aboutsummaryrefslogtreecommitdiffstats
path: root/apps/s_client.c
diff options
context:
space:
mode:
Diffstat (limited to 'apps/s_client.c')
-rw-r--r--apps/s_client.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/apps/s_client.c b/apps/s_client.c
index ef41cec1aa19..28737b6d1e6b 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -323,6 +323,8 @@ static void sc_usage(void)
BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
BIO_printf(bio_err,
+ " -no_alt_chains - only ever use the first certificate chain found\n");
+ BIO_printf(bio_err,
" -reconnect - Drop and re-make the connection with the same Session-ID\n");
BIO_printf(bio_err,
" -pause - sleep(1) after each read(2) and write(2) system call\n");
@@ -547,7 +549,7 @@ static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
PW_CB_DATA cb_tmp;
int l;
- if(!pass) {
+ if (!pass) {
BIO_printf(bio_err, "Malloc failure\n");
return NULL;
}
@@ -1177,13 +1179,12 @@ int MAIN(int argc, char **argv)
if (!set_cert_key_stuff(ctx, cert, key))
goto end;
- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(ctx))) {
- /*
- * BIO_printf(bio_err,"error setting default verify locations\n");
- */
+ if ((CAfile || CApath)
+ && !SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) {
+ ERR_print_errors(bio_err);
+ }
+ if (!SSL_CTX_set_default_verify_paths(ctx)) {
ERR_print_errors(bio_err);
- /* goto end; */
}
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL) {