luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wolfssl: use ssl_cafile/ssl_capath variables consistent with openssl.c

Browse Source 
Closes #11886
This commit is contained in:
Michael Osipov 2023-09-19 14:26:20 +02:00 committed by Daniel Stenberg
parent 08f9b21483
commit cc123e2757
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 9 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
lib/vtls/wolfssl.c
View File

@ -361,6 +361,8 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
const struct curl_blob *ca_info_blob = conn_config->ca_info_blob;
const struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
const char * const ssl_cafile = conn_config->CAfile;
const char * const ssl_capath = conn_config->CApath;
WOLFSSL_METHOD* req_method = NULL;
#ifdef HAVE_LIBOQS
word16 oqsAlg = 0;
@ -543,19 +545,17 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
#ifndef NO_FILESYSTEM
else {
/* load trusted cacert from file if not blob */
if(conn_config->CAfile || conn_config->CApath) {
if(ssl_cafile || ssl_capath) {
if(1 != wolfSSL_CTX_load_verify_locations(backend->ctx,
conn_config->CAfile,
conn_config->CApath)) {
ssl_cafile,
ssl_capath)) {
if(conn_config->verifypeer && !imported_ca_info_blob &&
!imported_native_ca) {
/* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:"
" CAfile: %s CApath: %s",
conn_config->CAfile?
conn_config->CAfile: "none",
conn_config->CApath?
conn_config->CApath : "none");
ssl_cafile ? ssl_cafile : "none",
ssl_capath ? ssl_capath : "none");
return CURLE_SSL_CACERT_BADFILE;
}
else {
@ -569,10 +569,8 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
/* Everything is fine. */
infof(data, "successfully set certificate verify locations:");
}
infof(data, " CAfile: %s",
conn_config->CAfile ? conn_config->CAfile : "none");
infof(data, " CApath: %s",
conn_config->CApath ? conn_config->CApath : "none");
infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
}
}