tProvide local copy of TLS CA certs on Windows - vaccinewars - be a doctor and try to vaccinate the world
(HTM) git clone git://src.adamsgaard.dk/vaccinewars
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 8da737ea0755185abfcb3d7e4ff95f06deed3a1c
(DIR) parent 75f503a26a4b9c3327347e9127223d7b54bcdf2c
(HTM) Author: Ben Webb <ben@salilab.org>
Date: Wed, 11 Nov 2020 12:20:08 -0800
Provide local copy of TLS CA certs on Windows
Without this, curl connections to the metaserver may fail
on Windows as it cannot verify the certificate.
Diffstat:
M src/network.c | 25 +++++++++++++++++++++++++
M src/winmain.h | 2 ++
2 files changed, 27 insertions(+), 0 deletions(-)
---
(DIR) diff --git a/src/network.c b/src/network.c
t@@ -29,6 +29,7 @@
#ifdef CYGWIN
#include <winsock2.h> /* For network functions */
#include <windows.h> /* For datatypes such as BOOL */
+#include "winmain.h"
#else
#include <sys/types.h> /* For size_t etc. */
#include <sys/socket.h> /* For struct sockaddr etc. */
t@@ -1188,6 +1189,27 @@ gboolean CurlEasySetopt1(CURL *curl, CURLoption option, void *arg, GError **err)
}
}
+#ifdef CYGWIN
+/* Set the path to TLS CA certificates. Without this, curl connections
+ to the metaserver may fail on Windows as it cannot verify the
+ certificate.
+ */
+static gboolean SetCaInfo(CurlConnection *conn, GError **err)
+{
+ gchar *bindir, *cainfo;
+ gboolean ret;
+
+ /* Point to a .crt file in the same directory as dopewars.exe */
+ bindir = GetBinaryDir();
+ cainfo = g_strdup_printf("%s\\ca-bundle.crt", bindir);
+ g_free(bindir);
+
+ ret = CurlEasySetopt1(conn->h, CURLOPT_CAINFO, cainfo, err);
+ g_free(cainfo);
+ return ret;
+}
+#endif
+
gboolean OpenCurlConnection(CurlConnection *conn, char *URL, char *body,
GError **err)
{
t@@ -1210,6 +1232,9 @@ gboolean OpenCurlConnection(CurlConnection *conn, char *URL, char *body,
|| !CurlEasySetopt1(conn->h, CURLOPT_WRITEDATA, conn, err)
|| !CurlEasySetopt1(conn->h, CURLOPT_HEADERFUNCTION,
MetaConnHeaderFunc, err)
+#ifdef CYGWIN
+ || !SetCaInfo(conn, err)
+#endif
|| !CurlEasySetopt1(conn->h, CURLOPT_HEADERDATA, conn, err)) {
return FALSE;
}
(DIR) diff --git a/src/winmain.h b/src/winmain.h
t@@ -25,6 +25,8 @@
#ifdef CYGWIN
+#include <glib.h>
+
gchar *GetBinaryDir(void);
#endif /* CYGWIN */