Skip to content

Commit

Permalink
Merge pull request #7441 from kareem-wolfssl/zd17857
Browse files Browse the repository at this point in the history
Allow using wolfSSL_CTX_set_default_verify_paths without WOLFSSL_SYS_CA_CERTS defined.
  • Loading branch information
douzzer authored May 9, 2024
2 parents ac17616 + c1f23cc commit d53abc2
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 7 deletions.
4 changes: 2 additions & 2 deletions src/ssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -19614,7 +19614,7 @@ long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt, void* pt)
return ret;
}

#ifndef WOLFSSL_NO_STUB
#ifndef NO_WOLFSSL_STUB
long wolfSSL_CTX_callback_ctrl(WOLFSSL_CTX* ctx, int cmd, void (*fp)(void))
{
(void) ctx;
Expand All @@ -19624,7 +19624,7 @@ long wolfSSL_CTX_callback_ctrl(WOLFSSL_CTX* ctx, int cmd, void (*fp)(void))
return WOLFSSL_FAILURE;

}
#endif /* WOLFSSL_NO_STUB */
#endif /* NO_WOLFSSL_STUB */

#ifndef NO_WOLFSSL_STUB
long wolfSSL_CTX_clear_extra_chain_certs(WOLFSSL_CTX* ctx)
Expand Down
10 changes: 5 additions & 5 deletions src/ssl_load.c
Original file line number Diff line number Diff line change
Expand Up @@ -5029,8 +5029,6 @@ int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa)

#ifdef OPENSSL_EXTRA

#ifdef WOLFSSL_SYS_CA_CERTS

/* Use the default paths to look for CA certificate.
*
* This is an OpenSSL compatibility layer function, but it doesn't mirror
Expand Down Expand Up @@ -5089,7 +5087,7 @@ int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
WOLFSSL_MSG("wolfSSL_CTX_set_default_verify_paths not supported"
" with NO_FILESYSTEM enabled");
ret = WOLFSSL_FATAL_ERROR;
#else
#elif defined(WOLFSSL_SYS_CA_CERTS)
/* Load the system CA certificates. */
ret = wolfSSL_CTX_load_system_CA_certs(ctx);
if (ret == WOLFSSL_BAD_PATH) {
Expand All @@ -5098,6 +5096,10 @@ int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
*/
ret = 1;
}
#else
/* OpenSSL's implementation of this API does not require loading the
system CA cert directory. Allow skipping this without erroring out. */
ret = 1;
#endif
}

Expand All @@ -5106,8 +5108,6 @@ int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
return ret;
}

#endif /* WOLFSSL_SYS_CA_CERTS */

#endif /* OPENSSL_EXTRA */

#ifndef NO_DH
Expand Down

0 comments on commit d53abc2

Please sign in to comment.