emo/xbps
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib/fetch: check that SSL_CTX_new() does not fail and print its errors (#170).

Browse Source 
Thanks @ebfe.
This commit is contained in:
Juan RP 2016-04-24 08:42:32 +02:00
parent eaebc937fd
commit eb3d227d61
2 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/fetch/common.c
View File

@ -963,8 +963,12 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
(void)pthread_once(&ssl_init_once, ssl_init); (void)pthread_once(&ssl_init_once, ssl_init);
conn->ssl_meth = SSLv23_client_method(); conn->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth); if (conn->ssl_ctx == NULL) {
fprintf(stderr, "failed to create SSL context\n");
ERR_print_errors_fp(stderr);
return -1;
}
SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY); SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
fetch_ssl_setup_transport_layer(conn->ssl_ctx, verbose); fetch_ssl_setup_transport_layer(conn->ssl_ctx, verbose);

5
lib/fetch/common.h
View File

@ -73,11 +73,6 @@ struct fetchconn {
SSL *ssl; /* SSL handle */ SSL *ssl; /* SSL handle */
SSL_CTX *ssl_ctx; /* SSL context */ SSL_CTX *ssl_ctx; /* SSL context */
X509 *ssl_cert; /* server certificate */ X509 *ssl_cert; /* server certificate */
# if OPENSSL_VERSION_NUMBER < 0x00909000L
SSL_METHOD *ssl_meth; /* SSL method */
# else
const SSL_METHOD *ssl_meth; /* SSL method */
# endif
#endif #endif
char *ftp_home; char *ftp_home;