OpenSSL: Initialise one context at a time

If initialising the server context fails, but the client one succeeds,
we will not only leak memory, but the error message reported for
initialising the server context might not make sense, because we
initialise the client context after and that could erase or change the
list of queued errors.

This scenario is considered rare. Nevertheless, we now initialise the
client context after *successfully* initialising the server context.

libratbox/src/openssl.c

@@ -399,24 +399,25 @@ rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile, c
 		cipher_list = libratbox_ciphers;
 
 	#ifdef LRB_HAVE_TLS_METHOD_API
-	ssl_server_ctx_new = SSL_CTX_new(TLS_server_method());
+	if((ssl_server_ctx_new = SSL_CTX_new(TLS_server_method())) == NULL)
-	ssl_client_ctx_new = SSL_CTX_new(TLS_client_method());
 	#else
-	ssl_server_ctx_new = SSL_CTX_new(SSLv23_server_method());
+	if((ssl_server_ctx_new = SSL_CTX_new(SSLv23_server_method())) == NULL)
-	ssl_client_ctx_new = SSL_CTX_new(SSLv23_client_method());
 	#endif
-
-	if(ssl_server_ctx_new == NULL)
 	{
 		rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL server context: %s",
 			   get_ssl_error(ERR_get_error()));
 		return 0;
 	}
 
-	if(ssl_client_ctx_new == NULL)
+	#ifdef LRB_HAVE_TLS_METHOD_API
+	if((ssl_client_ctx_new = SSL_CTX_new(TLS_client_method())) == NULL)
+	#else
+	if((ssl_client_ctx_new = SSL_CTX_new(SSLv23_client_method())) == NULL)
+	#endif
 	{
 		rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL client context: %s",
 			   get_ssl_error(ERR_get_error()));
+
 		SSL_CTX_free(ssl_server_ctx_new);
 		return 0;
 	}