summaryrefslogtreecommitdiff
path: root/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch')
-rw-r--r--dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch18
1 files changed, 18 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch b/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
new file mode 100644
index 00000000..03e4f599
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
@@ -0,0 +1,18 @@
+https://bugs.gentoo.org/472584
+http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest
+
+fix verification handling in s_client. when loading paths, make sure
+we properly fallback to setting the default paths.
+
+--- a/apps/s_client.c
++++ b/apps/s_client.c
+@@ -899,7 +899,7 @@
+ if (!set_cert_key_stuff(ctx,cert,key))
+ goto end;
+
+- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
++ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) &&
+ (!SSL_CTX_set_default_verify_paths(ctx)))
+ {
+ /* BIO_printf(bio_err,"error setting default verify locations\n"); */
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-20 12:53:28 +0000