X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fstream-ssl.c;h=22d4c99aeb223ad3d4cb1cd0dbae595a4a20d524;hb=05e547e7ee479fa2c3ca5bc9d2eb57bc8a07bdb8;hp=4d7c7c4dd15395dfe214091403be9555667e4587;hpb=932df1237b64fcb80c23acb2177bfe659654220a;p=sliver-openvswitch.git

diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index 4d7c7c4dd..22d4c99ae 100644
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -413,6 +413,7 @@ do_ca_cert_bootstrap(struct stream *stream)
     if (!cert) {
         out_of_memory();
     }
+    SSL_CTX_set_cert_store(ctx, X509_STORE_new());
     if (SSL_CTX_load_verify_locations(ctx, ca_cert.file_name, NULL) != 1) {
         VLOG_ERR("SSL_CTX_load_verify_locations: %s",
                  ERR_error_string(ERR_get_error(), NULL));
@@ -751,7 +752,7 @@ ssl_wait(struct stream *stream, enum stream_wait_type wait)
     }
 }
 
-struct stream_class ssl_stream_class = {
+const struct stream_class ssl_stream_class = {
     "ssl",                      /* name */
     ssl_open,                   /* open */
     ssl_close,                  /* close */
@@ -771,7 +772,7 @@ struct pssl_pstream
     int fd;
 };
 
-struct pstream_class pssl_pstream_class;
+const struct pstream_class pssl_pstream_class;
 
 static struct pssl_pstream *
 pssl_pstream_cast(struct pstream *pstream)
@@ -856,7 +857,7 @@ pssl_wait(struct pstream *pstream)
     poll_fd_wait(pssl->fd, POLLIN);
 }
 
-struct pstream_class pssl_pstream_class = {
+const struct pstream_class pssl_pstream_class = {
     "pssl",
     pssl_open,
     pssl_close,
@@ -1215,6 +1216,7 @@ stream_ssl_set_ca_cert_file__(const char *file_name,
 
         /* Set up CAs for OpenSSL to trust in verifying the peer's
          * certificate. */
+        SSL_CTX_set_cert_store(ctx, X509_STORE_new());
         if (SSL_CTX_load_verify_locations(ctx, file_name, NULL) != 1) {
             VLOG_ERR("SSL_CTX_load_verify_locations: %s",
                      ERR_error_string(ERR_get_error(), NULL));