diff options
author | Tobias Markmann <tm@ayena.de> | 2016-08-24 15:23:22 (GMT) |
---|---|---|
committer | Tobias Markmann <tm@ayena.de> | 2016-08-24 15:23:22 (GMT) |
commit | 10672429a5ffc51eacfdd6d9c0563d0c1d17b01e (patch) | |
tree | 61f0a9c2473f00759b550de406739765cc6a6c57 /Swiften/TLS/OpenSSL | |
parent | a2c73db9ab3e9fe96befcacea482b96b3c3ee410 (diff) | |
download | swift-10672429a5ffc51eacfdd6d9c0563d0c1d17b01e.zip swift-10672429a5ffc51eacfdd6d9c0563d0c1d17b01e.tar.bz2 |
Use SSL_CTX_set_default_verify_paths to set trusted CAs for OpenSSL
This fixes setup of trusted CAs on Fedora.
Test-Information:
Tested successful login to two different hosts with different
CAs. Previously the there was no certificate warning on
Debian 8 and a certificate warning on Fedora 24. With this
patch there is no certificate warning anymore on Debian 8
and Fedora 24.
Change-Id: I70e71eb9734f2012bcd5c4b784bab47917b44234
Diffstat (limited to 'Swiften/TLS/OpenSSL')
-rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index b7496a0..cd6b6bc 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp @@ -68,7 +68,7 @@ OpenSSLContext::OpenSSLContext() : state_(Start), context_(0), handle_(0), readB } } #elif !defined(SWIFTEN_PLATFORM_MACOSX) - SSL_CTX_load_verify_locations(context_, NULL, "/etc/ssl/certs"); + SSL_CTX_set_default_verify_paths(context_); #elif defined(SWIFTEN_PLATFORM_MACOSX) && !defined(SWIFTEN_PLATFORM_IPHONE) // On Mac OS X 10.5 (OpenSSL < 0.9.8), OpenSSL does not automatically look in the system store. // On Mac OS X 10.6 (OpenSSL >= 0.9.8), OpenSSL *does* look in the system store to determine trust. |