diff options
| author | bcook <> | 2016-07-07 13:25:37 +0000 |
|---|---|---|
| committer | bcook <> | 2016-07-07 13:25:37 +0000 |
| commit | 73283ebee852e1dff85c7bf61a66fcacb7eb122b (patch) | |
| tree | 8c7dfab87670933d4b580a0c540f78266a6ce89d | |
| parent | 9a1046e8a72fa228b49bc30529ec555f864b0b42 (diff) | |
| download | openbsd-73283ebee852e1dff85c7bf61a66fcacb7eb122b.tar.gz openbsd-73283ebee852e1dff85c7bf61a66fcacb7eb122b.tar.bz2 openbsd-73283ebee852e1dff85c7bf61a66fcacb7eb122b.zip | |
add ca cert error check and make the path configurable
from Kinichiro Inoguchi
| -rw-r--r-- | src/regress/lib/libcrypto/ocsp/ocsp_test.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/regress/lib/libcrypto/ocsp/ocsp_test.c b/src/regress/lib/libcrypto/ocsp/ocsp_test.c index 88675364cf..44a5f1b009 100644 --- a/src/regress/lib/libcrypto/ocsp/ocsp_test.c +++ b/src/regress/lib/libcrypto/ocsp/ocsp_test.c | |||
| @@ -47,6 +47,11 @@ int main(int argc, char *argv[]) { | |||
| 47 | X509_STORE *st = NULL; | 47 | X509_STORE *st = NULL; |
| 48 | STACK_OF(X509) *ch = NULL; | 48 | STACK_OF(X509) *ch = NULL; |
| 49 | char *host, *port; | 49 | char *host, *port; |
| 50 | #ifdef _PATH_SSL_CA_FILE | ||
| 51 | char *cafile = _PATH_SSL_CA_FILE; | ||
| 52 | #else | ||
| 53 | char *cafile = "/etc/ssl/cert.pem"; | ||
| 54 | #endif | ||
| 50 | 55 | ||
| 51 | SSL *ssl; | 56 | SSL *ssl; |
| 52 | SSL_CTX *ctx; | 57 | SSL_CTX *ctx; |
| @@ -56,7 +61,10 @@ int main(int argc, char *argv[]) { | |||
| 56 | 61 | ||
| 57 | ctx = SSL_CTX_new(SSLv23_client_method()); | 62 | ctx = SSL_CTX_new(SSLv23_client_method()); |
| 58 | 63 | ||
| 59 | SSL_CTX_load_verify_locations(ctx, "/etc/ssl/cert.pem", NULL); | 64 | if (!SSL_CTX_load_verify_locations(ctx, cafile, NULL)) { |
| 65 | printf("failed to load %s\n", cafile); | ||
| 66 | exit(-1); | ||
| 67 | } | ||
| 60 | 68 | ||
| 61 | if (argc != 3) | 69 | if (argc != 3) |
| 62 | errx(-1, "need a host and port to connect to"); | 70 | errx(-1, "need a host and port to connect to"); |