1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
#include "config.h"
#include "fetchmail.h"
#ifdef SSL_ENABLE
#include <stdlib.h>
#include <string.h>
#include "tls-aux.h"
#include <openssl/x509.h>
/** return a constant copy of the default SSL certificate path, i. e.
* the directory with hashed certificates, see SSL_CTX_load_verify_locations(3).
* Return value not to be modified by caller. */
const char *get_default_cert_path(void) {
const char *rb = (char *)0, *tmp;
tmp = X509_get_default_cert_dir_env();
if (tmp) rb = getenv(tmp);
if (!rb) rb = X509_get_default_cert_dir();
return rb;
}
/** return a constant copy of the default SSL certificate file
* with a concatenation of all trusted certificates,
* the so-called certificate bundle. See SSL_CTX_load_verify_locations(3),
* Return value not to be modified by caller. */
const char *get_default_cert_file(void) {
const char *rb = (char *)0, *tmp;
tmp = X509_get_default_cert_file_env();
if (tmp) rb = getenv(tmp);
if (!rb) rb = X509_get_default_cert_file();
return rb;
}
#endif /* SSL_ENABLE */
#ifdef TEST
#include <stdio.h>
int main(void) {
#ifdef SSL_ENABLE
const char *tmp;
tmp = get_default_cert_file();
printf("X509 default cert file: %s\n", tmp ? tmp : "(null)");
tmp = get_default_cert_path();
printf("X509 default cert path: %s\n", tmp ? tmp : "(null)");
#else
puts("SSL support not compiled in.");
#endif /* SSL_ENABLE */
exit(EXIT_SUCCESS);
}
#endif /* TEST */
|
