cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: default location for ca-bundle.crt on windows

From: Roth, Kevin P. <KPRoth_at_MarathonOil.com>
Date: Mon, 28 Oct 2002 14:02:36 -0500

-----Original Message-----
From: Daniel Stenberg [mailto:daniel_at_haxx.se]
Sent: Monday, October 28, 2002 4:56 AM

> First check for the file like this (on windows only) and then check
> the environment variable. I think the code for this should be left
> in the tool code only, not adding this logic to the library.

> You think you can write us a patch for this?

Sure. See attached. Here's a few notes.

1. The new code runs AFTER the checks for the compiled CURL_CA_BUNDLE
   path and the --cacert command line parameter, and only if cacert
   wasn't set in a prior check. So, --cacert overrides both the
   ENV variable, and the PATH search.

   I decided the environment variable would be checked first. It
   seems like it will be less overhead to check the ENV var than
   to search the path, and this allows the ENV var to override
   the Path Search also.

2. I placed it into the tool code, as requested. This will solve
   my need. However, I wonder whether adding it to the library
   code wouldn't also make sense. I have no idea how many people
   write code using the Win32 native version of libcurl, so it
   may very well not be applicable...

3. I edited the Makefile.m32 files slightly.

   One change was to add -DUSE_SSLEAY to the src/ code, so I could
   leave off the new SearchPath code for a non-ssl capable version.
   If there's a better way to accomplish this, feel free to adjust.

   The other changes were to update the openssl version to 0.9.6g,
   and to replace -_at_erase with rm -f. The -_at_erase code didn't seem
   to work with the gcc 3.2 version of MinGW. This change should be
   OK'd by Joern or Troy, so I don't step on their toes.

   BTW: you may need to adjust the EOL mode on one or the other of
   the .m32 files. The lib version has Unix line-endings, while the
   src version has DOS line-endings. My patch was adjusted so that
   BOTH files have Unix line-endings, so applying it without first
   running d2u on src/Makefile.m32 will introduce mixed line-endings.

3a. The next release of the Win32-ssl version of curl needs to have
the file curl-ca-bundle.crt added to it!

4. I added a new function to main.c and arbitrarily called it
FindWin32CACert. If you have a better name, feel free to change it.

5. As usual, I can't promise it's 100% correctly written or that it
   works under all other environments. However, I've tested the
   changes under the Win32/MinGW environment, and they seem to work
   correctly.

Thanks,
--Kevin

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

application/octet-stream attachment: searchpath.patch

Received on 2002-10-28

This message: [ Message body ]
Next message: kromJx_at_crosswinds.net: "strnequal -> checkprefix patch"
Previous message: Daniel Stenberg: "Re: curl-7.10.1: segmentation fault following new URL"
Maybe in reply to: Roth, Kevin P.: "default location for ca-bundle.crt on windows"
Next in thread: Daniel Stenberg: "RE: default location for ca-bundle.crt on windows"
Reply: Daniel Stenberg: "RE: default location for ca-bundle.crt on windows"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]