From: Azat Khuzhin Date: Mon, 23 Nov 2015 22:35:25 +0000 (+0300) Subject: sample/https-client: allow to change path to ca-certificates X-Git-Tag: release-2.1.6-beta~90^2~10 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fdf713a08b9e58b2264b9efc3f2aae74ffaba9f1;p=libevent sample/https-client: allow to change path to ca-certificates And default to one that linux have, for freebsd you will need: $ https-client -url https://google.com -crt /usr/local/share/certs/ca-root-nss.crt --- diff --git a/sample/https-client.c b/sample/https-client.c index cbe0b930..029cd19c 100644 --- a/sample/https-client.c +++ b/sample/https-client.c @@ -96,7 +96,7 @@ static void syntax(void) { fputs("Syntax:\n", stderr); - fputs(" https-client -url [-data data-file.bin] [-ignore-cert] [-retries num] [-timeout sec]\n", stderr); + fputs(" https-client -url [-data data-file.bin] [-ignore-cert] [-retries num] [-timeout sec] [-crt crt]\n", stderr); fputs("Example:\n", stderr); fputs(" https-client -url https://ip.appspot.com/\n", stderr); } @@ -189,6 +189,7 @@ main(int argc, char **argv) struct evhttp_uri *http_uri = NULL; const char *url = NULL, *data_file = NULL; + const char *crt = "/etc/ssl/certs/ca-certificates.crt"; const char *scheme, *host, *path, *query; char uri[256]; int port; @@ -215,6 +216,13 @@ main(int argc, char **argv) syntax(); goto error; } + } else if (!strcmp("-crt", argv[i])) { + if (i < argc - 1) { + crt = argv[i + 1]; + } else { + syntax(); + goto error; + } } else if (!strcmp("-ignore-cert", argv[i])) { ignore_cert = 1; } else if (!strcmp("-data", argv[i])) { @@ -328,9 +336,7 @@ main(int argc, char **argv) /* Attempt to use the system's trusted root certificates. * (This path is only valid for Debian-based systems.) */ - if (1 != SSL_CTX_load_verify_locations(ssl_ctx, - "/etc/ssl/certs/ca-certificates.crt", - NULL)) { + if (1 != SSL_CTX_load_verify_locations(ssl_ctx, crt, NULL)) { err_openssl("SSL_CTX_load_verify_locations"); goto error; }