- Fix crash if tls-servic-pem not filled in when necessary.

git-svn-id: file:///svn/unbound/trunk@5141 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 28ff7f89ccc979eb4ae4d027a413c44cd8b6aced..c9d868a67f029ad87643b5ee8946281dfa33e44e 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,7 @@
 25 March 2019: Wouter
        - Fix that tls-session-ticket-keys: "" on its own in unbound.conf
          disables the tls session ticker key calls into the OpenSSL API.
+       - Fix crash if tls-servic-pem not filled in when necessary.
 
 21 March 2019: Wouter
        - Fix #4240: Fix whitespace cleanup in example.conf.

diff --git a/util/net_help.c b/util/net_help.c
index 2b1be92460baea38d33c8e1e192fb52588734840..a6c3fd5cccb2300838907a9251a5c80d1049c0df 100644 (file)
--- a/util/net_help.c
+++ b/util/net_help.c
@@ -802,6 +802,16 @@ void* listen_sslctx_create(char* key, char* pem, char* verifypem)
                log_crypto_err("could not SSL_CTX_new");
                return NULL;
        }
+       if(!key || key[0] == 0) {
+               log_err("error: no tls-service-key file specified");
+               SSL_CTX_free(ctx);
+               return NULL;
+       }
+       if(!pem || pem[0] == 0) {
+               log_err("error: no tls-service-pem file specified");
+               SSL_CTX_free(ctx);
+               return NULL;
+       }
        if(!listen_sslctx_setup(ctx)) {
                SSL_CTX_free(ctx);
                return NULL;