diff options
Diffstat (limited to 'src/interfaces/libpq/fe-secure.c')
| -rw-r--r-- | src/interfaces/libpq/fe-secure.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 460b38c77d4..b4022d778bb 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.89 2006/10/06 17:14:01 petere Exp $ + * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.89.2.1 2009/01/28 15:06:55 mha Exp $ * * NOTES * [ Most of these notes are wrong/obsolete, but perhaps not all ] @@ -656,7 +656,7 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) fclose(fp); /* verify that the cert and key go together */ - if (!X509_check_private_key(*x509, *pkey)) + if (X509_check_private_key(*x509, *pkey) != 1) { char *err = SSLerrmessage(); @@ -783,7 +783,7 @@ initialize_SSL(PGconn *conn) { X509_STORE *cvstore; - if (!SSL_CTX_load_verify_locations(SSL_context, fnbuf, NULL)) + if (SSL_CTX_load_verify_locations(SSL_context, fnbuf, NULL) != 1) { char *err = SSLerrmessage(); @@ -797,7 +797,7 @@ initialize_SSL(PGconn *conn) if ((cvstore = SSL_CTX_get_cert_store(SSL_context)) != NULL) { /* setting the flags to check against the complete CRL chain */ - if (X509_STORE_load_locations(cvstore, ROOT_CRL_FILE, NULL) != 0) + if (X509_STORE_load_locations(cvstore, ROOT_CRL_FILE, NULL) == 1) /* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */ #ifdef X509_V_FLAG_CRL_CHECK X509_STORE_set_flags(cvstore, |