Hi, Ralf Haferkamp noticed that several programs using openssl contain some weird piece of code that seems to originate to apps/s_client.c:
if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || (!SSL_CTX_set_default_verify_paths(ctx))) { /* BIO_printf(bio_err,"error setting default verify locations\n"); */ ERR_print_errors(bio_err); /* goto end; */ } SSL_CTX_load_verify_locations() returns zero on failure or if both arguments are NULL. Therefore SSL_CTX_set_default_verify_paths() actually only gets called if SSL_CTX_load_verify_locations() succeeds which doesn't make much sense. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org