mirror of
https://github.com/moparisthebest/curl
synced 2024-08-13 17:03:50 -04:00
rustls: remove native_roots fallback
For the commandline tool, we expect to be passed SSL_CONN_CONFIG(CAfile); for library use, the use should pass a set of trusted roots (like in other TLS backends). This also removes a dependency on Security.framework when building on macOS. Closes #7250
This commit is contained in:
parent
bb9d2abae6
commit
8fa0a298c6
@ -332,15 +332,6 @@ cr_init_backend(struct Curl_easy *data, struct connectdata *conn,
|
||||
return CURLE_SSL_CACERT_BADFILE;
|
||||
}
|
||||
}
|
||||
else {
|
||||
result = rustls_client_config_builder_load_native_roots(config_builder);
|
||||
if(result != RUSTLS_RESULT_OK) {
|
||||
failf(data, "failed to load trusted certificates");
|
||||
rustls_client_config_free(
|
||||
rustls_client_config_builder_build(config_builder));
|
||||
return CURLE_SSL_CACERT_BADFILE;
|
||||
}
|
||||
}
|
||||
|
||||
backend->config = rustls_client_config_builder_build(config_builder);
|
||||
DEBUGASSERT(rconn == NULL);
|
||||
|
@ -63,9 +63,6 @@ if test "x$OPT_RUSTLS" != xno; then
|
||||
rustlslib=$OPT_RUSTLS/lib$libsuff
|
||||
|
||||
LDFLAGS="$LDFLAGS $addld"
|
||||
if (test -d "/System/Library/Frameworks/Security.framework" && test "x$cross_compiling" != "xyes"); then
|
||||
LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
|
||||
fi
|
||||
if test "$addcflags" != "-I/usr/include"; then
|
||||
CPPFLAGS="$CPPFLAGS $addcflags"
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user