From b5bb094440db3c4c643f410c8ac50133e266b1aa Mon Sep 17 00:00:00 2001
From: Fumitoshi UKAI <ukai@debian.or.jp>
Date: Tue, 30 Mar 2004 18:06:42 +0000
Subject: [w3m-dev 04050] SSL verify * url.c (openSSLHandle): don't load verify
 locations if 	both ssl_ca_file and ssl_ca_path is NULL. From: AIDA Shinra
 <shinra@j10n.org>

---
 url.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'url.c')

diff --git a/url.c b/url.c
index f3888be..0d8d138 100644
--- a/url.c
+++ b/url.c
@@ -1,4 +1,4 @@
-/* $Id: url.c,v 1.87 2003/12/08 16:17:21 ukai Exp $ */
+/* $Id: url.c,v 1.88 2004/03/30 18:06:43 ukai Exp $ */
 #include "fm.h"
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -354,7 +354,8 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 		goto eend;
 	    }
 	}
-	if (SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
+	if ((!ssl_ca_file && !ssl_ca_path)
+	    || SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
 #endif				/* defined(USE_SSL_VERIFY) */
 	    SSL_CTX_set_default_verify_paths(ssl_ctx);
 #endif				/* SSLEAY_VERSION_NUMBER >= 0x0800 */
-- 
cgit v1.2.3