diff options
| author | Tatsuya Kinoshita <tats@debian.org> | 2021-02-28 09:35:42 +0000 |
|---|---|---|
| committer | Tatsuya Kinoshita <tats@debian.org> | 2021-02-28 09:35:42 +0000 |
| commit | c4f588fbb7602d1c5d005a26bf4ba9d3aa3b89fa (patch) | |
| tree | 7f8ef14d1109cd20712c62d740749e2025a3e856 /url.c | |
| parent | Update ChangeLog (diff) | |
| download | w3m-c4f588fbb7602d1c5d005a26bf4ba9d3aa3b89fa.tar.gz w3m-c4f588fbb7602d1c5d005a26bf4ba9d3aa3b89fa.zip | |
New option ssl_ca_default to explicitly use OpenSSL default paths
Diffstat (limited to '')
| -rw-r--r-- | url.c | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -448,12 +448,13 @@ openSSLHandle(int sock, char *hostname, char **p_cert) char *file = NULL, *path = NULL; if (ssl_ca_file && *ssl_ca_file != '\0') file = ssl_ca_file; if (ssl_ca_path && *ssl_ca_path != '\0') path = ssl_ca_path; - if (!file && !path) - SSL_CTX_set_default_verify_paths(ssl_ctx); - else if (!SSL_CTX_load_verify_locations(ssl_ctx, file, path)) { + if ((file || path) + && !SSL_CTX_load_verify_locations(ssl_ctx, file, path)) { free_ssl_ctx(); goto eend; } + if (ssl_ca_default) + SSL_CTX_set_default_verify_paths(ssl_ctx); } #endif /* defined(USE_SSL_VERIFY) */ #endif /* SSLEAY_VERSION_NUMBER >= 0x0800 */ |