diff options
author | Patrick Monnerat <patrick.monnerat@dh.com> | 2016-02-08 14:52:18 +0100 |
---|---|---|
committer | Patrick Monnerat <patrick.monnerat@dh.com> | 2016-02-08 14:52:18 +0100 |
commit | c4303fd5bb26c54a90a8e1ab4380f615995dd0c6 (patch) | |
tree | 56e18e7af6ea609191edd7bb189c74377f01be68 /lib/vtls/openssl.c | |
parent | 8893a45e7664b596e62b04b4d7260641cf1769df (diff) | |
parent | e49ab0a3b8891988de54b2af1e79ad89a9be04e5 (diff) |
Merge branch 'master' of github.com:curl/curl
Diffstat (limited to 'lib/vtls/openssl.c')
-rw-r--r-- | lib/vtls/openssl.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 70cfb84af..b36c6a611 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1960,6 +1960,13 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) data->set.str[STRING_SSL_CAPATH] ? data->set.str[STRING_SSL_CAPATH]: "none"); } +#ifdef CURL_CA_FALLBACK + else if(data->set.ssl.verifypeer) { + /* verfying the peer without any CA certificates won't + work so use openssl's built in default as fallback */ + SSL_CTX_set_default_verify_paths(connssl->ctx); + } +#endif if(data->set.str[STRING_SSL_CRLFILE]) { /* tell SSL where to find CRL file that is used to check certificate |