From 59c11b82d55b6e8110f2232f0fd47068e4072495 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 28 May 2002 09:21:29 +0000 Subject: Cris Bailiff's CAPATH support added --- src/main.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/main.c b/src/main.c index 606b9e341..9254e941b 100644 --- a/src/main.c +++ b/src/main.c @@ -345,6 +345,7 @@ static void help(void) " --pass Specifies your passphrase for the private key (HTTPS)"); puts(" --engine Specifies the crypto engine to use (HTTPS)\n" " --cacert CA certifciate to verify peer against (SSL)\n" + " --capath CA directory (made using c_rehash) to verify peer against (SSL, NOT Windows)\n" " --ciphers What SSL ciphers to use (SSL)\n" " --connect-timeout Maximum time allowed for connection\n" " -f/--fail Fail silently (no output at all) on errors (H)\n" @@ -454,6 +455,7 @@ struct Configurable { char *cert; char *cert_type; char *cacert; + char *capath; char *key; char *key_type; char *key_passwd; @@ -999,6 +1001,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ {"Ed","key-type", TRUE}, {"Ee","pass", TRUE}, {"Ef","engine", TRUE}, + {"Eg","capath ", TRUE}, {"f", "fail", FALSE}, {"F", "form", TRUE}, {"g", "globoff", FALSE}, @@ -1335,6 +1338,10 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ case 'f': /* crypto engine */ GetStr(&config->engine, nextarg); break; + case 'g': /* CA info PEM file */ + /* CA cert directory */ + GetStr(&config->capath, nextarg); + break; default: /* certificate file */ { char *ptr = strchr(nextarg, ':'); @@ -2082,6 +2089,8 @@ void free_config_fields(struct Configurable *config) curl_formfree(config->httppost); if(config->cacert) free(config->cacert); + if(config->capath) + free(config->capath); if(config->cookiejar) free(config->cookiejar); @@ -2558,8 +2567,9 @@ operate(struct Configurable *config, int argc, char *argv[]) curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, config->key_type); curl_easy_setopt(curl, CURLOPT_SSLKEYPASSWD, config->key_passwd); - if(config->cacert) { - curl_easy_setopt(curl, CURLOPT_CAINFO, config->cacert); + if(config->cacert || config->capath) { + if (config->cacert) curl_easy_setopt(curl, CURLOPT_CAINFO, config->cacert); + if (config->capath) curl_easy_setopt(curl, CURLOPT_CAPATH, config->capath); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, TRUE); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2); } -- cgit v1.2.3