diff options
| author | 2025-11-02 18:31:07 +0000 | |
|---|---|---|
| committer | 2025-11-02 21:28:32 +0000 | |
| commit | a3bd16f3f3c5ff5f5669fc247221ae883ae6e213 (patch) | |
| tree | f4801538df342ff41e6b423a24ed271a2d372653 /src/modules | |
| parent | Remove a long-obsolete workaround from ssl_openssl. (diff) | |
Allow not setting the CA file in ssl_openssl.
This matches the behaviour of ssl_gnutls.
Diffstat (limited to 'src/modules')
| -rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 67c334efd..bbdb426f5 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -467,11 +467,14 @@ namespace OpenSSL } // Load the CAs we trust - filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("cafile", "ca.pem", 1)); - if ((!ctx.SetCA(filename)) || (!clientctx.SetCA(filename))) + filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("cafile", "ca.pem")); + if (!filename.empty()) { - ERR_print_errors_cb(error_callback, this); - ServerInstance->Logs.Normal(MODNAME, "Can't read CA list from {}. This is only a problem if you want to verify client certificates, otherwise it's safe to ignore this message. Error: {}", filename, lasterr); + if (!ctx.SetCA(filename) || !clientctx.SetCA(filename)) + { + ERR_print_errors_cb(error_callback, this); + ServerInstance->Logs.Normal(MODNAME, "Can't read CA list from {}. This is only a problem if you want to verify client certificates, otherwise it's safe to ignore this message. Error: {}", filename, lasterr); + } } // Load the CRLs. |
