summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDirk Engling <erdgeist@erdgeist.org>2022-05-16 17:58:42 +0200
committerDirk Engling <erdgeist@erdgeist.org>2022-05-16 17:58:42 +0200
commit02ec90ef346db99502f4958c09e4ab079a6d0b29 (patch)
tree2f280aad7077b207b53fb1f7b9229ce8fc671716
parentd1ac67f6d73f24a165ccc008440bb8b208ae140f (diff)
Only set ca file if it exists. Prevents error in openssl for the default path
-rw-r--r--vchat-connection.c19
1 files changed, 9 insertions, 10 deletions
diff --git a/vchat-connection.c b/vchat-connection.c
index e3d79e9..6b38168 100644
--- a/vchat-connection.c
+++ b/vchat-connection.c
@@ -83,7 +83,7 @@ vc_connect (const char *server, const char *port)
83 vc_x509store_t *vc_store; 83 vc_x509store_t *vc_store;
84 84
85 /* pointer to tilde-expanded certificate/keyfile-names */ 85 /* pointer to tilde-expanded certificate/keyfile-names */
86 char *certfile = NULL; 86 char *certfile, *cafile;
87 87
88 /* Connect to the server */ 88 /* Connect to the server */
89 serverfd = connect_tcp_socket( server, port ); 89 serverfd = connect_tcp_socket( server, port );
@@ -123,16 +123,15 @@ vc_connect (const char *server, const char *port)
123 free(certfile); 123 free(certfile);
124 } 124 }
125 125
126 if (getintoption(CF_VERIFYSSL)) { 126 vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER);
127 /* get name of key file */ 127
128 char *cafile = get_tilde_expanded (CF_CAFILE); 128 /* get name of ca file */
129 if (cafile) { 129 cafile = get_tilde_expanded (CF_CAFILE);
130 vc_x509store_setflags(vc_store, VC_X509S_NODEF_CAFILE); 130 if (cafile && !access(cafile, F_OK)) {
131 vc_x509store_setcafile(vc_store, cafile); 131 vc_x509store_setflags(vc_store, VC_X509S_NODEF_CAFILE);
132 } 132 vc_x509store_setcafile(vc_store, cafile);
133 vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER);
134 free(cafile);
135 } 133 }
134 free(cafile);
136 135
137 /* upgrade our plain BIO to ssl */ 136 /* upgrade our plain BIO to ssl */
138 int result = vc_tls_connect( serverfd, vc_store ); 137 int result = vc_tls_connect( serverfd, vc_store );