[Openvas-devel] Improved error message when trusted_ca does not exist

Joey Schulze joey at infodrom.org
Wed Nov 19 15:34:28 CET 2008


during installation and configuration of OpenVAS client and server
from SVN HEAD I stomped over an error message I could not parse.

  - trust level 2 || 3
  - trusted_ca unchanged (i.e. "cacert.pem")
  - file does not exist

This results in

| [24767] SSL_CTX_load_verify_locations: error:02001002:system library:fopen:No such file or directory

sent to stderr and an info box saying:

| Error while setting the trusted CA: cacert.pem\nSSL connections are likely to fail.

Using strace I found out what the problem was.

In order to help other people be able to parse the error message
properly I propose the patch below which emits a proper message
and also alters the paranoia level so that OpenSSL will not emit
errors on stderr.

Please let me know what you think.



It's practically impossible to look at a penguin and feel angry.

Please always Cc to me when replying to me on the lists.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openvas_trusted_ca.patch
Type: text/x-diff
Size: 537 bytes
Desc: not available
Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20081119/c4c36f10/openvas_trusted_ca.bin

More information about the Openvas-devel mailing list