From 4387f478323522ab6100f25e2d68e18a7afe0f76 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 5 Dec 2002 01:20:47 +0000 Subject: [PATCH] Make sure using SSL_CERT_FILE actually works, and has priority over system defaults. PR: 376 --- crypto/x509/by_file.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index 92e00d2d73..d8731d4e51 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -100,18 +100,19 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { - ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), - X509_FILETYPE_PEM) != 0); + file = (char *)Getenv(X509_get_default_cert_file_env()); + if (file) + ok = (X509_load_cert_crl_file(ctx,file, + X509_FILETYPE_PEM) != 0); + + if (!ok) + ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), + X509_FILETYPE_PEM) != 0); + if (!ok) { X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); } - else - { - file=(char *)Getenv(X509_get_default_cert_file_env()); - ok = (X509_load_cert_crl_file(ctx,file, - X509_FILETYPE_PEM) != 0); - } } else { -- 2.25.1