Commit 64bb7ae6 authored Sep 10, 2017 by Jay Satiro

mbedtls: enable CA path processing

CA path processing was implemented when mbedtls.c was added to libcurl
in fe7590f7, but it was never enabled.

Bug: https://github.com/curl/curl/issues/1877


Reported-by:  <SBKarr@users.noreply.github.com>

parent a14f7152

docs/libcurl/opts/CURLOPT_CAPATH.3

+3 −2

Original line number	Diff line number	Diff line
		@@ -54,8 +54,9 @@ if(curl) {
		}
		.fi
		.SH AVAILABILITY
		This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
		backend provides the option only for backward compatibility.
		This option is supported by the OpenSSL, GnuTLS, PolarSSL and mbedTLS
		(since 7.56.0) backends. The NSS backend provides the option only for
		backward compatibility.
		.SH RETURN VALUE
		CURLE_OK if supported; or an error such as:

docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3

+3 −2

Original line number	Diff line number	Diff line
		@@ -55,8 +55,9 @@ if(curl) {
		.SH AVAILABILITY
		Added in 7.52.0

		This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
		backend provides the option only for backward compatibility.
		This option is supported by the OpenSSL, GnuTLS, PolarSSL and mbedTLS
		(since 7.56.0) backends. The NSS backend provides the option only for
		backward compatibility.
		.SH RETURN VALUE
		CURLE_OK if supported; or an error such as:

lib/vtls/mbedtls.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1042,7 +1042,7 @@ static void Curl_mbedtls_get_internals(struct ssl_connect_data connssl,
		const struct Curl_ssl Curl_ssl_mbedtls = {
		{ CURLSSLBACKEND_MBEDTLS, "mbedtls" }, /* info */

		0, /* have_ca_path */
		1, /* have_ca_path */
		0, /* have_certinfo */
		1, /* have_pinnedpubkey */
		1, /* have_ssl_ctx */