Kevin Roth's patch that checks for the CA cert file at two more places if the

--cacert option is not used. 1. An environment variable named CURL_CA_BUNDLE may contain the full file name to the file. 2. On Windows, the cert file may be named curl-ca-bundle.crt and put in the same dir as curl is located (or the CWD) and curl will then use that file instead.
2024-11-27 05:50:21 +08:00 · 2002-10-28 19:49:58 +00:00 · 2002-10-28 19:49:58 +00:00 · 163bba1410
commit 163bba1410
parent db1c618fcf
1 changed files with 57 additions and 1 deletions
--- a/src/main.c
+++ b/src/main.c
@ -2245,6 +2245,41 @@ void free_config_fields(struct Configurable *config)
  curl_slist_free_all(config->headers); /*  */
 }

+#if defined(WIN32) && !defined(__CYGWIN32__)
+
+/* Function to find CACert bundle on a Win32 platform using SearchPath.
+ * (SearchPath is defined in windows.h, which is #included into libcurl)
+ * (Use the ASCII version instead of the unicode one!)
+ * The order of the directories it searches is:
+ *  1. application's directory
+ *  2. current working directory
+ *  3. Windows System directory (e.g. C:\windows\system32)
+ *  4. Windows Directory (e.g. C:\windows)
+ *  5. all directories along %PATH%
+ */
+static void FindWin32CACert(struct Configurable *config, 
+                            const char *bundle_file)
+{
+  curl_version_info_data *info;
+  info = curl_version_info(CURLVERSION_NOW);
+
+  /* only check for cert file if "we" support SSL */
+  if(info->features & CURL_VERSION_SSL) {
+    DWORD buflen;
+    char *ptr = NULL;
+    char *retval = (char *) malloc(sizeof (TCHAR) * (MAX_PATH + 1));
+    if (!retval)
+      return;
+    retval[0] = '\0';
+    buflen = SearchPathA(NULL, bundle_file, NULL, MAX_PATH+2, retval, &ptr);
+    if (buflen > 0) {
+      GetStr(&config->cacert, retval);
+    }
+    free(retval);
+  }
+}
+
+#endif

 static int 
 operate(struct Configurable *config, int argc, char *argv[])
@ -2280,9 +2315,9 @@ operate(struct Configurable *config, int argc, char *argv[])
  int res = 0;
  int i;

+  char *env;
 #ifdef MALLOCDEBUG
  /* this sends all memory debug messages to a logfile named memdump */
-  char *env;
  env = curl_getenv("CURL_MEMDEBUG");
  if(env) {
    free(env);
@ -2384,6 +2419,27 @@ operate(struct Configurable *config, int argc, char *argv[])
  else
    allocuseragent = TRUE;

+  /* On WIN32 (non-cygwin), we can't set the path to curl-ca-bundle.crt
+   * at compile time. So we look here for the file in two ways:
+   * 1: look at the environment variable CURL_CA_BUNDLE for a path
+   * 2: if #1 isn't found, use the windows API function SearchPath()
+   *    to find it along the app's path (includes app's dir and CWD)
+   *
+   * We support the environment variable thing for non-Windows platforms
+   * too. Just for the sake of it.
+   */
+  if (! config->cacert) {
+    env = curl_getenv("CURL_CA_BUNDLE");
+    if(env) {
+      GetStr(&config->cacert, env);
+      free(env);
+    }
+  }
+#if defined(WIN32) && !defined(__CYGWIN32__)
+  if (! config->cacert)
+    FindWin32CACert(config, "curl-ca-bundle.crt");
+#endif
+
  if (config->postfields) {
    if (config->use_httpget) {
      /* Use the postfields data for a http get */