[ Sorry about that first message - I hit the send key before writing much... ]

I was thinking about how one might setup a "default" location for ca-bundle.crt on windows. On Unix, at configure time, a default location is setup and used in lib/url.c, like this:

  #ifdef CURL_CA_BUNDLE
    /* This is our prefered CA cert bundle since install time */
    data->set.ssl.CAfile = (char *)CURL_CA_BUNDLE;
  #endif

This works fine for the Unixen, where recompiling at install time is commonplace. But on Windows, we like our software pre-cooked. The related problem is that there isn't a guaranteed, universal location we could use for a "DEFAULT" ca-bundle.crt path. C:\Windows\ is out, since Windows 2000 uses C:\WinNT\ by default, and it's not a requirement anyways. Even the C:\ drive, which being quite typical, is not guaranteed to exist...

I thought maybe something like this (warning - untested, probably not quite correct) might prove useful?

--- url.c 2002-10-11 08:57:10.000000000 -0400
+++ url.c.new 2002-10-22 06:49:12.000000000 -0400
@@ -306,4 +306,18 @@
   data->set.ssl.CAfile = (char *)CURL_CA_BUNDLE;
 #endif
+#ifndef CURL_CA_BUNDLE
+ /* for Windows, try finding an environment var at run-time
+ *
+ * it would be NICE to also support looking for the file
+ * "ca-bundle.crt" in the same directory as curl.exe, but
+ * I don't know how to do such a thing...
+ */
+ char *bundle_env=NULL;
+
+ bundle_env=curl_getenv("CURL_CA_BUNDLE");
+ if(bundle_env)
+ data->set.ssl.CAfile = (char *)bundle_env;
+ // where should free(bundle_env) go?
+#endif
 
 

Thanks,
~ Kevin

-------------------------------------------------------
This sf.net emial is sponsored by: Influence the future of
Java(TM) technology. Join the Java Community Process(SM) (JCP(SM))
program now. http://ad.doubleclick.net/clk;4699841;7576301;v?
http://www.sun.com/javavote
Received on 2002-10-22