diff options
author | Richard Levitte <levitte@openssl.org> | 2002-12-05 01:20:53 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2002-12-05 01:20:53 +0000 |
commit | 3124dd9c13ff6ba14899fa231fe22604c1381f45 (patch) | |
tree | 8ad0f01fe547109d010cb34b8c5a5b89e72792ac | |
parent | e5040378dfb831e7cb6ba020f20e42b53ed0053e (diff) | |
download | openssl-3124dd9c13ff6ba14899fa231fe22604c1381f45.tar.gz |
Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.
PR: 376
-rw-r--r-- | crypto/x509/by_file.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index 78e9240a8d..05a3a0293b 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -100,18 +100,19 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { - ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), - X509_FILETYPE_PEM) != 0); + file = (char *)Getenv(X509_get_default_cert_file_env()); + if (file) + ok = (X509_load_cert_crl_file(ctx,file, + X509_FILETYPE_PEM) != 0); + + if (!ok) + ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), + X509_FILETYPE_PEM) != 0); + if (!ok) { X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); } - else - { - file=(char *)Getenv(X509_get_default_cert_file_env()); - ok = (X509_load_cert_crl_file(ctx,file, - X509_FILETYPE_PEM) != 0); - } } else { |