From b5bb094440db3c4c643f410c8ac50133e266b1aa Mon Sep 17 00:00:00 2001
From: Fumitoshi UKAI <ukai@debian.or.jp>
Date: Tue, 30 Mar 2004 18:06:42 +0000
Subject: [w3m-dev 04050] SSL verify * url.c (openSSLHandle): don't load verify
 locations if 	both ssl_ca_file and ssl_ca_path is NULL. From: AIDA Shinra
 <shinra@j10n.org>

---
 ChangeLog | 8 +++++++-
 url.c     | 5 +++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index a98d029..5e2022c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2004-03-31  AIDA Shinra <shinra@j10n.org>
+
+	* [w3m-dev 04050] SSL verify
+	* url.c (openSSLHandle): don't load verify locations if 
+		both ssl_ca_file and ssl_ca_path is NULL.
+
 2004-03-24  Fumitoshi UKAI  <ukai@debian.or.jp>
 
 	* fix search problem on different charset page than display charset
@@ -8367,4 +8373,4 @@ a	* [w3m-dev 03276] compile error on EWS4800
 	* release-0-2-1
 	* import w3m-0.2.1
 
-$Id: ChangeLog,v 1.914 2004/03/23 16:44:02 ukai Exp $
+$Id: ChangeLog,v 1.915 2004/03/30 18:06:42 ukai Exp $
diff --git a/url.c b/url.c
index f3888be..0d8d138 100644
--- a/url.c
+++ b/url.c
@@ -1,4 +1,4 @@
-/* $Id: url.c,v 1.87 2003/12/08 16:17:21 ukai Exp $ */
+/* $Id: url.c,v 1.88 2004/03/30 18:06:43 ukai Exp $ */
 #include "fm.h"
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -354,7 +354,8 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 		goto eend;
 	    }
 	}
-	if (SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
+	if ((!ssl_ca_file && !ssl_ca_path)
+	    || SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
 #endif				/* defined(USE_SSL_VERIFY) */
 	    SSL_CTX_set_default_verify_paths(ssl_ctx);
 #endif				/* SSLEAY_VERSION_NUMBER >= 0x0800 */
-- 
cgit v1.2.3