From 502559daa1392d7cf92e1566cd9bf4d15f13b517 Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Fri, 1 Jun 2007 23:26:28 +0000 Subject: [PATCH] The client now tells Curl to look for certificates in /etc/ssl/certs under linux. Commented the line in client.conf that was allowing clients to connect to ATSs whose certificates authenticity could not be verified. :-). --- CASA-auth-token/client/library/client.conf | 2 +- CASA-auth-token/client/library/linux/rpc.c | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CASA-auth-token/client/library/client.conf b/CASA-auth-token/client/library/client.conf index 50c62d16..5796907e 100644 --- a/CASA-auth-token/client/library/client.conf +++ b/CASA-auth-token/client/library/client.conf @@ -58,7 +58,7 @@ # process to impersonate an ATS and obtain information that # is confidential such as username and passwords. # -AllowUntrustedCerts true +#AllowUntrustedCerts true # # UsersCannotAllowInvalidCerts setting. diff --git a/CASA-auth-token/client/library/linux/rpc.c b/CASA-auth-token/client/library/linux/rpc.c index b0f7e0cd..c56057bd 100644 --- a/CASA-auth-token/client/library/linux/rpc.c +++ b/CASA-auth-token/client/library/linux/rpc.c @@ -208,6 +208,12 @@ OpenRpcSession( setOptError = true; } + if ((result = curl_easy_setopt(pSession->hCurl, CURLOPT_CAPATH, "/etc/ssl/certs")) != CURLE_OK) + { + DbgTrace(0, "-OpenRpcSession- Error setting CURLOPT_CAPATH, code = %d\n", result); + setOptError = true; + } + pSession->headers = curl_slist_append(pSession->headers, "Content-Type: text/html"); pSession->headers = curl_slist_append(pSession->headers, "Expect:"); if ((result = curl_easy_setopt(pSession->hCurl, CURLOPT_HTTPHEADER, pSession->headers)) != CURLE_OK)