2015-06-15 16:23:46 +00:00
|
|
|
diff -up openssl-1.0.2c/apps/s_server.c.default-paths openssl-1.0.2c/apps/s_server.c
|
|
|
|
--- openssl-1.0.2c/apps/s_server.c.default-paths 2015-06-12 16:51:21.000000000 +0200
|
|
|
|
+++ openssl-1.0.2c/apps/s_server.c 2015-06-15 17:24:17.747446515 +0200
|
|
|
|
@@ -1788,12 +1788,16 @@ int MAIN(int argc, char *argv[])
|
2015-04-23 11:57:26 +00:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
|
|
|
|
- (!SSL_CTX_set_default_verify_paths(ctx))) {
|
|
|
|
- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
|
|
|
|
- ERR_print_errors(bio_err);
|
|
|
|
- /* goto end; */
|
|
|
|
+ if (CAfile == NULL && CApath == NULL) {
|
|
|
|
+ if (!SSL_CTX_set_default_verify_paths(ctx)) {
|
|
|
|
+ ERR_print_errors(bio_err);
|
|
|
|
+ }
|
|
|
|
+ } else {
|
|
|
|
+ if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) {
|
|
|
|
+ ERR_print_errors(bio_err);
|
|
|
|
+ }
|
|
|
|
}
|
|
|
|
+
|
|
|
|
if (vpm)
|
|
|
|
SSL_CTX_set1_param(ctx, vpm);
|
|
|
|
|
2015-06-15 16:23:46 +00:00
|
|
|
@@ -1850,8 +1854,10 @@ int MAIN(int argc, char *argv[])
|
2015-04-23 11:57:26 +00:00
|
|
|
else
|
|
|
|
SSL_CTX_sess_set_cache_size(ctx2, 128);
|
|
|
|
|
|
|
|
- if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
|
|
|
|
- (!SSL_CTX_set_default_verify_paths(ctx2))) {
|
|
|
|
+ if (!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) {
|
|
|
|
+ ERR_print_errors(bio_err);
|
|
|
|
+ }
|
|
|
|
+ if (!SSL_CTX_set_default_verify_paths(ctx2)) {
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
}
|
|
|
|
if (vpm)
|
2015-06-15 16:23:46 +00:00
|
|
|
diff -up openssl-1.0.2c/apps/s_time.c.default-paths openssl-1.0.2c/apps/s_time.c
|
|
|
|
--- openssl-1.0.2c/apps/s_time.c.default-paths 2015-06-12 16:51:21.000000000 +0200
|
|
|
|
+++ openssl-1.0.2c/apps/s_time.c 2015-06-15 17:24:17.747446515 +0200
|
2015-04-23 11:57:26 +00:00
|
|
|
@@ -381,13 +381,14 @@ int MAIN(int argc, char **argv)
|
|
|
|
|
|
|
|
SSL_load_error_strings();
|
|
|
|
|
|
|
|
- if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
|
|
|
|
- (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
|
|
|
|
- /*
|
|
|
|
- * BIO_printf(bio_err,"error setting default verify locations\n");
|
|
|
|
- */
|
|
|
|
- ERR_print_errors(bio_err);
|
|
|
|
- /* goto end; */
|
|
|
|
+ if (CAfile == NULL && CApath == NULL) {
|
|
|
|
+ if (!SSL_CTX_set_default_verify_paths(tm_ctx)) {
|
|
|
|
+ ERR_print_errors(bio_err);
|
|
|
|
+ }
|
|
|
|
+ } else {
|
|
|
|
+ if (!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) {
|
|
|
|
+ ERR_print_errors(bio_err);
|
|
|
|
+ }
|
|
|
|
}
|
|
|
|
|
|
|
|
if (tm_cipher == NULL)
|