summaryrefslogtreecommitdiff
path: root/system/openssl/0004-fix-default-ca-path-for-apps.patch
diff options
context:
space:
mode:
Diffstat (limited to 'system/openssl/0004-fix-default-ca-path-for-apps.patch')
-rw-r--r--system/openssl/0004-fix-default-ca-path-for-apps.patch79
1 files changed, 79 insertions, 0 deletions
diff --git a/system/openssl/0004-fix-default-ca-path-for-apps.patch b/system/openssl/0004-fix-default-ca-path-for-apps.patch
new file mode 100644
index 000000000..c2c53184a
--- /dev/null
+++ b/system/openssl/0004-fix-default-ca-path-for-apps.patch
@@ -0,0 +1,79 @@
+From 09e6425ad6927a825b077af85c50b2fb04773757 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 08:52:05 +0200
+Subject: [PATCH] fix default ca path for apps
+
+---
+ apps/s_server.c | 22 ++++++++++++++--------
+ apps/s_time.c | 13 ++++++-------
+ 3 files changed, 26 insertions(+), 22 deletions(-)
+
+diff --git a/apps/s_server.c b/apps/s_server.c
+index baa2455..2d5dc97 100644
+--- a/apps/s_server.c
++++ b/apps/s_server.c
+@@ -1770,12 +1770,14 @@ int MAIN(int argc, char *argv[])
+ }
+ #endif
+
+- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(ctx))) {
+- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
+- ERR_print_errors(bio_err);
+- /* goto end; */
++ if (CAfile == NULL && CApath == NULL) {
++ if (!SSL_CTX_set_default_verify_paths(ctx))
++ ERR_print_errors(bio_err);
++ } else {
++ if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath))
++ ERR_print_errors(bio_err);
+ }
++
+ if (vpm)
+ SSL_CTX_set1_param(ctx, vpm);
+
+@@ -1838,10 +1840,14 @@ int MAIN(int argc, char *argv[])
+ else
+ SSL_CTX_sess_set_cache_size(ctx2, 128);
+
+- if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(ctx2))) {
+- ERR_print_errors(bio_err);
++ if (CAfile == NULL && CApath == NULL) {
++ if (!SSL_CTX_set_default_verify_paths(ctx2))
++ ERR_print_errors(bio_err);
++ } else {
++ if (!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath))
++ ERR_print_errors(bio_err);
+ }
++
+ if (vpm)
+ SSL_CTX_set1_param(ctx2, vpm);
+
+diff --git a/apps/s_time.c b/apps/s_time.c
+index 5846f3a..c8f371a 100644
+--- a/apps/s_time.c
++++ b/apps/s_time.c
+@@ -377,13 +377,12 @@ int MAIN(int argc, char **argv)
+
+ SSL_load_error_strings();
+
+- if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
+- /*
+- * BIO_printf(bio_err,"error setting default verify locations\n");
+- */
+- ERR_print_errors(bio_err);
+- /* goto end; */
++ if (CAfile == NULL && CApath == NULL) {
++ if (!SSL_CTX_set_default_verify_paths(tm_ctx))
++ ERR_print_errors(bio_err);
++ } else {
++ if (!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath))
++ ERR_print_errors(bio_err);
+ }
+
+ if (tm_cipher == NULL)
+--
+2.2.2
+