Do not display a CT log error message if CT validation is disabled

[openssl.git] / apps / s_client.c

diff --git a/apps/s_client.c b/apps/s_client.c
index 25f51487f1c05a3ef3b5f5bd50f6f5bd563f5cad..cf238c795b13e1e0eef4004b63f38c58e39c2e62 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1670,8 +1670,18 @@ int s_client_main(int argc, char **argv)
     }
 
     if (!ctx_set_ctlog_list_file(ctx, ctlog_file)) {
-        ERR_print_errors(bio_err);
-        goto end;
+        if (ct_validation != NULL) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        /*
+         * If CT validation is not enabled, the log list isn't needed so don't
+         * show errors or abort. We try to load it regardless because then we
+         * can show the names of the logs any SCTs came from (SCTs may be seen
+         * even with validation disabled).
+         */
+        ERR_clear_error();
     }
 #endif