if verifypeer is enabled but nether CAfile nor CApath is, then don't try

author Daniel Stenberg <daniel@haxx.se>

Fri, 30 Aug 2002 12:07:42 +0000 (12:07 +0000)

committer Daniel Stenberg <daniel@haxx.se>

Fri, 30 Aug 2002 12:07:42 +0000 (12:07 +0000)
author Daniel Stenberg <daniel@haxx.se>
Fri, 30 Aug 2002 12:07:42 +0000 (12:07 +0000)
committer Daniel Stenberg <daniel@haxx.se>
Fri, 30 Aug 2002 12:07:42 +0000 (12:07 +0000)
diff --git a/lib/ssluse.c b/lib/ssluse.c

index 5a002f01c703683655ce4decc4a89fc41c82e0d6..019c78bfdbf28c9e7c0bfdd09cad912f3b44933d 100644 (file)
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -739,7 +739,8 @@ Curl_SSLConnect(struct connectdata *conn)
                         SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
                         SSL_VERIFY_CLIENT_ONCE,
                         cert_verify_callback);
-    if (!SSL_CTX_load_verify_locations(conn->ssl.ctx,
+    if ((data->set.ssl.CAfile || data->set.ssl.CApath) &&
+        !SSL_CTX_load_verify_locations(conn->ssl.ctx,
                                         data->set.ssl.CAfile,
                                         data->set.ssl.CApath)) {
        failf(data,"error setting cerficate verify locations");
author	Daniel Stenberg <daniel@haxx.se>
	Fri, 30 Aug 2002 12:07:42 +0000 (12:07 +0000)
committer	Daniel Stenberg <daniel@haxx.se>
	Fri, 30 Aug 2002 12:07:42 +0000 (12:07 +0000)