storm/w3m
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use ssl_ca_file and ssl_ca_path only when ssl_verify_server

Browse Source
This commit is contained in:
Tatsuya Kinoshita
2021-02-13 13:56:00 +09:00
parent c710522a03
commit 1644c3b897
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
url.c
View File

@@ -446,6 +446,7 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
} }
if ((!ssl_ca_file || *ssl_ca_file == '\0') if ((!ssl_ca_file || *ssl_ca_file == '\0')
&& (!ssl_ca_path || *ssl_ca_path == '\0') && (!ssl_ca_path || *ssl_ca_path == '\0')
|| !ssl_verify_server
|| !SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path)) || !SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
#endif /* defined(USE_SSL_VERIFY) */ #endif /* defined(USE_SSL_VERIFY) */
SSL_CTX_set_default_verify_paths(ssl_ctx); SSL_CTX_set_default_verify_paths(ssl_ctx);