Validation of certificate chains will fail before dcpomatic_setup()

is called, as OpenSSL has not yet been set up. Make sure that these failures only raise a Bad() (which nobody is yet listening to) rather than throwing an exception which gets caught and reported as a failed-to-load config. If none of the OpenSSL stuff is working chain_valid() will return false but private_key_valid() will throw an exception (as it tries to get the leaf certificate, causing a validity check).
author: Carl Hetherington <cth@carlh.net> 2019-05-04 01:03:43 +0100
committer: Carl Hetherington <cth@carlh.net> 2019-05-10 23:43:42 +0100
commit: 248fe9bd28d93a9e269093b4dfbec5d0ceb49ce1 (patch)
tree: 0928f8db4fca7c72144d402c92986cad626bec38 /src/tools
parent: be3402b1fa27c9c35b043fd88cef93a88b17c6de (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/tools/dcpomatic.cc b/src/tools/dcpomatic.cc
index 73e215c04..508390a38 100644
--- a/src/tools/dcpomatic.cc
+++ b/src/tools/dcpomatic.cc
@@ -1506,6 +1506,10 @@ private:
 			*/
 			Config::drop ();
 
+			/* We only look out for bad configuration from here on, as before
+			   dcpomatic_setup() we haven't got OpenSSL ready so there will be
+			   incorrect certificate chain validity errors.
+			*/
 			Config::Bad.connect (boost::bind(&App::config_bad, this, _1));
 
 			_frame = new DOMFrame (_("DCP-o-matic"));
author	Carl Hetherington <cth@carlh.net>	2019-05-04 01:03:43 +0100
committer	Carl Hetherington <cth@carlh.net>	2019-05-10 23:43:42 +0100
commit	248fe9bd28d93a9e269093b4dfbec5d0ceb49ce1 (patch)
tree	0928f8db4fca7c72144d402c92986cad626bec38 /src/tools
parent	be3402b1fa27c9c35b043fd88cef93a88b17c6de (diff)