rpc: skip fallback when using custom PKI path

The virNetTLSConfigCustomCreds will always set the cert paths
to non-NULL strings. This in turn means that the later call to
virNetTLSConfigSystemCreds will be a no-op aside from duplicating
log information. Refactor the conditions so that the call to
find system credentials is skipped when using custom credentials.

While this patch could have just done an early "return 0" after
the virNetTLSConfigCustomCreds call, an "} else {" branch is
instead added, since this will facilitate a later patch in this
series which prefers a common return path.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
index 5e9c262b48b87dfd6f71d4f2994e75bd550dec15..37f635f47fa02fea7d6e12c02998ac34571abadb 100644 (file)
--- a/src/rpc/virnettlscontext.c
+++ b/src/rpc/virnettlscontext.c
@@ -271,32 +271,34 @@ static int virNetTLSContextLocateCredentials(const char *pkipath,
         virNetTLSConfigCustomCreds(pkipath, isServer,
                                    cacert, cacrl,
                                    cert, key);
-    } else if (tryUserPkiPath) {
-        virNetTLSConfigUserCreds(isServer,
-                                 cacert, cacrl,
-                                 cert, key);
-
-        /*
-         * If some of the files can't be found, fallback
-         * to the global location for them
-         */
-        if (!virFileExists(*cacert))
-            VIR_FREE(*cacert);
-        if (!virFileExists(*cacrl))
-            VIR_FREE(*cacrl);
-
-        /* Check these as a pair, since it they are
-         * mutually dependent
-         */
-        if (!virFileExists(*key) || !virFileExists(*cert)) {
-            VIR_FREE(*key);
-            VIR_FREE(*cert);
+    } else {
+        if (tryUserPkiPath) {
+            virNetTLSConfigUserCreds(isServer,
+                                     cacert, cacrl,
+                                     cert, key);
+
+            /*
+             * If some of the files can't be found, fallback
+             * to the global location for them
+             */
+            if (!virFileExists(*cacert))
+                VIR_FREE(*cacert);
+            if (!virFileExists(*cacrl))
+                VIR_FREE(*cacrl);
+
+            /* Check these as a pair, since it they are
+             * mutually dependent
+             */
+            if (!virFileExists(*key) || !virFileExists(*cert)) {
+                VIR_FREE(*key);
+                VIR_FREE(*cert);
+            }
         }
-    }
 
-    virNetTLSConfigSystemCreds(isServer,
-                               cacert, cacrl,
-                               cert, key);
+        virNetTLSConfigSystemCreds(isServer,
+                                   cacert, cacrl,
+                                   cert, key);
+    }
 
     return 0;
 }