From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 18 Sep 2018 19:18:52 +0000 (-0400)
Subject: In tor_tls_get_my_certs(), set cert ptrs even on failure
X-Git-Tag: tor-0.3.5.3-alpha~23^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7c8f20ba44a831ed9f714453fa776762d1c872c5;p=thirdparty%2Ftor.git

In tor_tls_get_my_certs(), set cert ptrs even on failure

Nothing should ever look at them on failure, but in some cases,
the unit tests don't check for failure, and then GCC-LTO freaks out.

Fixes part of 27772.
---

diff --git a/src/lib/tls/tortls.c b/src/lib/tls/tortls.c
index 3ae3a1a096..56f70bc371 100644
--- a/src/lib/tls/tortls.c
+++ b/src/lib/tls/tortls.c
@@ -71,13 +71,19 @@ tor_tls_get_my_certs(int server,
                      const tor_x509_cert_t **id_cert_out)
 {
   tor_tls_context_t *ctx = tor_tls_context_get(server);
-  if (! ctx)
-    return -1;
+  int rv = -1;
+  const tor_x509_cert_t *link_cert = NULL;
+  const tor_x509_cert_t *id_cert = NULL;
+  if (ctx) {
+    rv = 0;
+    link_cert = server ? ctx->my_link_cert : ctx->my_auth_cert;
+    id_cert = ctx->my_id_cert;
+  }
   if (link_cert_out)
-    *link_cert_out = server ? ctx->my_link_cert : ctx->my_auth_cert;
+    *link_cert_out = link_cert;
   if (id_cert_out)
-    *id_cert_out = ctx->my_id_cert;
-  return 0;
+    *id_cert_out = id_cert;
+  return rv;
 }
 
 /**