You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
100 lines
2.8 KiB
100 lines
2.8 KiB
diff -up openssl-1.0.1c/apps/s_client.c.default-paths openssl-1.0.1c/apps/s_client.c |
|
--- openssl-1.0.1c/apps/s_client.c.default-paths 2012-03-18 19:16:05.000000000 +0100 |
|
+++ openssl-1.0.1c/apps/s_client.c 2012-12-06 18:24:06.425933203 +0100 |
|
@@ -1166,12 +1166,19 @@ bad: |
|
if (!set_cert_key_stuff(ctx,cert,key)) |
|
goto end; |
|
|
|
- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || |
|
- (!SSL_CTX_set_default_verify_paths(ctx))) |
|
+ if (CAfile == NULL && CApath == NULL) |
|
{ |
|
- /* BIO_printf(bio_err,"error setting default verify locations\n"); */ |
|
- ERR_print_errors(bio_err); |
|
- /* goto end; */ |
|
+ if (!SSL_CTX_set_default_verify_paths(ctx)) |
|
+ { |
|
+ ERR_print_errors(bio_err); |
|
+ } |
|
+ } |
|
+ else |
|
+ { |
|
+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) |
|
+ { |
|
+ ERR_print_errors(bio_err); |
|
+ } |
|
} |
|
|
|
#ifndef OPENSSL_NO_TLSEXT |
|
diff -up openssl-1.0.1c/apps/s_server.c.default-paths openssl-1.0.1c/apps/s_server.c |
|
--- openssl-1.0.1c/apps/s_server.c.default-paths 2012-03-18 19:16:05.000000000 +0100 |
|
+++ openssl-1.0.1c/apps/s_server.c 2012-12-06 18:25:11.199329611 +0100 |
|
@@ -1565,13 +1565,21 @@ bad: |
|
} |
|
#endif |
|
|
|
- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || |
|
- (!SSL_CTX_set_default_verify_paths(ctx))) |
|
+ if (CAfile == NULL && CApath == NULL) |
|
{ |
|
- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ |
|
- ERR_print_errors(bio_err); |
|
- /* goto end; */ |
|
+ if (!SSL_CTX_set_default_verify_paths(ctx)) |
|
+ { |
|
+ ERR_print_errors(bio_err); |
|
+ } |
|
+ } |
|
+ else |
|
+ { |
|
+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) |
|
+ { |
|
+ ERR_print_errors(bio_err); |
|
+ } |
|
} |
|
+ |
|
if (vpm) |
|
SSL_CTX_set1_param(ctx, vpm); |
|
|
|
@@ -1622,8 +1630,11 @@ bad: |
|
else |
|
SSL_CTX_sess_set_cache_size(ctx2,128); |
|
|
|
- if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || |
|
- (!SSL_CTX_set_default_verify_paths(ctx2))) |
|
+ if (!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) |
|
+ { |
|
+ ERR_print_errors(bio_err); |
|
+ } |
|
+ if (!SSL_CTX_set_default_verify_paths(ctx2)) |
|
{ |
|
ERR_print_errors(bio_err); |
|
} |
|
diff -up openssl-1.0.1c/apps/s_time.c.default-paths openssl-1.0.1c/apps/s_time.c |
|
--- openssl-1.0.1c/apps/s_time.c.default-paths 2006-04-17 14:22:13.000000000 +0200 |
|
+++ openssl-1.0.1c/apps/s_time.c 2012-12-06 18:27:41.694574044 +0100 |
|
@@ -373,12 +373,19 @@ int MAIN(int argc, char **argv) |
|
|
|
SSL_load_error_strings(); |
|
|
|
- if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) || |
|
- (!SSL_CTX_set_default_verify_paths(tm_ctx))) |
|
+ if (CAfile == NULL && CApath == NULL) |
|
{ |
|
- /* BIO_printf(bio_err,"error setting default verify locations\n"); */ |
|
- ERR_print_errors(bio_err); |
|
- /* goto end; */ |
|
+ if (!SSL_CTX_set_default_verify_paths(tm_ctx)) |
|
+ { |
|
+ ERR_print_errors(bio_err); |
|
+ } |
|
+ } |
|
+ else |
|
+ { |
|
+ if (!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) |
|
+ { |
|
+ ERR_print_errors(bio_err); |
|
+ } |
|
} |
|
|
|
if (tm_cipher == NULL)
|
|
|