Merge pull request #12435 from rgacogne/ddist-failure-server-ctx

dnsdist: Gracefully handle a failure to create a TLS server context
PowerDNS · Jan 20, 2023 · b03958c · b03958c
2 parents 13427ee + 96152c3
commit b03958c
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/pdns/libssl.cc b/pdns/libssl.cc
@@ -804,7 +804,11 @@ bool OpenSSLTLSTicketKey::decrypt(const unsigned char* iv, EVP_CIPHER_CTX* ectx,
 std::unique_ptr<SSL_CTX, void(*)(SSL_CTX*)> libssl_init_server_context(const TLSConfig& config,
                                                                        std::map<int, std::string>& ocspResponses)
 {
-  auto ctx = std::unique_ptr<SSL_CTX, void(*)(SSL_CTX*)>(SSL_CTX_new(SSLv23_server_method()), SSL_CTX_free);
+  auto ctx = std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)>(SSL_CTX_new(SSLv23_server_method()), SSL_CTX_free);
+
+  if (!ctx) {
+    throw pdns::OpenSSL::error("Error creating an OpenSSL server context");
+  }
 
   int sslOptions =
     SSL_OP_NO_SSLv2 |