HPCC-33260 missing "cert" validation check/skip and review changes

Add check for "cert" configuration to avoid legacy environment.conf check. Review changes Signed-off-by: Jake Smith <[email protected]>
hpcc-systems · Jan 20, 2025 · a50602f · a50602f
1 parent c3a3002
commit a50602f
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 6 deletions.
diff --git a/fs/dafilesrv/dafilesrv.cpp b/fs/dafilesrv/dafilesrv.cpp
@@ -585,14 +585,12 @@ int main(int argc, const char* argv[])
                 rowServiceConfiguration = daFileSrv->queryProp("@rowServiceConfiguration");
 
             // merge in bare-metal dafilesrv component expert settings
-            IPropertyTree *componentExpert = nullptr;
-            componentExpert = daFileSrv->queryPropTree("expert");
+            IPropertyTree *componentExpert = daFileSrv->queryPropTree("expert");
             if (componentExpert)
                 synchronizePTree(expert, componentExpert, false, true);
 
             // merge in bare-metal dafilesrv component cert settings into newConfig
-            IPropertyTree *componentCert = nullptr;
-            componentCert = daFileSrv->queryPropTree("cert");
+            IPropertyTree *componentCert = daFileSrv->queryPropTree("cert");
             if (componentCert)
             {
                 IPropertyTree *cert = ensurePTree(newConfig, "cert");

diff --git a/fs/dafsserver/dafsserver.cpp b/fs/dafsserver/dafsserver.cpp
@@ -148,7 +148,7 @@ static ISecureSocket *createSecureSocket(ISocket *sock, bool disableClientCertVe
             }
             else
             {
-                IPropertyTree *cert = getComponentConfigSP()->getPropTree("cert");
+                Owned<IPropertyTree> cert = getComponentConfigSP()->getPropTree("cert");
                 if (cert)
                 {
                     Owned<ISyncedPropertyTree> certSyncedWrapper = createSyncedPropertyTree(cert);
@@ -5459,7 +5459,11 @@ class CRemoteFileServer : implements IRemoteFileServer, public CInterface
                     securitySettings.privateKey = nullptr;
                 }
             }
-            else
+            else if (!isContainerized() && getComponentConfigSP()->hasProp("cert"))
+            {
+                // validated when context is created in createSecureSocket
+            }
+            else // using environment.conf HPCCCertificateFile etc.
                 validateSSLSetup();
 #endif