aboutsummaryrefslogtreecommitdiffstats
path: root/debian/patches/020_ssl-ca.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/020_ssl-ca.patch')
-rw-r--r--debian/patches/020_ssl-ca.patch14
1 files changed, 14 insertions, 0 deletions
diff --git a/debian/patches/020_ssl-ca.patch b/debian/patches/020_ssl-ca.patch
new file mode 100644
index 0000000..9d2b834
--- /dev/null
+++ b/debian/patches/020_ssl-ca.patch
@@ -0,0 +1,14 @@
+Subject: Fix OpenSSL default always overrides ssl_ca_file and ssl_ca_path
+Author: Tatsuya Kinoshita <tats@debian.org>
+
+--- a/url.c
++++ b/url.c
+@@ -445,7 +445,7 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
+ }
+ }
+ if ((!ssl_ca_file && !ssl_ca_path)
+- || SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
++ || !SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
+ #endif /* defined(USE_SSL_VERIFY) */
+ SSL_CTX_set_default_verify_paths(ssl_ctx);
+ #endif /* SSLEAY_VERSION_NUMBER >= 0x0800 */