summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2017-11-04 14:08:41 -0400
committerGlenn Strauss <gstrauss@gluelogic.com>2017-11-04 17:01:01 -0400
commit35ecd4dd9d3cd6a6437ae9f6bbd0fd135c614227 (patch)
tree2ebc0832118eba8f3e0f0e46e941022b81fa0d74
parentda6b2dc1b6d1f1f975b0475d44b53dcbe8fcb0e6 (diff)
downloadlighttpd1.4-35ecd4dd9d3cd6a6437ae9f6bbd0fd135c614227.tar.gz
lighttpd1.4-35ecd4dd9d3cd6a6437ae9f6bbd0fd135c614227.zip
[mod_openssl] more pedantic check of return values
more pedantic check of return values for openssl interfaces (and minor adjustment of whitespace) x-ref: https://redmine.lighttpd.net/issues/2692 https://github.com/lighttpd/lighttpd1.4/pull/62
-rw-r--r--src/mod_openssl.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/mod_openssl.c b/src/mod_openssl.c
index ded68fa2..44ff8922 100644
--- a/src/mod_openssl.c
+++ b/src/mod_openssl.c
@@ -339,7 +339,7 @@ network_ssl_servername_callback (SSL *ssl, int *al, server *srv)
/* first set certificate!
* setting private key checks whether certificate matches it */
- if (!SSL_use_certificate(ssl, hctx->conf.ssl_pemfile_x509)) {
+ if (1 != SSL_use_certificate(ssl, hctx->conf.ssl_pemfile_x509)) {
log_error_write(srv, __FILE__, __LINE__, "ssb:s", "SSL:",
"failed to set certificate for TLS server name",
con->uri.authority,
@@ -347,7 +347,7 @@ network_ssl_servername_callback (SSL *ssl, int *al, server *srv)
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
- if (!SSL_use_PrivateKey(ssl, hctx->conf.ssl_pemfile_pkey)) {
+ if (1 != SSL_use_PrivateKey(ssl, hctx->conf.ssl_pemfile_pkey)) {
log_error_write(srv, __FILE__, __LINE__, "ssb:s", "SSL:",
"failed to set private key for TLS server name",
con->uri.authority,
@@ -942,8 +942,8 @@ SETDEFAULTS_FUNC(mod_openssl_set_defaults)
s->ssl_verifyclient_export_cert = 0;
s->ssl_disable_client_renegotiation = 1;
s->ssl_read_ahead = (0 == i)
- ? 0
- : p->config_storage[0]->ssl_read_ahead;
+ ? 0
+ : p->config_storage[0]->ssl_read_ahead;
if (0 != i) buffer_copy_buffer(s->ssl_ca_crl_file, p->config_storage[0]->ssl_ca_crl_file);
if (0 != i) buffer_copy_buffer(s->ssl_ca_dn_file, p->config_storage[0]->ssl_ca_dn_file);