diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-23 15:39:17 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-23 15:39:17 +0000 |
| commit | 030ba53485e9b8a2793e1f1c9c8f62f8b8987e95 (patch) | |
| tree | 7095537f72ba58e5852eb4bfaa10cec82044db91 | |
| parent | 564631637bcd238b4c9aad5496aa9e049f948dd9 (diff) | |
| download | s6-networking-030ba53485e9b8a2793e1f1c9c8f62f8b8987e95.tar.xz | |
stls client: prefer CAFILE, warn on CADIR use, because libtls is broken
| -rw-r--r-- | src/stls/stls_client_init_and_handshake.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/src/stls/stls_client_init_and_handshake.c b/src/stls/stls_client_init_and_handshake.c index f0cc5be..fdea482 100644 --- a/src/stls/stls_client_init_and_handshake.c +++ b/src/stls/stls_client_init_and_handshake.c @@ -37,19 +37,20 @@ struct tls *stls_client_init_and_handshake (int const *fds, uint32_t preoptions, stls_drop() ; - x = getenv("CADIR") ; + x = getenv("CAFILE") ; if (x) { - if (tls_config_set_ca_path(cfg, x) < 0) - diecfg(cfg, "tls_config_set_ca_path") ; + if (tls_config_set_ca_file(cfg, x) < 0) + diecfg(cfg, "tls_config_set_ca_file") ; } else { - x = getenv("CAFILE") ; + x = getenv("CADIR") ; if (x) { - if (tls_config_set_ca_file(cfg, x) < 0) - diecfg(cfg, "tls_config_set_ca_file") ; + if (tls_config_set_ca_path(cfg, x) < 0) + diecfg(cfg, "tls_config_set_ca_path") ; + strerr_warnw1x("some versions of libtls do not work with CADIR, try using CAFILE instead") ; } else strerr_diefu1x(100, "get trust anchor list: neither CADIR nor CAFILE is set") ; } |