If we couldn't handle "-showcerts" (which happens with the current

SSL2 implementation), show at least the server certificate.
author: Bodo Möller <bodo@openssl.org> 1999-05-17 20:46:43 +0000
committer: Bodo Möller <bodo@openssl.org> 1999-05-17 20:46:43 +0000
commit: bc2e519a89dec54f7a075170ac5d9102642a6cbe (patch)
tree: 5c9ac1f190f3c6184f272509afcaf934a1191bbc /apps/s_client.c
parent: 92afda6cccdcede2f4be8ddbe5271483b1bb4a9b (diff)
download: openssl-bc2e519a89dec54f7a075170ac5d9102642a6cbe.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/apps/s_client.c b/apps/s_client.c
index cea00788a6..1fa157573a 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -688,9 +688,13 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 
 	if (full)
 		{
+		int got_a_chain = 0;
+
 		sk=SSL_get_peer_cert_chain(s);
 		if (sk != NULL)
 			{
+			got_a_chain = 1; /* we don't have it for SSL2 (yet) */
+
 			BIO_printf(bio,"---\nCertificate chain\n");
 			for (i=0; i<sk_X509_num(sk); i++)
 				{
@@ -710,7 +714,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 		if (peer != NULL)
 			{
 			BIO_printf(bio,"Server certificate\n");
-			if (!c_showcerts) /* Redundant if we showed the whole chain */
+			if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
 				PEM_write_bio_X509(bio,peer);
 			X509_NAME_oneline(X509_get_subject_name(peer),
 				buf,BUFSIZ);
author	Bodo Möller <bodo@openssl.org>	1999-05-17 20:46:43 +0000
committer	Bodo Möller <bodo@openssl.org>	1999-05-17 20:46:43 +0000
commit	bc2e519a89dec54f7a075170ac5d9102642a6cbe (patch)
tree	5c9ac1f190f3c6184f272509afcaf934a1191bbc /apps/s_client.c
parent	92afda6cccdcede2f4be8ddbe5271483b1bb4a9b (diff)
download	openssl-bc2e519a89dec54f7a075170ac5d9102642a6cbe.tar.gz