resolved: add missing error code check when initializing DNS-over-TLS

[thirdparty/systemd.git] / src / resolve / resolved-dnstls-gnutls.c

diff --git a/src/resolve/resolved-dnstls-gnutls.c b/src/resolve/resolved-dnstls-gnutls.c
index ddf9758bb39056d0cf103ab5928846202668267a..d824d6ca5acd152def3e0e3ced5b03095ce1b1df 100644 (file)
--- a/src/resolve/resolved-dnstls-gnutls.c
+++ b/src/resolve/resolved-dnstls-gnutls.c
@@ -41,7 +41,7 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) {
         if (r < 0)
                 return r;
 
-        r = gnutls_credentials_set(gs, GNUTLS_CRD_CERTIFICATE, server->dnstls_data.cert_cred);
+        r = gnutls_credentials_set(gs, GNUTLS_CRD_CERTIFICATE, stream->manager->dnstls_data.cert_cred);
         if (r < 0)
                 return r;
 
@@ -120,7 +120,7 @@ int dnstls_stream_shutdown(DnsStream *stream, int error) {
         assert(stream->encrypted);
         assert(stream->dnstls_data.session);
 
-        /* Store TLS Ticket for faster succesive TLS handshakes */
+        /* Store TLS Ticket for faster successive TLS handshakes */
         if (stream->server && stream->server->dnstls_data.session_data.size == 0 && stream->dnstls_data.handshake == GNUTLS_E_SUCCESS)
                 gnutls_session_get_data2(stream->dnstls_data.session, &stream->server->dnstls_data.session_data);
 
@@ -187,19 +187,27 @@ ssize_t dnstls_stream_read(DnsStream *stream, void *buf, size_t count) {
         return ss;
 }
 
-void dnstls_server_init(DnsServer *server) {
+void dnstls_server_free(DnsServer *server) {
         assert(server);
 
-        /* Do not verify cerificate */
-        gnutls_certificate_allocate_credentials(&server->dnstls_data.cert_cred);
+        if (server->dnstls_data.session_data.data)
+                gnutls_free(server->dnstls_data.session_data.data);
 }
 
-void dnstls_server_free(DnsServer *server) {
-        assert(server);
+int dnstls_manager_init(Manager *manager) {
+        int r;
+        assert(manager);
 
-        if (server->dnstls_data.cert_cred)
-                gnutls_certificate_free_credentials(server->dnstls_data.cert_cred);
+        r = gnutls_certificate_allocate_credentials(&manager->dnstls_data.cert_cred);
+        if (r < 0)
+                return -ENOMEM;
 
-        if (server->dnstls_data.session_data.data)
-                gnutls_free(server->dnstls_data.session_data.data);
+        return 0;
+}
+
+void dnstls_manager_free(Manager *manager) {
+        assert(manager);
+
+        if (manager->dnstls_data.cert_cred)
+                gnutls_certificate_free_credentials(manager->dnstls_data.cert_cred);
 }