summaryrefslogtreecommitdiff
path: root/radsecproxy.c
diff options
context:
space:
mode:
authorvenaas <venaas>2007-02-06 15:05:57 +0000
committervenaas <venaas@e88ac4ed-0b26-0410-9574-a7f39faa03bf>2007-02-06 15:05:57 +0000
commit299ac96ae105ab0eb4585f4684e79f50ae6b35b6 (patch)
treeb9bd6d5f850b2fae6aaa9f7da27dbac4c8d2e821 /radsecproxy.c
parent7edfd6440a5008fd70e1d95c9b4379e427b1d012 (diff)
simplified ssl_init
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@48 e88ac4ed-0b26-0410-9574-a7f39faa03bf
Diffstat (limited to 'radsecproxy.c')
-rw-r--r--radsecproxy.c20
1 files changed, 9 insertions, 11 deletions
diff --git a/radsecproxy.c b/radsecproxy.c
index d3e8d46..73e5035 100644
--- a/radsecproxy.c
+++ b/radsecproxy.c
@@ -159,17 +159,15 @@ SSL_CTX *ssl_init() {
}
ctx = SSL_CTX_new(TLSv1_method());
- if (!SSL_CTX_use_certificate_chain_file(ctx, options.tlscertificatefile) ||
- !SSL_CTX_use_PrivateKey_file(ctx, options.tlscertificatekeyfile, SSL_FILETYPE_PEM) ||
- !SSL_CTX_check_private_key(ctx))
- goto errexit;
- if (!SSL_CTX_load_verify_locations(ctx, options.tlscacertificatefile, options.tlscacertificatepath))
- goto errexit;
- SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_cb);
- SSL_CTX_set_verify_depth(ctx, MAX_CERT_DEPTH + 1);
- return ctx;
-
- errexit:
+ if (SSL_CTX_use_certificate_chain_file(ctx, options.tlscertificatefile) &&
+ SSL_CTX_use_PrivateKey_file(ctx, options.tlscertificatekeyfile, SSL_FILETYPE_PEM) &&
+ SSL_CTX_check_private_key(ctx) &&
+ SSL_CTX_load_verify_locations(ctx, options.tlscacertificatefile, options.tlscacertificatepath)) {
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_cb);
+ SSL_CTX_set_verify_depth(ctx, MAX_CERT_DEPTH + 1);
+ return ctx;
+ }
+
while ((error = ERR_get_error()))
err("SSL: %s", ERR_error_string(error, NULL));
exit(1);
generated by cgit v1.1 at 2024-12-28 14:13:18 +0000