René G. Eberhard <[EMAIL PROTECTED]>:
> File: s_server.c
> Version: OpenSSL 0.9.4
> Starting line: 633
> System: VC++ 6 SP3, NT 4 SP5
>
> It should be checked whether 'CAfile' is NULL or not. In debug mode
> I run into a'_ASSERTE(file != NULL);' in VC98\CRT\SRC\FOPEN.C.
> It's not a bug but ugly to use in debug mode.
>
> if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
> (!SSL_CTX_set_default_verify_paths(ctx)))
> {
It is a bug, but not in that line (the functions called from this one
don't try to open the file when given NULL).
diff -u -r1.31 s_server.c
--- s_server.c 1999/09/20 22:09:17 1.31
+++ s_server.c 1999/09/24 08:01:12
@@ -699,7 +699,8 @@
SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context,
sizeof s_server_session_id_context);
- SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
+ if (CAfile != NULL)
+ SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
BIO_printf(bio_s_out,"ACCEPT\n");
if (www)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
