aboutsummaryrefslogtreecommitdiffstats
path: root/src/modules
diff options
context:
space:
mode:
authorGravatar Sadie Powell2025-11-02 18:31:07 +0000
committerGravatar Sadie Powell2025-11-02 21:28:32 +0000
commita3bd16f3f3c5ff5f5669fc247221ae883ae6e213 (patch)
treef4801538df342ff41e6b423a24ed271a2d372653 /src/modules
parentRemove a long-obsolete workaround from ssl_openssl. (diff)
Allow not setting the CA file in ssl_openssl.
This matches the behaviour of ssl_gnutls.
Diffstat (limited to 'src/modules')
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp11
1 files changed, 7 insertions, 4 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 67c334efd..bbdb426f5 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -467,11 +467,14 @@ namespace OpenSSL
}
// Load the CAs we trust
- filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("cafile", "ca.pem", 1));
- if ((!ctx.SetCA(filename)) || (!clientctx.SetCA(filename)))
+ filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("cafile", "ca.pem"));
+ if (!filename.empty())
{
- ERR_print_errors_cb(error_callback, this);
- ServerInstance->Logs.Normal(MODNAME, "Can't read CA list from {}. This is only a problem if you want to verify client certificates, otherwise it's safe to ignore this message. Error: {}", filename, lasterr);
+ if (!ctx.SetCA(filename) || !clientctx.SetCA(filename))
+ {
+ ERR_print_errors_cb(error_callback, this);
+ ServerInstance->Logs.Normal(MODNAME, "Can't read CA list from {}. This is only a problem if you want to verify client certificates, otherwise it's safe to ignore this message. Error: {}", filename, lasterr);
+ }
}
// Load the CRLs.