configure: check for the capath by default
... if the chosen TLS backend supports it: OpenSSL, GnuTLS, mbedTLS or wolfSSL cmake: synced Assisted-by: Viktor Szakats Closes #11987
This commit is contained in:
Родитель
463528b0f8
Коммит
849bd50cc9
|
@ -1011,9 +1011,13 @@ elseif(CURL_CA_PATH_AUTODETECT OR CURL_CA_BUNDLE_AUTODETECT)
|
|||
endif()
|
||||
endif()
|
||||
|
||||
if(CURL_CA_PATH_SET AND NOT USE_OPENSSL AND NOT USE_MBEDTLS)
|
||||
if(CURL_CA_PATH_SET AND
|
||||
NOT USE_OPENSSL AND
|
||||
NOT USE_WOLFSSL AND
|
||||
NOT USE_GNUTLS AND
|
||||
NOT USE_MBEDTLS)
|
||||
message(STATUS
|
||||
"CA path only supported by OpenSSL, GnuTLS or mbed TLS. "
|
||||
"CA path only supported by OpenSSL, wolfSSL, GnuTLS or mbedTLS. "
|
||||
"Set CURL_CA_PATH=none or enable one of those TLS backends.")
|
||||
endif()
|
||||
|
||||
|
|
20
acinclude.m4
20
acinclude.m4
|
@ -1469,7 +1469,7 @@ AS_HELP_STRING([--without-ca-bundle], [Don't use a default CA bundle]),
|
|||
AS_HELP_STRING([--with-ca-path=DIRECTORY],
|
||||
[Path to a directory containing CA certificates stored individually, with \
|
||||
their filenames in a hash format. This option can be used with the OpenSSL, \
|
||||
GnuTLS and mbedTLS backends. Refer to OpenSSL c_rehash for details. \
|
||||
GnuTLS, mbedTLS and wolfSSL backends. Refer to OpenSSL c_rehash for details. \
|
||||
(example: /etc/certificates)])
|
||||
AS_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
|
||||
[
|
||||
|
@ -1495,8 +1495,11 @@ AS_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
|
|||
capath="no"
|
||||
elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
|
||||
dnl --with-ca-path given
|
||||
if test "x$OPENSSL_ENABLED" != "x1" -a "x$GNUTLS_ENABLED" != "x1" -a "x$MBEDTLS_ENABLED" != "x1"; then
|
||||
AC_MSG_ERROR([--with-ca-path only works with OpenSSL, GnuTLS or mbedTLS])
|
||||
if test "x$OPENSSL_ENABLED" != "x1" -a \
|
||||
"x$GNUTLS_ENABLED" != "x1" -a \
|
||||
"x$MBEDTLS_ENABLED" != "x1" -a \
|
||||
"x$WOLFSSL_ENABLED" != "x1"; then
|
||||
AC_MSG_ERROR([--with-ca-path only works with OpenSSL, GnuTLS, mbedTLS or wolfSSL])
|
||||
fi
|
||||
capath="$want_capath"
|
||||
ca="no"
|
||||
|
@ -1530,9 +1533,14 @@ AS_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
|
|||
fi
|
||||
done
|
||||
fi
|
||||
if test "x$want_capath" = "xunset" -a "x$ca" = "xno" -a \
|
||||
"x$OPENSSL_ENABLED" = "x1"; then
|
||||
check_capath="/etc/ssl/certs/"
|
||||
AC_MSG_NOTICE([want $want_capath ca $ca])
|
||||
if test "x$want_capath" = "xunset"; then
|
||||
if test "x$OPENSSL_ENABLED" = "x1" -o \
|
||||
"x$GNUTLS_ENABLED" = "x1" -o \
|
||||
"x$MBEDTLS_ENABLED" = "x1" -o \
|
||||
"x$WOLFSSL_ENABLED" = "x1"; then
|
||||
check_capath="/etc/ssl/certs/"
|
||||
fi
|
||||
fi
|
||||
else
|
||||
dnl no option given and cross-compiling
|
||||
|
|
Загрузка…
Ссылка в новой задаче