diff options
-rw-r--r-- | vchat-connection.c | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/vchat-connection.c b/vchat-connection.c index e3d79e9..6b38168 100644 --- a/vchat-connection.c +++ b/vchat-connection.c | |||
@@ -83,7 +83,7 @@ vc_connect (const char *server, const char *port) | |||
83 | vc_x509store_t *vc_store; | 83 | vc_x509store_t *vc_store; |
84 | 84 | ||
85 | /* pointer to tilde-expanded certificate/keyfile-names */ | 85 | /* pointer to tilde-expanded certificate/keyfile-names */ |
86 | char *certfile = NULL; | 86 | char *certfile, *cafile; |
87 | 87 | ||
88 | /* Connect to the server */ | 88 | /* Connect to the server */ |
89 | serverfd = connect_tcp_socket( server, port ); | 89 | serverfd = connect_tcp_socket( server, port ); |
@@ -123,16 +123,15 @@ vc_connect (const char *server, const char *port) | |||
123 | free(certfile); | 123 | free(certfile); |
124 | } | 124 | } |
125 | 125 | ||
126 | if (getintoption(CF_VERIFYSSL)) { | 126 | vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER); |
127 | /* get name of key file */ | 127 | |
128 | char *cafile = get_tilde_expanded (CF_CAFILE); | 128 | /* get name of ca file */ |
129 | if (cafile) { | 129 | cafile = get_tilde_expanded (CF_CAFILE); |
130 | vc_x509store_setflags(vc_store, VC_X509S_NODEF_CAFILE); | 130 | if (cafile && !access(cafile, F_OK)) { |
131 | vc_x509store_setcafile(vc_store, cafile); | 131 | vc_x509store_setflags(vc_store, VC_X509S_NODEF_CAFILE); |
132 | } | 132 | vc_x509store_setcafile(vc_store, cafile); |
133 | vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER); | ||
134 | free(cafile); | ||
135 | } | 133 | } |
134 | free(cafile); | ||
136 | 135 | ||
137 | /* upgrade our plain BIO to ssl */ | 136 | /* upgrade our plain BIO to ssl */ |
138 | int result = vc_tls_connect( serverfd, vc_store ); | 137 | int result = vc_tls_connect( serverfd, vc_store ); |