aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPřemysl Janouch <p.janouch@gmail.com>2015-07-12 00:43:52 +0200
committerPřemysl Janouch <p.janouch@gmail.com>2015-07-12 00:43:52 +0200
commit20b317db30c59225965ad1cea0ea32bed4ce0b51 (patch)
tree17d1718c58674ff25aa8d47d598aa5846dfd02be
parentfe95f97101616bf68a5754ebd1ac245650db2007 (diff)
downloadxK-20b317db30c59225965ad1cea0ea32bed4ce0b51.tar.gz
xK-20b317db30c59225965ad1cea0ea32bed4ce0b51.tar.xz
xK-20b317db30c59225965ad1cea0ea32bed4ce0b51.zip
degesch: fix failure handling in SSL_CTX creation
-rw-r--r--degesch.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/degesch.c b/degesch.c
index 85e43c6..2cd31ff 100644
--- a/degesch.c
+++ b/degesch.c
@@ -3849,6 +3849,10 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e)
if (!verify)
SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL);
+ // TODO: allow specifying SSL_CTX_set_cipher_list()
+ SSL_CTX_set_mode (ssl_ctx,
+ SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+
const char *ca_file = get_config_string (s->config, "ssl_ca_file");
const char *ca_path = get_config_string (s->config, "ssl_ca_path");
@@ -3871,10 +3875,6 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e)
ERR_reason_error_string (ERR_get_error ()));
goto ca_error;
}
-
- // TODO: allow specifying SSL_CTX_set_cipher_list()
- SSL_CTX_set_mode (ssl_ctx,
- SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
return true;
ca_error: