From 8250f93d413eaff47d8e2ac0284059afa92dcea4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 13 Sep 2014 14:56:27 +0200 Subject: CURLOPT_CAPATH: return failure if set without backend support --- lib/url.c | 4 ++++ lib/vtls/openssl.h | 3 +++ lib/vtls/polarssl.h | 4 ++++ 3 files changed, 11 insertions(+) diff --git a/lib/url.c b/lib/url.c index 67126ab35..b4d4a3919 100644 --- a/lib/url.c +++ b/lib/url.c @@ -1991,6 +1991,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, va_arg(param, char *)); break; case CURLOPT_CAPATH: +#ifdef have_ca_path /* not supported by all backends */ /* * Set CA path info for SSL connection. Specify directory name of the CA * certificates which have been prepared using openssl c_rehash utility. @@ -1998,6 +1999,9 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* This does not work on windows. */ result = setstropt(&data->set.str[STRING_SSL_CAPATH], va_arg(param, char *)); +#else + result = CURLE_NOT_BUILT_IN; +#endif break; case CURLOPT_CRLFILE: /* diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h index 1a55ffc2f..6d6c75c82 100644 --- a/lib/vtls/openssl.h +++ b/lib/vtls/openssl.h @@ -76,6 +76,9 @@ void Curl_ossl_md5sum(unsigned char *tmp, /* input */ /* this backend provides these functions: */ #define have_curlssl_md5sum 1 +/* this backend supports the CAPATH option */ +#define have_ca_path 1 + /* API setup for OpenSSL */ #define curlssl_init Curl_ossl_init #define curlssl_cleanup Curl_ossl_cleanup diff --git a/lib/vtls/polarssl.h b/lib/vtls/polarssl.h index 9ab7e47e5..dbe01966f 100644 --- a/lib/vtls/polarssl.h +++ b/lib/vtls/polarssl.h @@ -8,6 +8,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2010, Hoi-Ho Chan, + * Copyright (C) 2014, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -47,6 +48,9 @@ void Curl_polarssl_session_free(void *ptr); size_t Curl_polarssl_version(char *buffer, size_t size); int Curl_polarssl_shutdown(struct connectdata *conn, int sockindex); +/* this backend supports the CAPATH option */ +#define have_ca_path 1 + /* API setup for PolarSSL */ #define curlssl_init() polarssl_init() #define curlssl_cleanup() polarssl_cleanup() -- cgit v1.2.3