aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJay Satiro <raysatiro@yahoo.com>2015-04-02 01:51:07 -0400
committerDaniel Stenberg <daniel@haxx.se>2015-04-02 17:18:42 +0200
commit0b5efa57ad7118735659542c11e725666447bf5f (patch)
tree03e72af6d9afcdc6385d059372749a9536cadce9
parent21e82bd635124881a4a2ac08b3b9b28efe98afee (diff)
cyassl: Fix certificate load check
SSL_CTX_load_verify_locations can return negative values on fail, therefore to check for failure we check if load is != 1 (success) instead of if load is == 0 (failure), the latter being incorrect given that behavior.
-rw-r--r--lib/vtls/cyassl.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 583930cf4..ba4ef2f3b 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -140,9 +140,9 @@ cyassl_connect_step1(struct connectdata *conn,
#ifndef NO_FILESYSTEM
/* load trusted cacert */
if(data->set.str[STRING_SSL_CAFILE]) {
- if(!SSL_CTX_load_verify_locations(conssl->ctx,
- data->set.str[STRING_SSL_CAFILE],
- data->set.str[STRING_SSL_CAPATH])) {
+ if(1 != SSL_CTX_load_verify_locations(conssl->ctx,
+ data->set.str[STRING_SSL_CAFILE],
+ data->set.str[STRING_SSL_CAPATH])) {
if(data->set.ssl.verifypeer) {
/* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:\n"