Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.

PR: 376
This commit is contained in:
Richard Levitte 2002-12-05 01:20:53 +00:00
parent e5040378df
commit 3124dd9c13

View file

@ -100,18 +100,19 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
case X509_L_FILE_LOAD:
if (argl == X509_FILETYPE_DEFAULT)
{
ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(),
X509_FILETYPE_PEM) != 0);
file = (char *)Getenv(X509_get_default_cert_file_env());
if (file)
ok = (X509_load_cert_crl_file(ctx,file,
X509_FILETYPE_PEM) != 0);
if (!ok)
ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(),
X509_FILETYPE_PEM) != 0);
if (!ok)
{
X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
}
else
{
file=(char *)Getenv(X509_get_default_cert_file_env());
ok = (X509_load_cert_crl_file(ctx,file,
X509_FILETYPE_PEM) != 0);
}
}
else
{