diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2015-04-02 01:51:07 -0400 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2015-04-02 17:18:42 +0200 |
commit | 0b5efa57ad7118735659542c11e725666447bf5f (patch) | |
tree | 03e72af6d9afcdc6385d059372749a9536cadce9 /lib | |
parent | 21e82bd635124881a4a2ac08b3b9b28efe98afee (diff) |
cyassl: Fix certificate load check
SSL_CTX_load_verify_locations can return negative values on fail,
therefore to check for failure we check if load is != 1 (success)
instead of if load is == 0 (failure), the latter being incorrect given
that behavior.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/vtls/cyassl.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index 583930cf4..ba4ef2f3b 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -140,9 +140,9 @@ cyassl_connect_step1(struct connectdata *conn, #ifndef NO_FILESYSTEM /* load trusted cacert */ if(data->set.str[STRING_SSL_CAFILE]) { - if(!SSL_CTX_load_verify_locations(conssl->ctx, - data->set.str[STRING_SSL_CAFILE], - data->set.str[STRING_SSL_CAPATH])) { + if(1 != SSL_CTX_load_verify_locations(conssl->ctx, + data->set.str[STRING_SSL_CAFILE], + data->set.str[STRING_SSL_CAPATH])) { if(data->set.ssl.verifypeer) { /* Fail if we insist on successfully verifying the server. */ failf(data, "error setting certificate verify locations:\n" |