[Asterisk-code-review] tcptls: Enable multiple TLS certificate chains (RSA+ECC+DSA)... (asterisk[master])

[Richard Mudgett]

Richard Mudgett has posted comments on this change.

Change subject: tcptls: Enable multiple TLS certificate chains (RSA+ECC+DSA) for server socket.
......................................................................


Patch Set 4: Code-Review+1

(1 comment)

https://gerrit.asterisk.org/#/c/431/4/main/tcptls.c
File main/tcptls.c:

Line 761: 		if (SSL_CTX_use_certificate_chain_file(cfg->ssl_ctx, cert_file) == 0) {
        : 			ast_log(LOG_ERROR, "TLS/SSL error loading %s cert file. <%s>\n", key_type, cert_file);
        : 		} else if (SSL_CTX_use_PrivateKey_file(cfg->ssl_ctx, cert_file, SSL_FILETYPE_PEM) == 0) {
        : 			ast_log(LOG_ERROR, "TLS/SSL error loading %s cert file. <%s>\n", key_type, cert_file);
        : 		} else if (SSL_CTX_check_private_key(cfg->ssl_ctx) == 0) {
        : 			ast_log(LOG_ERROR, "TLS/SSL error loading %s cert file. <%s>\n", key_type, cert_file);
        : 		}
This could be coded as:
if (SSL_CTX_use_certificate...
   || SSL_CTX_use_Private...
   || SSL_CTX_check_...) {
   ast_log(LOG_ERROR...
}

This way there is only one message instead of three identical messages.


-- 
To view, visit https://gerrit.asterisk.org/431
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Iada5e00d326db5ef86e0af7069b4dfa1b979da9a
Gerrit-PatchSet: 4
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
Gerrit-HasComments: Yes