If we've already reported an error at this point, then we currently report a no-match error also, but that doesn't add any useful information; it's just noise in the log.
Signed-off-by: Ben Pfaff <[email protected]> --- lib/stream-ssl.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c index a5bed3f..c97e83c 100644 --- a/lib/stream-ssl.c +++ b/lib/stream-ssl.c @@ -230,7 +230,7 @@ new_ssl_stream(const char *name, int fd, enum session_type type, VLOG_ERR("CA certificate must be configured to use SSL"); retval = ENOPROTOOPT; } - if (!SSL_CTX_check_private_key(ctx)) { + if (!retval && !SSL_CTX_check_private_key(ctx)) { VLOG_ERR("Private key does not match certificate public key: %s", ERR_error_string(ERR_get_error(), NULL)); retval = ENOPROTOOPT; -- 1.7.2.5 _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
