|
Lines 705-711
Link Here
|
| 705 |
if (ca_cert_file == NULL && |
705 |
if (ca_cert_file == NULL && |
| 706 |
access(LOCAL_CERT_FILE, R_OK) == 0) |
706 |
access(LOCAL_CERT_FILE, R_OK) == 0) |
| 707 |
ca_cert_file = LOCAL_CERT_FILE; |
707 |
ca_cert_file = LOCAL_CERT_FILE; |
| 708 |
if (ca_cert_file == NULL) |
708 |
if (ca_cert_file == NULL && |
|
|
709 |
access(BASE_CERT_FILE, R_OK) == 0) |
| 709 |
ca_cert_file = BASE_CERT_FILE; |
710 |
ca_cert_file = BASE_CERT_FILE; |
| 710 |
ca_cert_path = getenv("SSL_CA_CERT_PATH"); |
711 |
ca_cert_path = getenv("SSL_CA_CERT_PATH"); |
| 711 |
if (verbose) { |
712 |
if (verbose) { |
|
Lines 716-726
Link Here
|
| 716 |
if (ca_cert_path != NULL) |
717 |
if (ca_cert_path != NULL) |
| 717 |
fetch_info("Using CA cert path: %s", |
718 |
fetch_info("Using CA cert path: %s", |
| 718 |
ca_cert_path); |
719 |
ca_cert_path); |
|
|
720 |
if (ca_cert_file == NULL && ca_cert_path == NULL) |
| 721 |
fetch_info("Using OpenSSL default " |
| 722 |
"CA cert file and path"); |
| 719 |
} |
723 |
} |
| 720 |
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, |
724 |
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, |
| 721 |
fetch_ssl_cb_verify_crt); |
725 |
fetch_ssl_cb_verify_crt); |
| 722 |
SSL_CTX_load_verify_locations(ctx, ca_cert_file, |
726 |
if (ca_cert_file != NULL || ca_cert_path != NULL) |
| 723 |
ca_cert_path); |
727 |
SSL_CTX_load_verify_locations(ctx, ca_cert_file, |
|
|
728 |
ca_cert_path); |
| 729 |
else |
| 730 |
SSL_CTX_set_default_verify_paths(ctx); |
| 724 |
if ((crl_file = getenv("SSL_CRL_FILE")) != NULL) { |
731 |
if ((crl_file = getenv("SSL_CRL_FILE")) != NULL) { |
| 725 |
if (verbose) |
732 |
if (verbose) |
| 726 |
fetch_info("Using CRL file: %s", crl_file); |
733 |
fetch_info("Using CRL file: %s", crl_file); |