From 20b317db30c59225965ad1cea0ea32bed4ce0b51 Mon Sep 17 00:00:00 2001
From: Přemysl Janouch
Date: Sun, 12 Jul 2015 00:43:52 +0200
Subject: degesch: fix failure handling in SSL_CTX creation
---
degesch.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/degesch.c b/degesch.c
index 85e43c6..2cd31ff 100644
--- a/degesch.c
+++ b/degesch.c
@@ -3849,6 +3849,10 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e)
if (!verify)
SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL);
+ // TODO: allow specifying SSL_CTX_set_cipher_list()
+ SSL_CTX_set_mode (ssl_ctx,
+ SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+
const char *ca_file = get_config_string (s->config, "ssl_ca_file");
const char *ca_path = get_config_string (s->config, "ssl_ca_path");
@@ -3871,10 +3875,6 @@ transport_tls_init_ctx (struct server *s, SSL_CTX *ssl_ctx, struct error **e)
ERR_reason_error_string (ERR_get_error ()));
goto ca_error;
}
-
- // TODO: allow specifying SSL_CTX_set_cipher_list()
- SSL_CTX_set_mode (ssl_ctx,
- SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
return true;
ca_error:
--
cgit v1.2.3-70-g09d2