From e957b9b3f408491f36660499b215aebcf2633a95 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 4 Oct 2013 08:28:12 +0200 Subject: [PATCH] keyserver: Allow use of cURL's default CA store. * keyserver/gpgkeys_curl.c (main): Set CURLOPT_CAINFO only if a file has been given. * keyserver/gpgkeys_hkp.c (main): Ditto. -- GnuPG-bug-id: 1542 Signed-off-by: Werner Koch --- keyserver/gpgkeys_curl.c | 5 +++-- keyserver/gpgkeys_hkp.c | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/keyserver/gpgkeys_curl.c b/keyserver/gpgkeys_curl.c index 28ec69822..f0f574498 100644 --- a/keyserver/gpgkeys_curl.c +++ b/keyserver/gpgkeys_curl.c @@ -99,7 +99,7 @@ get_key(char *getkey) return curl_err_to_gpg_err(res); } -static void +static void show_help (FILE *fp) { fprintf (fp,"-h, --help\thelp\n"); @@ -304,7 +304,8 @@ main(int argc,char *argv[]) } curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); - curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + if (opt->ca_cert_file) + curl_easy_setopt (curl, CURLOPT_CAINFO, opt->ca_cert_file); /* Avoid caches to get the most recent copy of the key. This is bug #1061. In pre-curl versions of the code, we didn't do it. Then diff --git a/keyserver/gpgkeys_hkp.c b/keyserver/gpgkeys_hkp.c index f0647d760..36a44ef10 100644 --- a/keyserver/gpgkeys_hkp.c +++ b/keyserver/gpgkeys_hkp.c @@ -921,7 +921,8 @@ main(int argc,char *argv[]) curl_easy_setopt(curl,CURLOPT_USERPWD,opt->auth); curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); - curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + if (opt->ca_cert_file) + curl_easy_setopt (curl, CURLOPT_CAINFO, opt->ca_cert_file); /* Avoid caches to get the most recent copy of the key. This is bug #1061. In pre-curl versions of the code, we didn't do it. Then