Fossil SCM
If there is a global ssl-ca-location setting, make sure it is used when trying to locate the trust store for any client TLS operation.
Commit
0ca1fc4d98b8e4190a6e05f4aff8bc4be5cf7143cae669a84b63d908348b7dfd
Parent
e225dc9deca843d…
1 file changed
+1
+1
| --- src/http_ssl.c | ||
| +++ src/http_ssl.c | ||
| @@ -274,10 +274,11 @@ | ||
| 274 | 274 | break; |
| 275 | 275 | case 1: |
| 276 | 276 | zFile = fossil_getenv(X509_get_default_cert_dir_env()); |
| 277 | 277 | break; |
| 278 | 278 | case 2: |
| 279 | + if( !g.repositoryOpen ) db_open_config(0,0); | |
| 279 | 280 | zFile = db_get("ssl-ca-location",0); |
| 280 | 281 | break; |
| 281 | 282 | case 3: |
| 282 | 283 | zFile = X509_get_default_cert_file(); |
| 283 | 284 | break; |
| 284 | 285 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -274,10 +274,11 @@ | |
| 274 | break; |
| 275 | case 1: |
| 276 | zFile = fossil_getenv(X509_get_default_cert_dir_env()); |
| 277 | break; |
| 278 | case 2: |
| 279 | zFile = db_get("ssl-ca-location",0); |
| 280 | break; |
| 281 | case 3: |
| 282 | zFile = X509_get_default_cert_file(); |
| 283 | break; |
| 284 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -274,10 +274,11 @@ | |
| 274 | break; |
| 275 | case 1: |
| 276 | zFile = fossil_getenv(X509_get_default_cert_dir_env()); |
| 277 | break; |
| 278 | case 2: |
| 279 | if( !g.repositoryOpen ) db_open_config(0,0); |
| 280 | zFile = db_get("ssl-ca-location",0); |
| 281 | break; |
| 282 | case 3: |
| 283 | zFile = X509_get_default_cert_file(); |
| 284 | break; |
| 285 |