mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-17 14:03:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug in s_client. Previously default verify locations would only be loaded

Browse Source 
if CAfile or CApath were also supplied and successfully loaded first.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-02-25 11:30:43 +00:00
parent c62e94d805
commit 70e5fd8778
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/s_client.c
View File

@ -1352,13 +1352,12 @@ int MAIN(int argc, char **argv)
SSL_CTX_set_verify(ctx, verify, verify_callback); SSL_CTX_set_verify(ctx, verify, verify_callback);
if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || if ((CAfile || CApath)
(!SSL_CTX_set_default_verify_paths(ctx))) { && !SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) {
/* ERR_print_errors(bio_err);
* BIO_printf(bio_err,"error setting default verify locations\n"); }
*/ if (!SSL_CTX_set_default_verify_paths(ctx)) {
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
/* goto end; */
} }
ssl_ctx_add_crls(ctx, crls, crl_download); ssl_ctx_add_crls(ctx, crls, crl_download);