From ee6b5e0a9150eb4ea13490d6accedcc506aeb38b Mon Sep 17 00:00:00 2001 From: "Alfred E. Heggestad" Date: Tue, 16 Oct 2018 08:51:32 +0200 Subject: [PATCH] tls: rename input argument to tls_add_ca (#158) --- include/re_tls.h | 2 +- src/tls/openssl/tls.c | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/re_tls.h b/include/re_tls.h index 050e049..05b3c93 100644 --- a/include/re_tls.h +++ b/include/re_tls.h @@ -32,7 +32,7 @@ enum tls_keytype { int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile, const char *pwd); -int tls_add_ca(struct tls *tls, const char *capath); +int tls_add_ca(struct tls *tls, const char *cafile); int tls_set_selfsigned(struct tls *tls, const char *cn); int tls_set_certificate_pem(struct tls *tls, const char *cert, size_t len_cert, const char *key, size_t len_key); diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c index 07ab0ec..d84e65f 100644 --- a/src/tls/openssl/tls.c +++ b/src/tls/openssl/tls.c @@ -208,18 +208,18 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile, * Set default locations for trusted CA certificates * * @param tls TLS Context - * @param capath Path to CA certificates + * @param cafile PEM file with CA certificates * * @return 0 if success, otherwise errorcode */ -int tls_add_ca(struct tls *tls, const char *capath) +int tls_add_ca(struct tls *tls, const char *cafile) { - if (!tls || !capath) + if (!tls || !cafile) return EINVAL; /* Load the CAs we trust */ - if (!(SSL_CTX_load_verify_locations(tls->ctx, capath, 0))) { - DEBUG_WARNING("Can't read CA list: %s\n", capath); + if (!(SSL_CTX_load_verify_locations(tls->ctx, cafile, NULL))) { + DEBUG_WARNING("Can't read CA file: %s\n", cafile); ERR_clear_error(); return EINVAL; }