test existence of cert.pem (problem seems common, Paul and me already
authorColin Leroy <colin@colino.net>
Mon, 9 Dec 2002 11:11:59 +0000 (11:11 +0000)
committerColin Leroy <colin@colino.net>
Mon, 9 Dec 2002 11:11:59 +0000 (11:11 +0000)
had it)

ChangeLog.claws
configure.in
src/common/ssl.c

index adb8a7d..43c80ac 100644 (file)
@@ -1,3 +1,9 @@
+2002-12-09 [colin]     0.8.6claws86
+
+       * src/ssl.c
+               Try to open the cert.pem database and 
+               issue a warning if it isn't there
+
 2002-12-09 [colin]     0.8.6claws85
 
        * src/common/ssl_certificate.c
index e3e485d..3de924d 100644 (file)
@@ -11,7 +11,7 @@ MINOR_VERSION=8
 MICRO_VERSION=6
 INTERFACE_AGE=0
 BINARY_AGE=0
-EXTRA_VERSION=claws85
+EXTRA_VERSION=claws86
 VERSION=$MAJOR_VERSION.$MINOR_VERSION.$MICRO_VERSION$EXTRA_VERSION
 
 dnl set $target
index f491a35..b8c401e 100644 (file)
@@ -38,6 +38,7 @@ static SSL_CTX *ssl_ctx;
 void ssl_init(void)
 {
        SSL_METHOD *meth;
+       FILE *cert_test;
 
        /* Global system initialization*/
        SSL_library_init();
@@ -49,6 +50,16 @@ void ssl_init(void)
 
        /* Set default certificate paths */
        SSL_CTX_set_default_verify_paths(ssl_ctx);
+       
+       /* this problem seems quite common */
+       cert_test = fopen (X509_get_default_cert_file(), "r");
+       if (cert_test != NULL)
+               fclose(cert_test);
+       else {
+               printf("ssl_init: warning, can't open %s\n", X509_get_default_cert_file());
+               printf("ssl_init: it means that certificates' signatures won't appear as Correct,\n");
+               printf("ssl_init: even if they should. Check your openssl install.\n");
+       }
 #if (OPENSSL_VERSION_NUMBER < 0x0090600fL)
        SSL_CTX_set_verify_depth(ctx,1);
 #endif