Michael H. Warfield <mhw(_at_)wittsend(_dot_)com>:
I've been working with another individual,
<beldridg(_at_)best(_dot_)com>, to
try and track down why he could not get SSL Client Side certs to work
(gee, they've always worked for me :-) ) and just found the reason.
In driver.c the call to SSLOpen has the order of the cert and key
files backwards from the function itself in socket.c. I can't believe
that I actually did that or that it's been in there for sooo long (three
years?) without anyone noticing. :-/
Net result was that if you were using a combined cert and key
in a single file, it would work. If you had a separate key and cert,
it would fail (unless you specified them backwards. :-) ).
One line patch is attached below...
Eric: Please apply. Sorry about that.
Done. I'll probably ship 5.9.1 today.
--
<a href="http://www.tuxedo.org/~esr/">Eric S. Raymond</a>
"Those who make peaceful revolution impossible
will make violent revolution inevitable."
-- John F. Kennedy