From 56c43604d085d50567a222670c4d24e25150647e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 30 Aug 2002 12:07:42 +0000 Subject: [PATCH] if verifypeer is enabled but nether CAfile nor CApath is, then don't try to load "verify_locations" --- lib/ssluse.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/ssluse.c b/lib/ssluse.c index 5a002f01c..019c78bfd 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -739,7 +739,8 @@ Curl_SSLConnect(struct connectdata *conn) SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| SSL_VERIFY_CLIENT_ONCE, cert_verify_callback); - if (!SSL_CTX_load_verify_locations(conn->ssl.ctx, + if ((data->set.ssl.CAfile || data->set.ssl.CApath) && + !SSL_CTX_load_verify_locations(conn->ssl.ctx, data->set.ssl.CAfile, data->set.ssl.CApath)) { failf(data,"error setting cerficate verify locations");