aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2001-09-19 21:49:11 +0000
committerDaniel Stenberg <daniel@haxx.se>2001-09-19 21:49:11 +0000
commit645413f5ef041ea796c957be58e992e41377420f (patch)
tree993f10f4ed36f1cca0c24f3f5667527b62d085a7 /lib
parent5becdc38b3e17e18b9fcbcb598722217cd3c53cd (diff)
Lots of praise and glory to Vojtech Minarik for setting up a test server
and providing me with test-certificates that helped me nail the problem with curl not discovering with a bad certificate was used.
Diffstat (limited to 'lib')
-rw-r--r--lib/ssluse.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c
index 6636a9b0f..7dfdef621 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -200,7 +200,7 @@ int cert_stuff(struct connectdata *conn,
if (SSL_CTX_use_certificate_file(conn->ssl.ctx,
cert_file,
- SSL_FILETYPE_PEM) <= 0) {
+ SSL_FILETYPE_PEM) != 1) {
failf(data, "unable to set certificate file (wrong password?)\n");
return(0);
}
@@ -209,7 +209,7 @@ int cert_stuff(struct connectdata *conn,
if (SSL_CTX_use_PrivateKey_file(conn->ssl.ctx,
key_file,
- SSL_FILETYPE_PEM) <= 0) {
+ SSL_FILETYPE_PEM) != 1) {
failf(data, "unable to set public key file\n");
return(0);
}
@@ -612,7 +612,10 @@ Curl_SSLConnect(struct connectdata *conn)
SSL_set_fd (conn->ssl.handle, conn->firstsocket);
err = SSL_connect (conn->ssl.handle);
- if (-1 == err) {
+ /* 1 is fine
+ 0 is "not successful but was shut down controlled"
+ <0 is "handshake was not successful, because a fatal error occurred" */
+ if (err <= 0) {
err = ERR_get_error();
failf(data, "SSL: %s", ERR_error_string(err, NULL));
return CURLE_SSL_CONNECT_ERROR;