4822l1

Listing 1. initialize_ctx()

42  SSL_CTX *initialize_ctx(keyfile,password)
43    char *keyfile;
44    char *password;
45    {
46      SSL_METHOD *meth;
47      SSL_CTX *ctx;
48
49      if(!bio_err){
50        /* Global system initialization*/
51        SSL_library_init();
52        SSL_load_error_strings();
53
54        /* An error write context */
55        bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
56      }
57
58      /* Set up a SIGPIPE handler */
59      signal(SIGPIPE,sigpipe_handle);
60
61      /* Create our context*/
62      meth=SSLv23_method();
63      ctx=SSL_CTX_new(meth);
64
65      /* Load our keys and certificates*/
66      if(!(SSL_CTX_use_certificate_chain_file(ctx,
67        keyfile)))
68        berr_exit("Can't read certificate file");
69
70      pass=password;
71      SSL_CTX_set_default_passwd_cb(ctx,
72        password_cb);
73      if(!(SSL_CTX_use_PrivateKey_file(ctx,
74        keyfile,SSL_FILETYPE_PEM)))
75        berr_exit("Can't read key file");
76
77      /* Load the CAs we trust*/
78      if(!(SSL_CTX_load_verify_locations(ctx,
79        CA_LIST,0)))
80        berr_exit("Ca't read CA list");
81  #if (OPENSSL_VERSION_NUMBER < 0x0090600fL)
82      SSL_CTX_set_verify_depth(ctx,1);
83  #endif
84
85      return ctx;
86    }