diff options
| author | Přemysl Janouch <p.janouch@gmail.com> | 2014-07-16 22:06:36 +0200 |
|---|---|---|
| committer | Přemysl Janouch <p.janouch@gmail.com> | 2014-07-16 23:56:09 +0200 |
| commit | e00d2079b57afd61bb05b4fc5bea14c67313c24c (patch) | |
| tree | 8a8b7b2b5a58a5b723845346550524d9f33add53 | |
| parent | d28b7224897bf6cc9c5238068b1bf33ae264591d (diff) | |
| download | xK-e00d2079b57afd61bb05b4fc5bea14c67313c24c.tar.gz xK-e00d2079b57afd61bb05b4fc5bea14c67313c24c.tar.xz xK-e00d2079b57afd61bb05b4fc5bea14c67313c24c.zip | |
Only print the first OpenSSL error
Otherwise TLS autodetection and TLS communication itself seem to work, yay!
| -rw-r--r-- | src/kike.c | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -1082,7 +1082,13 @@ irc_initialize_ssl (struct server_context *ctx) ctx->ssl_ctx = SSL_CTX_new (SSLv23_server_method ()); if (!ctx->ssl_ctx) + { + // XXX: these error strings are really nasty; also there could be + // multiple errors on the OpenSSL stack. + print_error ("%s: %s", "could not initialize SSL", + ERR_error_string (ERR_get_error (), NULL)); goto error_ssl_1; + } SSL_CTX_set_verify (ctx->ssl_ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, irc_ssl_verify_callback); // XXX: maybe we should call SSL_CTX_set_options() for some workarounds @@ -1114,10 +1120,6 @@ error_ssl_2: SSL_CTX_free (ctx->ssl_ctx); ctx->ssl_ctx = NULL; error_ssl_1: - // XXX: these error strings are really nasty; also there could be - // multiple errors on the OpenSSL stack. - print_error ("%s: %s", "could not initialize SSL", - ERR_error_string (ERR_get_error (), NULL)); return false; } |