aboutsummaryrefslogtreecommitdiff
path: root/ssl.c
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2006-06-29 19:33:09 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2006-06-29 19:33:09 +0000
commitfaffc76117c20a99b842df9403176d86b4758399 (patch)
tree63e35a6e77a57a6ddd294ee6b25e8f0e958a8ee9 /ssl.c
parentAdded two new management states: (diff)
downloadopenvpn-faffc76117c20a99b842df9403176d86b4758399.tar.xz
pkcs11 changes:
-r 1046:1053 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 1. Modified ssl.c to not FATAL and return to init.c so auth-retry will work. 2. Modifed pkcs11-helper.c to fix some problem with multiple providers. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1070 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'ssl.c')
-rw-r--r--ssl.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/ssl.c b/ssl.c
index 2aa6e4a..c7f1e73 100644
--- a/ssl.c
+++ b/ssl.c
@@ -1143,12 +1143,15 @@ init_ssl (const struct options *options)
#ifdef ENABLE_PKCS11
if (options->pkcs11_providers[0])
- {
- /* Load Certificate and Private Key */
- if (!SSL_CTX_use_pkcs11 (ctx, options->pkcs11_slot_type, options->pkcs11_slot, options->pkcs11_id_type, options->pkcs11_id))
- msg (M_SSLERR, "Cannot load certificate \"%s:%s\" from slot \"%s:%s\" using PKCS#11 interface",
+ {
+ /* Load Certificate and Private Key */
+ if (!SSL_CTX_use_pkcs11 (ctx, options->pkcs11_slot_type, options->pkcs11_slot, options->pkcs11_id_type, options->pkcs11_id))
+ {
+ msg (M_WARN, "Cannot load certificate \"%s:%s\" from slot \"%s:%s\" using PKCS#11 interface",
options->pkcs11_id_type, options->pkcs11_id, options->pkcs11_slot_type, options->pkcs11_slot);
- }
+ goto err;
+ }
+ }
else
#endif