stream-ssl: Avoid logging no-match error redundantly.

If we've already reported an error at this point, then we currently report
a no-match error also, but that doesn't add any useful information; it's
just noise in the log.

Signed-off-by: Ben Pfaff <blp@nicira.com>

diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index b9b3410..db7b68e 100644 (file)
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -230,7 +230,7 @@ new_ssl_stream(const char *name, int fd, enum session_type type,
         VLOG_ERR("CA certificate must be configured to use SSL");
         retval = ENOPROTOOPT;
     }
-    if (!SSL_CTX_check_private_key(ctx)) {
+    if (!retval && !SSL_CTX_check_private_key(ctx)) {
         VLOG_ERR("Private key does not match certificate public key: %s",
                  ERR_error_string(ERR_get_error(), NULL));
         retval = ENOPROTOOPT;