crypto: add missing return value check

mhdawson · marco-ippolito · commit 5ef3c3c996be · 2025-03-06T13:38:13.000+01:00
Add return value check for call to SSL_CTX_add_client_CA to be consistent with other places it is called Fixed unused warning in one of the static analysis tools we use at Red Hat even though it is not being reported by coverity in the configuration we run. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #56615 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
diff --git a/src/crypto/crypto_context.cc b/src/crypto/crypto_context.cc
@@ -1117,7 +1117,7 @@ void SecureContext::LoadPKCS12(const FunctionCallbackInfo<Value>& args) {
     X509* ca = sk_X509_value(extra_certs.get(), i);
 
     X509_STORE_add_cert(sc->GetCertStoreOwnedByThisSecureContext(), ca);
-    SSL_CTX_add_client_CA(sc->ctx_.get(), ca);
+    CHECK_EQ(1, SSL_CTX_add_client_CA(sc->ctx_.get(), ca));
   }
   ret = true;
 

Original file line number	Diff line number	Diff line change
`@@ -1117,7 +1117,7 @@ void SecureContext::LoadPKCS12(const FunctionCallbackInfo<Value>& args) {`
`1117`	`1117`	`X509* ca = sk_X509_value(extra_certs.get(), i);`
`1118`	`1118`
`1119`	`1119`	`X509_STORE_add_cert(sc->GetCertStoreOwnedByThisSecureContext(), ca);`
`1120`		`- SSL_CTX_add_client_CA(sc->ctx_.get(), ca);`
	`1120`	`+ CHECK_EQ(1, SSL_CTX_add_client_CA(sc->ctx_.get(), ca));`
`1121`	`1121`	`}`
`1122`	`1122`	`ret = true;`
`1123`	`1123`