, NULL, NULL, store->tls_dhfile,
- store->tls_verify_peer);
-
- if (!store->tls_ctx) {
- Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
- store->hdr.name, configfile);
- OK = false;
- }
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ store->tls_ctx = new_tls_context(store->tls_ca_certfile,
+ store->tls_ca_certdir, store->tls_certfile,
+ store->tls_keyfile, NULL, NULL, store->tls_dhfile,
+ store->tls_verify_peer);
+
+ if (!store->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
+ }
}
}
-#endif /* HAVE_TLS */
-
-#ifdef HAVE_TLS
foreach_res(director, R_DIRECTOR) {
/* tls_require implies tls_enable */
if (director->tls_require) {
- director->tls_enable = true;
+ director->tls_enable = true;
}
if (!director->tls_certfile && director->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
if (!director->tls_keyfile && director->tls_enable) {
- Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
if ((!director->tls_ca_certfile && !director->tls_ca_certdir) && director->tls_enable && director->tls_verify_peer) {
- Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
- " or \"TLS CA Certificate Dir\" are defined for Director \"%s\" in %s."
- " At least one CA certificate store is required"
- " when using \"TLS Verify Peer\".\n"),
- director->hdr.name, configfile);
- OK = false;
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for Director \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ director->hdr.name, configfile);
+ OK = false;
}
/* If everything is well, attempt to initialize our per-resource TLS context */
if (OK && (director->tls_enable || director->tls_require)) {
- /* Initialize TLS context:
- * Args: CA certfile, CA certdir, Certfile, Keyfile,
- * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
- director->tls_ctx = new_tls_context(director->tls_ca_certfile,
- director->tls_ca_certdir, director->tls_certfile,
- director->tls_keyfile, NULL, NULL, director->tls_dhfile,
- director->tls_verify_peer);
-
- if (!director->tls_ctx) {
- Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
- director->hdr.name, configfile);
- OK = false;
- }
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ director->tls_ctx = new_tls_context(director->tls_ca_certfile,
+ director->tls_ca_certdir, director->tls_certfile,
+ director->tls_keyfile, NULL, NULL, director->tls_dhfile,
+ director->tls_verify_peer);
+
+ if (!director->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
+ }
}
}
#endif /* HAVE_TLS */
Jmsg(NULL, M_ERROR, 0,
_("Media Type not the same for all devices in changer %s. Cannot continue.\n"),
changer->hdr.name);
- OK = false;
- continue;
+ OK = false;
+ continue;
}
/*
* If the device does not have a changer name or changer command
}
term_msg();
stop_watchdog();
-#ifdef HAVE_TLS
cleanup_tls();
-#endif
close_memory_pool();
sm_dump(false); /* dump orphaned buffers */