[w3m-dev 04050] SSL verify

* url.c (openSSLHandle): don't load verify locations if
	both ssl_ca_file and ssl_ca_path is NULL.
From: AIDA Shinra <shinra@j10n.org>

ChangeLog

@@ -1,3 +1,9 @@
+2004-03-31  AIDA Shinra <shinra@j10n.org>
+
+	* [w3m-dev 04050] SSL verify
+	* url.c (openSSLHandle): don't load verify locations if 
+		both ssl_ca_file and ssl_ca_path is NULL.
+
 2004-03-24  Fumitoshi UKAI  <ukai@debian.or.jp>
 
 	* fix search problem on different charset page than display charset
@@ -8367,4 +8373,4 @@ a	* [w3m-dev 03276] compile error on EWS4800
 	* release-0-2-1
 	* import w3m-0.2.1
 
-$Id: ChangeLog,v 1.914 2004/03/23 16:44:02 ukai Exp $
+$Id: ChangeLog,v 1.915 2004/03/30 18:06:42 ukai Exp $

url.c

@@ -1,4 +1,4 @@
-/* $Id: url.c,v 1.87 2003/12/08 16:17:21 ukai Exp $ */
+/* $Id: url.c,v 1.88 2004/03/30 18:06:43 ukai Exp $ */
 #include "fm.h"
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -354,7 +354,8 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 		goto eend;
 	    }
 	}
-	if (SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
+	if ((!ssl_ca_file && !ssl_ca_path)
+	    || SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path))
 #endif				/* defined(USE_SSL_VERIFY) */
 	    SSL_CTX_set_default_verify_paths(ssl_ctx);
 #endif				/* SSLEAY_VERSION_NUMBER >= 0x0800 */