p
/
xK
1
1
Fork 0
Code Issues 1 Pull Requests Releases 10 Wiki Activity

degesch: fix failure handling in SSL_CTX creation

This commit is contained in:
Přemysl Eric Janouch 2015-07-12 00:43:52 +02:00
parent fe95f97101
commit 20b317db30
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
degesch.c
View File

@ -3849,6 +3849,10 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e)
if (!verify) if (!verify)
SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL); SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL);
// TODO: allow specifying SSL_CTX_set_cipher_list()
SSL_CTX_set_mode (ssl_ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
const char *ca_file = get_config_string (s->config, "ssl_ca_file"); const char *ca_file = get_config_string (s->config, "ssl_ca_file");
const char *ca_path = get_config_string (s->config, "ssl_ca_path"); const char *ca_path = get_config_string (s->config, "ssl_ca_path");
@ -3871,10 +3875,6 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e)
ERR_reason_error_string (ERR_get_error ())); ERR_reason_error_string (ERR_get_error ()));
goto ca_error; goto ca_error;
} }
// TODO: allow specifying SSL_CTX_set_cipher_list()
SSL_CTX_set_mode (ssl_ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
return true; return true;
ca_error: ca_error: