cfec1a
diff -up openssl-1.0.2c/apps/s_server.c.default-paths openssl-1.0.2c/apps/s_server.c
cfec1a
--- openssl-1.0.2c/apps/s_server.c.default-paths	2015-06-12 16:51:21.000000000 +0200
cfec1a
+++ openssl-1.0.2c/apps/s_server.c	2015-06-15 17:24:17.747446515 +0200
cfec1a
@@ -1788,12 +1788,16 @@ int MAIN(int argc, char *argv[])
cfec1a
     }
cfec1a
 #endif
cfec1a
 
cfec1a
-    if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
cfec1a
-        (!SSL_CTX_set_default_verify_paths(ctx))) {
cfec1a
-        /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
cfec1a
-        ERR_print_errors(bio_err);
cfec1a
-        /* goto end; */
cfec1a
+    if (CAfile == NULL && CApath == NULL) {
cfec1a
+        if (!SSL_CTX_set_default_verify_paths(ctx)) {
cfec1a
+            ERR_print_errors(bio_err);
cfec1a
+        }
cfec1a
+    } else {
cfec1a
+        if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) {
cfec1a
+            ERR_print_errors(bio_err);
cfec1a
+        }
cfec1a
     }
cfec1a
+
cfec1a
     if (vpm)
cfec1a
         SSL_CTX_set1_param(ctx, vpm);
cfec1a
 
cfec1a
@@ -1850,8 +1854,10 @@ int MAIN(int argc, char *argv[])
cfec1a
         else
cfec1a
             SSL_CTX_sess_set_cache_size(ctx2, 128);
cfec1a
 
cfec1a
-        if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
cfec1a
-            (!SSL_CTX_set_default_verify_paths(ctx2))) {
cfec1a
+        if (!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) {
cfec1a
+            ERR_print_errors(bio_err);
cfec1a
+        }
cfec1a
+        if (!SSL_CTX_set_default_verify_paths(ctx2)) {
cfec1a
             ERR_print_errors(bio_err);
cfec1a
         }
cfec1a
         if (vpm)
cfec1a
diff -up openssl-1.0.2c/apps/s_time.c.default-paths openssl-1.0.2c/apps/s_time.c
cfec1a
--- openssl-1.0.2c/apps/s_time.c.default-paths	2015-06-12 16:51:21.000000000 +0200
cfec1a
+++ openssl-1.0.2c/apps/s_time.c	2015-06-15 17:24:17.747446515 +0200
cfec1a
@@ -381,13 +381,14 @@ int MAIN(int argc, char **argv)
cfec1a
 
cfec1a
     SSL_load_error_strings();
cfec1a
 
cfec1a
-    if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
cfec1a
-        (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
cfec1a
-        /*
cfec1a
-         * BIO_printf(bio_err,"error setting default verify locations\n");
cfec1a
-         */
cfec1a
-        ERR_print_errors(bio_err);
cfec1a
-        /* goto end; */
cfec1a
+    if (CAfile == NULL && CApath == NULL) {
cfec1a
+        if (!SSL_CTX_set_default_verify_paths(tm_ctx)) {
cfec1a
+            ERR_print_errors(bio_err);
cfec1a
+        }
cfec1a
+    } else {
cfec1a
+        if (!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) {
cfec1a
+            ERR_print_errors(bio_err);
cfec1a
+        }
cfec1a
     }
cfec1a
 
cfec1a
     if (tm_cipher == NULL)