2009-06-21 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net>

In TLSContext::addClientKeyFile() and addTrustedCACertFile(),
	handle excepion inside these functions.
	* src/LibgnutlsTLSContext.cc
	* src/LibgnutlsTLSContext.h
	* src/LibsslTLSContext.cc
	* src/LibsslTLSContext.h
	* src/MultiUrlRequestInfo.cc

ChangeLog

@@ -1,3 +1,13 @@
+2009-06-21  Tatsuhiro Tsujikawa  <t-tujikawa@users.sourceforge.net>
+
+	In TLSContext::addClientKeyFile() and addTrustedCACertFile(),
+	handle excepion inside these functions.
+	* src/LibgnutlsTLSContext.cc
+	* src/LibgnutlsTLSContext.h
+	* src/LibsslTLSContext.cc
+	* src/LibsslTLSContext.h
+	* src/MultiUrlRequestInfo.cc
+
 2009-06-21  Tatsuhiro Tsujikawa  <t-tujikawa@users.sourceforge.net>
 
 	Added comment

src/LibgnutlsTLSContext.cc

@@ -78,36 +78,39 @@ bool TLSContext::bad() const
   return !_good;
 }
 
-void TLSContext::addClientKeyFile(const std::string& certfile,
+bool TLSContext::addClientKeyFile(const std::string& certfile,
 				  const std::string& keyfile)
-  throw(DlAbortEx)
 {
   int ret = gnutls_certificate_set_x509_key_file(_certCred,
 						 certfile.c_str(),
 						 keyfile.c_str(),
 						 GNUTLS_X509_FMT_PEM);
-  if(ret != GNUTLS_E_SUCCESS) {
+  if(ret == GNUTLS_E_SUCCESS) {
-    throw DL_ABORT_EX
+    _logger->info("Client Key File(cert=%s, key=%s) were successfully added.",
-      (StringFormat("Failed to load client certificate from %s and"
+		  certfile.c_str(), keyfile.c_str());
-		    " private key from %s. Cause: %s",
+    return true;
-		    certfile.c_str(), keyfile.c_str(),
+  } else {
-		    gnutls_strerror(ret)).str());
+    _logger->error("Failed to load client certificate from %s and"
+		   " private key from %s. Cause: %s",
+		   certfile.c_str(), keyfile.c_str(),
+		   gnutls_strerror(ret));
+    return false;
   }
 }
 
-void TLSContext::addTrustedCACertFile(const std::string& certfile)
+bool TLSContext::addTrustedCACertFile(const std::string& certfile)
-  throw(DlAbortEx)
 {
   int ret = gnutls_certificate_set_x509_trust_file(_certCred,
 						   certfile.c_str(),
 						   GNUTLS_X509_FMT_PEM);
   if(ret < 0) {
-    throw DL_ABORT_EX
+    _logger->error(MSG_LOADING_TRUSTED_CA_CERT_FAILED,
-      (StringFormat
+		   certfile.c_str(), gnutls_strerror(ret));
-       (MSG_LOADING_TRUSTED_CA_CERT_FAILED,
+    return false;
-	certfile.c_str(), gnutls_strerror(ret)).str());
+  } else {
+    _logger->info("%d certificate(s) were imported.", ret);
+    return true;
   }
-  _logger->info("%d certificate(s) were imported.", ret);
 }
 
 gnutls_certificate_credentials_t TLSContext::getCertCred() const

src/LibgnutlsTLSContext.h

@@ -62,11 +62,11 @@ public:
   ~TLSContext();
 
   // private key `keyfile' must be decrypted.
-  void addClientKeyFile(const std::string& certfile,
+  bool addClientKeyFile(const std::string& certfile,
-			const std::string& keyfile) throw(DlAbortEx);
+			const std::string& keyfile);
 
   // certfile can contain multiple certificates.
-  void addTrustedCACertFile(const std::string& certfile) throw(DlAbortEx);
+  bool addTrustedCACertFile(const std::string& certfile);
 
   bool good() const;
 

src/LibsslTLSContext.cc

@@ -73,33 +73,34 @@ bool TLSContext::bad() const
   return !_good;
 }
 
-void TLSContext::addClientKeyFile(const std::string& certfile,
+bool TLSContext::addClientKeyFile(const std::string& certfile,
 				  const std::string& keyfile)
-  throw(DlAbortEx)
 {
   if(SSL_CTX_use_PrivateKey_file(_sslCtx, keyfile.c_str(),
 				 SSL_FILETYPE_PEM) != 1) {
-    throw DL_ABORT_EX
+    _logger->error("Failed to load client private key from %s. Cause: %s",
-      (StringFormat
+		   keyfile.c_str(), ERR_error_string(ERR_get_error(), 0));
-       ("Failed to load client private key from %s. Cause: %s",
+    return false;
-	keyfile.c_str(), ERR_error_string(ERR_get_error(), 0)).str());
   }
   if(SSL_CTX_use_certificate_chain_file(_sslCtx, certfile.c_str()) != 1) {
-    throw DL_ABORT_EX
+    _logger->error("Failed to load client certificate from %s. Cause: %s",
-      (StringFormat
+		   certfile.c_str(), ERR_error_string(ERR_get_error(), 0));
-       ("Failed to load client certificate from %s. Cause: %s",
+    return false;
-	certfile.c_str(), ERR_error_string(ERR_get_error(), 0)).str());
   }
+  _logger->info("Client Key File(cert=%s, key=%s) were successfully added.",
+		certfile.c_str(), keyfile.c_str());
+  return true;
 }
 
-void TLSContext::addTrustedCACertFile(const std::string& certfile)
+bool TLSContext::addTrustedCACertFile(const std::string& certfile)
-  throw(DlAbortEx)
 {
   if(SSL_CTX_load_verify_locations(_sslCtx, certfile.c_str(), 0) != 1) {
-    throw DL_ABORT_EX
+    _logger->error(MSG_LOADING_TRUSTED_CA_CERT_FAILED,
-      (StringFormat
+		   certfile.c_str(), ERR_error_string(ERR_get_error(), 0));
-       (MSG_LOADING_TRUSTED_CA_CERT_FAILED,
+    return false;
-	certfile.c_str(), ERR_error_string(ERR_get_error(), 0)).str());
+  } else {
+    _logger->info("Trusted CA certificates were successfully added.");
+    return true;
   }
 }
 

src/LibsslTLSContext.h

@@ -62,11 +62,11 @@ public:
   ~TLSContext();
 
   // private key `keyfile' must be decrypted.
-  void addClientKeyFile(const std::string& certfile,
+  bool addClientKeyFile(const std::string& certfile,
-			const std::string& keyfile) throw(DlAbortEx);
+			const std::string& keyfile);
 
   // certfile can contain multiple certificates.
-  void addTrustedCACertFile(const std::string& certfile) throw(DlAbortEx);
+  bool addTrustedCACertFile(const std::string& certfile);
 
   bool good() const;
 

src/MultiUrlRequestInfo.cc

@@ -140,10 +140,7 @@ DownloadResult::RESULT MultiUrlRequestInfo::execute()
 				   _option->get(PREF_PRIVATE_KEY));
     }
     if(!_option->blank(PREF_CA_CERTIFICATE)) {
-      try {
+      if(!tlsContext->addTrustedCACertFile(_option->get(PREF_CA_CERTIFICATE))) {
-	tlsContext->addTrustedCACertFile(_option->get(PREF_CA_CERTIFICATE));
-      } catch(RecoverableException& e) {
-	_logger->error(EX_EXCEPTION_CAUGHT, e);
 	_logger->warn(MSG_WARN_NO_CA_CERT);
       }
     } else if(_option->getAsBool(PREF_CHECK_CERTIFICATE)) {