add error check to ocsp_test.c

Kinichiro Inoguchi Thu, 07 Jul 2016 05:24:20 -0700

Hi,

I would like to add error check for CAfile loading
since some OS doesn't have /etc/ssl/cert.pem.


Best regards,
Kinichiro Inoguchi

diff --git src/regress/lib/libcrypto/ocsp/ocsp_test.c 
src/regress/lib/libcrypto/ocsp/ocsp_test.c
index 8867536..31594fa 100644
--- src/regress/lib/libcrypto/ocsp/ocsp_test.c
+++ src/regress/lib/libcrypto/ocsp/ocsp_test.c
@@ -47,6 +47,7 @@ int main(int argc, char *argv[]) {
        X509_STORE     *st = NULL;
        STACK_OF(X509) *ch = NULL;
        char *host, *port;
+       char *cafile = "/etc/ssl/cert.pem";
 
        SSL *ssl;
        SSL_CTX *ctx;
@@ -56,7 +57,10 @@ int main(int argc, char *argv[]) {
 
        ctx = SSL_CTX_new(SSLv23_client_method());
 
-       SSL_CTX_load_verify_locations(ctx, "/etc/ssl/cert.pem", NULL);
+       if (!SSL_CTX_load_verify_locations(ctx, cafile, NULL)) {
+               printf("failed to load %s\n", cafile);
+               exit(-1);
+       }
 
        if (argc != 3)
                errx(-1, "need a host and port to connect to");

add error check to ocsp_test.c

Reply via email to