summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2016-08-24 15:23:22 (GMT)
committerTobias Markmann <tm@ayena.de>2016-08-24 15:23:22 (GMT)
commit10672429a5ffc51eacfdd6d9c0563d0c1d17b01e (patch)
tree61f0a9c2473f00759b550de406739765cc6a6c57 /Swiften/TLS/OpenSSL
parenta2c73db9ab3e9fe96befcacea482b96b3c3ee410 (diff)
downloadswift-10672429a5ffc51eacfdd6d9c0563d0c1d17b01e.zip
swift-10672429a5ffc51eacfdd6d9c0563d0c1d17b01e.tar.bz2
Use SSL_CTX_set_default_verify_paths to set trusted CAs for OpenSSL
This fixes setup of trusted CAs on Fedora. Test-Information: Tested successful login to two different hosts with different CAs. Previously the there was no certificate warning on Debian 8 and a certificate warning on Fedora 24. With this patch there is no certificate warning anymore on Debian 8 and Fedora 24. Change-Id: I70e71eb9734f2012bcd5c4b784bab47917b44234
Diffstat (limited to 'Swiften/TLS/OpenSSL')
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index b7496a0..cd6b6bc 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -68,7 +68,7 @@ OpenSSLContext::OpenSSLContext() : state_(Start), context_(0), handle_(0), readB
}
}
#elif !defined(SWIFTEN_PLATFORM_MACOSX)
- SSL_CTX_load_verify_locations(context_, NULL, "/etc/ssl/certs");
+ SSL_CTX_set_default_verify_paths(context_);
#elif defined(SWIFTEN_PLATFORM_MACOSX) && !defined(SWIFTEN_PLATFORM_IPHONE)
// On Mac OS X 10.5 (OpenSSL < 0.9.8), OpenSSL does not automatically look in the system store.
// On Mac OS X 10.6 (OpenSSL >= 0.9.8), OpenSSL *does* look in the system store to determine trust.