Message ID | 20210907115857.74883-1-salman.ahmed@weidmueller.com |
---|---|
State | Accepted |
Headers | show |
Series | channel_curl: Let curl use default system cacert bundle path | expand |
Hi Salman, On 07.09.21 13:58, Salman Ahmed wrote: > Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com> > --- > corelib/channel_curl.c | 14 +++++++++++--- > 1 file changed, 11 insertions(+), 3 deletions(-) > > diff --git a/corelib/channel_curl.c b/corelib/channel_curl.c > index a3e785f..e648801 100644 > --- a/corelib/channel_curl.c > +++ b/corelib/channel_curl.c > @@ -539,9 +539,6 @@ channel_op_res_t channel_set_options(channel_t *this, channel_data_t *channel_da > CURLE_OK) || > (curl_easy_setopt(channel_curl->handle, CURLOPT_REDIR_PROTOCOLS, > CURLPROTO_HTTP | CURLPROTO_HTTPS) != CURLE_OK) || > - (curl_easy_setopt(channel_curl->handle, > - CURLOPT_CAINFO, > - channel_data->cafile) != CURLE_OK) || > (curl_easy_setopt(channel_curl->handle, > CURLOPT_SSLKEY, > channel_data->sslkey) != CURLE_OK) || > @@ -555,6 +552,17 @@ channel_op_res_t channel_set_options(channel_t *this, channel_data_t *channel_da > goto cleanup; > } > > + /* Only use cafile when set, otherwise let curl use > + * the default system location for cacert bundle > + */ > + if ((channel_data->cafile) && > + (curl_easy_setopt(channel_curl->handle, > + CURLOPT_CAINFO, > + channel_data->cafile) != CURLE_OK)) { > + result = CHANNEL_EINIT; > + goto cleanup; > + } > + > if (channel_data->debug) { > (void)curl_easy_setopt(channel_curl->handle, CURLOPT_VERBOSE, 1L); > } > It looks ok to me. Acked-by: Stefano Babic <sbabic@denx.de> Best regards, Stefano Babic
diff --git a/corelib/channel_curl.c b/corelib/channel_curl.c index a3e785f..e648801 100644 --- a/corelib/channel_curl.c +++ b/corelib/channel_curl.c @@ -539,9 +539,6 @@ channel_op_res_t channel_set_options(channel_t *this, channel_data_t *channel_da CURLE_OK) || (curl_easy_setopt(channel_curl->handle, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS) != CURLE_OK) || - (curl_easy_setopt(channel_curl->handle, - CURLOPT_CAINFO, - channel_data->cafile) != CURLE_OK) || (curl_easy_setopt(channel_curl->handle, CURLOPT_SSLKEY, channel_data->sslkey) != CURLE_OK) || @@ -555,6 +552,17 @@ channel_op_res_t channel_set_options(channel_t *this, channel_data_t *channel_da goto cleanup; } + /* Only use cafile when set, otherwise let curl use + * the default system location for cacert bundle + */ + if ((channel_data->cafile) && + (curl_easy_setopt(channel_curl->handle, + CURLOPT_CAINFO, + channel_data->cafile) != CURLE_OK)) { + result = CHANNEL_EINIT; + goto cleanup; + } + if (channel_data->debug) { (void)curl_easy_setopt(channel_curl->handle, CURLOPT_VERBOSE, 1L); }
Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com> --- corelib/channel_curl.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-)