Hi,
Ralf Haferkamp noticed that several programs using openssl contain
some weird piece of code that seems to originate to apps/s_client.c:
if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx)))
{
/* BIO_printf(bio_err,"error setting default verify locations\n"); */
ERR_print_errors(bio_err);
/* goto end; */
}
SSL_CTX_load_verify_locations() returns zero on failure or if both
arguments are NULL. Therefore SSL_CTX_set_default_verify_paths()
actually only gets called if SSL_CTX_load_verify_locations()
succeeds which doesn't make much sense.
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
