diff options
author | Přemysl Janouch <p.janouch@gmail.com> | 2015-07-12 00:43:52 +0200 |
---|---|---|
committer | Přemysl Janouch <p.janouch@gmail.com> | 2015-07-12 00:43:52 +0200 |
commit | 20b317db30c59225965ad1cea0ea32bed4ce0b51 (patch) | |
tree | 17d1718c58674ff25aa8d47d598aa5846dfd02be | |
parent | fe95f97101616bf68a5754ebd1ac245650db2007 (diff) | |
download | xK-20b317db30c59225965ad1cea0ea32bed4ce0b51.tar.gz xK-20b317db30c59225965ad1cea0ea32bed4ce0b51.tar.xz xK-20b317db30c59225965ad1cea0ea32bed4ce0b51.zip |
degesch: fix failure handling in SSL_CTX creation
-rw-r--r-- | degesch.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -3849,6 +3849,10 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e) if (!verify) SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL); + // TODO: allow specifying SSL_CTX_set_cipher_list() + SSL_CTX_set_mode (ssl_ctx, + SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + const char *ca_file = get_config_string (s->config, "ssl_ca_file"); const char *ca_path = get_config_string (s->config, "ssl_ca_path"); @@ -3871,10 +3875,6 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e) ERR_reason_error_string (ERR_get_error ())); goto ca_error; } - - // TODO: allow specifying SSL_CTX_set_cipher_list() - SSL_CTX_set_mode (ssl_ctx, - SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); return true; ca_error: |