38 lines
1.3 KiB
Diff
38 lines
1.3 KiB
Diff
Use /etc/ssl/certs instead of /usr/share/curl/curl-ca-bundle.crt.
|
|
TODO: do it in a cleaner (configurable) way and submit upstream.
|
|
---
|
|
lib/easy.c | 5 +----
|
|
lib/url.c | 7 ++-----
|
|
2 files changed, 3 insertions(+), 9 deletions(-)
|
|
|
|
--- lib/easy.c.orig
|
|
+++ lib/easy.c
|
|
@@ -743,10 +743,7 @@ void curl_easy_reset(CURL *curl)
|
|
*/
|
|
data->set.ssl.verifypeer = TRUE;
|
|
data->set.ssl.verifyhost = 2;
|
|
-#ifdef CURL_CA_BUNDLE
|
|
- /* This is our prefered CA cert bundle since install time */
|
|
- (void) curl_easy_setopt(curl, CURLOPT_CAINFO, (char *) CURL_CA_BUNDLE);
|
|
-#endif
|
|
+ (void) curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/ssl/certs");
|
|
|
|
data->set.ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
|
|
type */
|
|
--- lib/url.c.orig
|
|
+++ lib/url.c
|
|
@@ -749,11 +749,8 @@ CURLcode Curl_open(struct SessionHandle
|
|
data->set.ssl.verifypeer = TRUE;
|
|
data->set.ssl.verifyhost = 2;
|
|
data->set.ssl.sessionid = TRUE; /* session ID caching enabled by default */
|
|
-#ifdef CURL_CA_BUNDLE
|
|
- /* This is our preferred CA cert bundle since install time */
|
|
- res = setstropt(&data->set.str[STRING_SSL_CAFILE],
|
|
- (char *) CURL_CA_BUNDLE);
|
|
-#endif
|
|
+ res = setstropt(&data->set.str[STRING_SSL_CAPATH],
|
|
+ "/etc/ssl/certs");
|
|
}
|
|
|
|
if(res) {
|