summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
inline | side by side (from parent 1:
0942c1f)
If initialising the server context fails, but the client one succeeds,
we will not only leak memory, but the error message reported for
initialising the server context might not make sense, because we
initialise the client context after and that could erase or change the
list of queued errors.
This scenario is considered rare. Nevertheless, we now initialise the
client context after *successfully* initialising the server context.
cipher_list = librb_ciphers;
#ifdef LRB_HAVE_TLS_METHOD_API
cipher_list = librb_ciphers;
#ifdef LRB_HAVE_TLS_METHOD_API
- ssl_server_ctx_new = SSL_CTX_new(TLS_server_method());
- ssl_client_ctx_new = SSL_CTX_new(TLS_client_method());
+ if((ssl_server_ctx_new = SSL_CTX_new(TLS_server_method())) == NULL)
- ssl_server_ctx_new = SSL_CTX_new(SSLv23_server_method());
- ssl_client_ctx_new = SSL_CTX_new(SSLv23_client_method());
+ if((ssl_server_ctx_new = SSL_CTX_new(SSLv23_server_method())) == NULL)
-
- if(ssl_server_ctx_new == NULL)
{
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL server context: %s",
get_ssl_error(ERR_get_error()));
return 0;
}
{
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL server context: %s",
get_ssl_error(ERR_get_error()));
return 0;
}
- if(ssl_client_ctx_new == NULL)
+ #ifdef LRB_HAVE_TLS_METHOD_API
+ if((ssl_client_ctx_new = SSL_CTX_new(TLS_client_method())) == NULL)
+ #else
+ if((ssl_client_ctx_new = SSL_CTX_new(SSLv23_client_method())) == NULL)
+ #endif
{
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL client context: %s",
get_ssl_error(ERR_get_error()));
{
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL client context: %s",
get_ssl_error(ERR_get_error()));