aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorCatalin Patulea <cat@vv.carleton.ca>2014-09-07 03:31:01 +0200
committerDaniel Stenberg <daniel@haxx.se>2014-09-08 10:09:54 +0200
commitaf45542cfe2a5300b67079eea976e01eec48345e (patch)
tree95e66297c90855f3862734b8db2b43508f8bfe8f /lib/vtls
parent55f8b0394866ba3aae4fe4cce284a899c8266c3f (diff)
polarssl: support CURLOPT_CAPATH / --capath
Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/polarssl.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index 2d1b7ee08..f92b82e05 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -201,6 +201,22 @@ polarssl_connect_step1(struct connectdata *conn,
}
}
+ if(data->set.str[STRING_SSL_CAPATH]) {
+ ret = x509_crt_parse_path(&connssl->cacert,
+ data->set.str[STRING_SSL_CAPATH]);
+
+ if(ret<0) {
+#ifdef POLARSSL_ERROR_C
+ error_strerror(ret, errorbuf, sizeof(errorbuf));
+#endif /* POLARSSL_ERROR_C */
+ failf(data, "Error reading ca cert path %s - PolarSSL: (-0x%04X) %s",
+ data->set.str[STRING_SSL_CAPATH], -ret, errorbuf);
+
+ if(data->set.ssl.verifypeer)
+ return CURLE_SSL_CACERT_BADFILE;
+ }
+ }
+
/* Load the client certificate */
memset(&connssl->clicert, 0, sizeof(x509_crt));