aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPřemysl Janouch <p.janouch@gmail.com>2014-07-16 22:06:36 +0200
committerPřemysl Janouch <p.janouch@gmail.com>2014-07-16 23:56:09 +0200
commite00d2079b57afd61bb05b4fc5bea14c67313c24c (patch)
tree8a8b7b2b5a58a5b723845346550524d9f33add53
parentd28b7224897bf6cc9c5238068b1bf33ae264591d (diff)
downloadxK-e00d2079b57afd61bb05b4fc5bea14c67313c24c.tar.gz
xK-e00d2079b57afd61bb05b4fc5bea14c67313c24c.tar.xz
xK-e00d2079b57afd61bb05b4fc5bea14c67313c24c.zip
Only print the first OpenSSL error
Otherwise TLS autodetection and TLS communication itself seem to work, yay!
-rw-r--r--src/kike.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/kike.c b/src/kike.c
index 207ff76..5bcab42 100644
--- a/src/kike.c
+++ b/src/kike.c
@@ -1082,7 +1082,13 @@ irc_initialize_ssl (struct server_context *ctx)
ctx->ssl_ctx = SSL_CTX_new (SSLv23_server_method ());
if (!ctx->ssl_ctx)
+ {
+ // XXX: these error strings are really nasty; also there could be
+ // multiple errors on the OpenSSL stack.
+ print_error ("%s: %s", "could not initialize SSL",
+ ERR_error_string (ERR_get_error (), NULL));
goto error_ssl_1;
+ }
SSL_CTX_set_verify (ctx->ssl_ctx,
SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, irc_ssl_verify_callback);
// XXX: maybe we should call SSL_CTX_set_options() for some workarounds
@@ -1114,10 +1120,6 @@ error_ssl_2:
SSL_CTX_free (ctx->ssl_ctx);
ctx->ssl_ctx = NULL;
error_ssl_1:
- // XXX: these error strings are really nasty; also there could be
- // multiple errors on the OpenSSL stack.
- print_error ("%s: %s", "could not initialize SSL",
- ERR_error_string (ERR_get_error (), NULL));
return false;
}