commit eefd77f151cf253e4f8cdd14c2cb675771de3c6e
parent 4772731e72808dfc2609bfe66bd477da6b25af05
Author: ukai <ukai>
Date: Tue, 30 Mar 2004 18:06:42 +0000
[w3m-dev 04050] SSL verify
* url.c (openSSLHandle): don't load verify locations if
both ssl_ca_file and ssl_ca_path is NULL.
From: AIDA Shinra <shinra@j10n.org>
Diffstat:
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,9 @@
+2004-03-31 AIDA Shinra <shinra@j10n.org>
+
+ * [w3m-dev 04050] SSL verify
+ * url.c (openSSLHandle): don't load verify locations if
+ both ssl_ca_file and ssl_ca_path is NULL.
+
2004-03-24 Fumitoshi UKAI <ukai@debian.or.jp>
* fix search problem on different charset page than display charset
diff --git a/url.c b/url.c
@@ -354,7 +354,8 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
goto eend;
}
}
- if (SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
+ if ((!ssl_ca_file && !ssl_ca_path)
+ || SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
#endif /* defined(USE_SSL_VERIFY) */
SSL_CTX_set_default_verify_paths(ssl_ctx);
#endif /* SSLEAY_VERSION_NUMBER >= 0x0800 */