mirror of
https://github.com/netsurf-browser/netsurf
synced 2024-11-25 07:49:38 +03:00
Experiment with CURLOPT_CAINFO_BLOB
This commit is contained in:
parent
c6eea438ac
commit
7e25bc6de1
@ -274,6 +274,10 @@ static char fetch_proxy_userpwd[100];
|
|||||||
/** Interlock to prevent initiation during callbacks */
|
/** Interlock to prevent initiation during callbacks */
|
||||||
static bool inside_curl = false;
|
static bool inside_curl = false;
|
||||||
|
|
||||||
|
static struct curl_blob cert_data = {
|
||||||
|
.flags = CURL_BLOB_NOCOPY,
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initialise a cURL fetcher.
|
* Initialise a cURL fetcher.
|
||||||
@ -314,6 +318,9 @@ static void fetch_curl_finalise(lwc_string *scheme)
|
|||||||
|
|
||||||
curl_global_cleanup();
|
curl_global_cleanup();
|
||||||
|
|
||||||
|
free(cert_data.data);
|
||||||
|
cert_data.data = NULL;
|
||||||
|
|
||||||
NSLOG(netsurf, DEBUG, "Cleaning up SSL cert chain hashmap");
|
NSLOG(netsurf, DEBUG, "Cleaning up SSL cert chain hashmap");
|
||||||
hashmap_destroy(curl_fetch_ssl_hashmap);
|
hashmap_destroy(curl_fetch_ssl_hashmap);
|
||||||
curl_fetch_ssl_hashmap = NULL;
|
curl_fetch_ssl_hashmap = NULL;
|
||||||
@ -1757,16 +1764,60 @@ nserror fetch_curl_register(void)
|
|||||||
SETOPT(CURLOPT_NOSIGNAL, 1L);
|
SETOPT(CURLOPT_NOSIGNAL, 1L);
|
||||||
SETOPT(CURLOPT_CONNECTTIMEOUT, nsoption_uint(curl_fetch_timeout));
|
SETOPT(CURLOPT_CONNECTTIMEOUT, nsoption_uint(curl_fetch_timeout));
|
||||||
|
|
||||||
|
if ((nsoption_charp(ca_bundle) &&
|
||||||
|
strcmp(nsoption_charp(ca_bundle), "")) &&
|
||||||
|
(nsoption_charp(ca_path) == NULL ||
|
||||||
|
strcmp(nsoption_charp(ca_path), "") == 0) &&
|
||||||
|
cert_data.data == NULL) {
|
||||||
|
FILE *f;
|
||||||
|
long tell_len;
|
||||||
|
|
||||||
|
f = fopen(nsoption_charp(ca_bundle), "r");
|
||||||
|
if (f == NULL) {
|
||||||
|
goto curl_easy_setopt_failed;
|
||||||
|
}
|
||||||
|
if (fseek(f, 0, SEEK_END) != 0) {
|
||||||
|
fclose(f);
|
||||||
|
goto curl_easy_setopt_failed;
|
||||||
|
}
|
||||||
|
|
||||||
|
tell_len = ftell(f);
|
||||||
|
if (tell_len == -1) {
|
||||||
|
fclose(f);
|
||||||
|
goto curl_easy_setopt_failed;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (fseek(f, 0, SEEK_SET) != 0) {
|
||||||
|
fclose(f);
|
||||||
|
goto curl_easy_setopt_failed;
|
||||||
|
}
|
||||||
|
|
||||||
|
cert_data.data = malloc(tell_len);
|
||||||
|
if (cert_data.data == NULL) {
|
||||||
|
fclose(f);
|
||||||
|
goto curl_easy_setopt_failed;
|
||||||
|
}
|
||||||
|
cert_data.len = fread(cert_data.data, 1, tell_len, f);
|
||||||
|
|
||||||
|
fclose(f);
|
||||||
|
|
||||||
|
NSLOG(netsurf, INFO, "ca_bundle: '%s' (as blob tell_len: %ld, len: %zu)",
|
||||||
|
nsoption_charp(ca_bundle), tell_len, cert_data.len);
|
||||||
|
SETOPT(CURLOPT_CAINFO_BLOB, &cert_data);
|
||||||
|
} else {
|
||||||
if (nsoption_charp(ca_bundle) &&
|
if (nsoption_charp(ca_bundle) &&
|
||||||
strcmp(nsoption_charp(ca_bundle), "")) {
|
strcmp(nsoption_charp(ca_bundle), "")) {
|
||||||
NSLOG(netsurf, INFO, "ca_bundle: '%s'",
|
NSLOG(netsurf, INFO, "ca_bundle: '%s'",
|
||||||
nsoption_charp(ca_bundle));
|
nsoption_charp(ca_bundle));
|
||||||
SETOPT(CURLOPT_CAINFO, nsoption_charp(ca_bundle));
|
SETOPT(CURLOPT_CAINFO, nsoption_charp(ca_bundle));
|
||||||
}
|
}
|
||||||
if (nsoption_charp(ca_path) && strcmp(nsoption_charp(ca_path), "")) {
|
if (nsoption_charp(ca_path) &&
|
||||||
NSLOG(netsurf, INFO, "ca_path: '%s'", nsoption_charp(ca_path));
|
strcmp(nsoption_charp(ca_path), "")) {
|
||||||
|
NSLOG(netsurf, INFO, "ca_path: '%s'",
|
||||||
|
nsoption_charp(ca_path));
|
||||||
SETOPT(CURLOPT_CAPATH, nsoption_charp(ca_path));
|
SETOPT(CURLOPT_CAPATH, nsoption_charp(ca_path));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#if LIBCURL_VERSION_NUM < 0x073800
|
#if LIBCURL_VERSION_NUM < 0x073800
|
||||||
/*
|
/*
|
||||||
|
Loading…
Reference in New Issue
Block a user