From 3a0e25badfbf285862fd48c3cd02a0eba6478947 Mon Sep 17 00:00:00 2001 From: Filip Kolev Date: Tue, 3 Dec 2024 05:49:44 +0200 Subject: [PATCH] Use separate checks to provide correct error message Combining the checks for SSL_CTX_use_certificate_file() and SSL_CTX_use_PrivateKey_file() leads to the case where if the second function fails we print a message pointing to the first one, which is misleading. Check the function calls separately. --- chap10/https_server.c | 8 ++++++-- chap10/tls_time_server.c | 8 ++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/chap10/https_server.c b/chap10/https_server.c index aea0b7a..d10ccd1 100644 --- a/chap10/https_server.c +++ b/chap10/https_server.c @@ -292,13 +292,17 @@ int main() { } - if (!SSL_CTX_use_certificate_file(ctx, "cert.pem" , SSL_FILETYPE_PEM) - || !SSL_CTX_use_PrivateKey_file(ctx, "key.pem", SSL_FILETYPE_PEM)) { + if (!SSL_CTX_use_certificate_file(ctx, "cert.pem" , SSL_FILETYPE_PEM)) { fprintf(stderr, "SSL_CTX_use_certificate_file() failed.\n"); ERR_print_errors_fp(stderr); return 1; } + if (!SSL_CTX_use_PrivateKey_file(ctx, "key.pem", SSL_FILETYPE_PEM)) { + fprintf(stderr, "SSL_CTX_use_PrivateKey_file() failed.\n"); + ERR_print_errors_fp(stderr); + return 1; + } SOCKET server = create_socket(0, "8080"); diff --git a/chap10/tls_time_server.c b/chap10/tls_time_server.c index bf88124..72d608f 100644 --- a/chap10/tls_time_server.c +++ b/chap10/tls_time_server.c @@ -46,13 +46,17 @@ int main() { } - if (!SSL_CTX_use_certificate_file(ctx, "cert.pem" , SSL_FILETYPE_PEM) - || !SSL_CTX_use_PrivateKey_file(ctx, "key.pem", SSL_FILETYPE_PEM)) { + if (!SSL_CTX_use_certificate_file(ctx, "cert.pem" , SSL_FILETYPE_PEM)) { fprintf(stderr, "SSL_CTX_use_certificate_file() failed.\n"); ERR_print_errors_fp(stderr); return 1; } + if (!SSL_CTX_use_PrivateKey_file(ctx, "key.pem", SSL_FILETYPE_PEM)) { + fprintf(stderr, "SSL_CTX_use_PrivateKey_file() failed.\n"); + ERR_print_errors_fp(stderr); + return 1; + } printf("Configuring local address...\n");