From: Richard Levitte Date: Thu, 5 Dec 2002 01:20:47 +0000 (+0000) Subject: Make sure using SSL_CERT_FILE actually works, and has priority over system defaults. X-Git-Tag: STATE_before_zlib~16 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=4387f478323522ab6100f25e2d68e18a7afe0f76;p=oweals%2Fopenssl.git Make sure using SSL_CERT_FILE actually works, and has priority over system defaults. PR: 376 --- diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index 92e00d2d73..d8731d4e51 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -100,18 +100,19 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { - ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), - X509_FILETYPE_PEM) != 0); + file = (char *)Getenv(X509_get_default_cert_file_env()); + if (file) + ok = (X509_load_cert_crl_file(ctx,file, + X509_FILETYPE_PEM) != 0); + + if (!ok) + ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), + X509_FILETYPE_PEM) != 0); + if (!ok) { X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); } - else - { - file=(char *)Getenv(X509_get_default_cert_file_env()); - ok = (X509_load_cert_crl_file(ctx,file, - X509_FILETYPE_PEM) != 0); - } } else {