#ifdef _WIN32
-/*
+/* Search and set the CA cert file for Windows.
+ *
+ * Do not call this function if Schannel is the selected SSL backend. We allow
+ * setting CA location for Schannel only when explicitly specified by the user
+ * via CURLOPT_CAINFO / --cacert.
+ *
* Function to find CACert bundle on a Win32 platform using SearchPath.
* (SearchPath is already declared via inclusions done in setup header file)
* (Use the ASCII version instead of the Unicode one!)
* For WinXP and later search order actually depends on registry value:
* HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SafeProcessSearchMode
*/
-
CURLcode FindWin32CACert(struct OperationConfig *config,
- curl_sslbackend backend,
const TCHAR *bundle_file)
{
CURLcode result = CURLE_OK;
#ifdef CURL_WINDOWS_UWP
(void)config;
- (void)backend;
(void)bundle_file;
#else
- /* Search and set cert file only if libcurl supports SSL.
- *
- * If Schannel is the selected SSL backend then these locations are
- * ignored. We allow setting CA location for schannel only when explicitly
- * specified by the user via CURLOPT_CAINFO / --cacert.
- */
- if(feature_ssl && backend != CURLSSLBACKEND_SCHANNEL) {
-
- DWORD res_len;
- TCHAR buf[PATH_MAX];
- TCHAR *ptr = NULL;
-
- buf[0] = TEXT('\0');
-
- res_len = SearchPath(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr);
- if(res_len > 0) {
- char *mstr = curlx_convert_tchar_to_UTF8(buf);
- Curl_safefree(config->cacert);
- if(mstr)
- config->cacert = strdup(mstr);
- curlx_unicodefree(mstr);
- if(!config->cacert)
- result = CURLE_OUT_OF_MEMORY;
- }
+ DWORD res_len;
+ TCHAR buf[PATH_MAX];
+ TCHAR *ptr = NULL;
+
+ buf[0] = TEXT('\0');
+
+ res_len = SearchPath(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr);
+ if(res_len > 0) {
+ char *mstr = curlx_convert_tchar_to_UTF8(buf);
+ Curl_safefree(config->cacert);
+ if(mstr)
+ config->cacert = strdup(mstr);
+ curlx_unicodefree(mstr);
+ if(!config->cacert)
+ result = CURLE_OUT_OF_MEMORY;
}
#endif
* too. Just for the sake of it.
*/
capath_from_env = false;
- if(!config->cacert &&
+ if(feature_ssl &&
+ !config->cacert &&
!config->capath &&
(!config->insecure_ok || (config->doh_url && !config->doh_insecure_ok))) {
CURL *curltls = curl_easy_init();
#ifdef _WIN32
if(!env)
- result = FindWin32CACert(config, tls_backend_info->backend,
- TEXT("curl-ca-bundle.crt"));
+ result = FindWin32CACert(config, TEXT("curl-ca-bundle.crt"));
#endif
}
curl_easy_cleanup(curltls);
projects / thirdparty / curl.git / commitdiff
