diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2011-06-29 15:45:44 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-10-19 22:31:46 +0200 |
commit | df904551cde7534e3f58809cb810164749fbbc28 (patch) | |
tree | 0f0204f13588b7ece1698e4d5d870dfe61b6499a | |
parent | 6245178696842fb22f2c53d87184236fd471a334 (diff) | |
download | openvpn-df904551cde7534e3f58809cb810164749fbbc28.tar.gz openvpn-df904551cde7534e3f58809cb810164749fbbc28.tar.xz openvpn-df904551cde7534e3f58809cb810164749fbbc28.zip |
Refactored new external key code
- To make patch application easier in the future
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
-rw-r--r-- | ssl.c | 13 |
1 files changed, 6 insertions, 7 deletions
@@ -2022,7 +2022,6 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) DH *dh; BIO *bio; bool using_cert_file = false; - X509 *my_cert = NULL; ASSERT(NULL != new_ctx); @@ -2181,6 +2180,8 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) else #endif { + X509 *my_cert = NULL; + /* Load Certificate */ if (options->cert_file) { @@ -2209,6 +2210,8 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) ASSERT (my_cert); if (!use_external_private_key(ctx, my_cert)) msg (M_SSLERR, "Cannot enable SSL external private key capability"); + if (my_cert) + X509_free(my_cert); } else #endif @@ -2371,17 +2374,13 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) msg (M_SSLERR, "Problem with cipher list: %s", options->cipher_list); } - done: tls_clear_error (); - - if (my_cert) - X509_free(my_cert); - return; err: + tls_clear_error (); tls_ctx_free (new_ctx); - goto done; + return; } /* |