[openssl-dev] [Bug] apps: -CApath does not fail for non-directories (on Linux)
Steffen Nurpmeso
steffen at sdaoden.eu
Wed Mar 1 16:46:40 UTC 2017
Sorry for the late reply, this really is a slow machine (and
i cleanup again completely anything once it is installed, _and_
the tests compile a long time even if not run)..
"Salz, Rich" <rsalz at akamai.com> wrote:
|> I am sorry, but i have no github account. Maybe it is possible to \
|> have some
|> @bug address which creates issues automatically?
|
|Nah, too much spam will happen :( Posting to openssl-dev is fine.
Ok, good.
|> ? openssl version
|> OpenSSL 1.0.2k 26 Jan 2017
|> ? /home/steffen/usr/opt/.ssl-1.1.0/bin/openssl version
|> OpenSSL 1.1.0 25 Aug 2016
|
|So this happens on both 1.0.2 and 1.1.0?
|
|Does the following patch fix it for 1.1.0?
No, not that i know. But this -- thanks -- lead me to the
following, which is the KISS that you want?
Ciao!
diff --git a/apps/apps.c b/apps/apps.c
index 216bc797d..3afbbaef2 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1221,7 +1221,8 @@ X509_STORE *setup_verify(const char *CAfile, const char *CApath, int noCAfile, i
if (lookup == NULL)
goto end;
if (CApath) {
- if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) {
+ if (!app_isdir(CApath) ||
+ !X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) {
BIO_printf(bio_err, "Error loading directory %s\n", CApath);
goto end;
}
--steffen
More information about the openssl-dev
mailing list