build: Make CA root certificates path configurable

Use of installed CA root certificates can also be disabled entirely, but that just breaks everything.
author: Patrick McDermott <patrick.mcdermott@libiquity.com> 2019-07-31 01:52:42 (EDT)
committer: Patrick McDermott <patrick.mcdermott@libiquity.com> 2019-07-31 01:52:42 (EDT)
commit: 56f5702a7abc8aba9804a1d45f3a5662a2121a19 (patch)
tree: 065c9c91edd573f2e86c3d59c944a9f74de6a88d /src
parent: 6256730f0c367def45c219027706d3adbe74276b (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/src/s_client.c b/src/s_client.c
index 37d59fb..0cd77ca 100644
--- a/src/s_client.c
+++ b/src/s_client.c
@@ -19,6 +19,10 @@
  * along with wolfssl-util.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
 #include <errno.h>
 #include <netdb.h>
 #include <poll.h>
@@ -35,8 +39,6 @@
 
 #include "commands.h"
 
-#define CA_CERTS "/etc/ssl/certs"
-
 #define ARRAY_SIZE(a)  (sizeof(a) / sizeof((a)[0]))
 #undef MAX
 #define MAX(a, b)      (((a) > (b)) ? (a) : (b))
@@ -313,12 +315,14 @@ s_client(int argc, char **argv)
 		goto error;
 	}
 
+#if defined(HAVE_CA_CERTS) && HAVE_CA_CERTS
 	if (wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, CA_CERTS,
 				WOLFSSL_LOAD_FLAG_IGNORE_ERR) !=
 			WOLFSSL_SUCCESS) {
 		fputs("Failed to load CA certificates\n", stderr);
 		goto error;
 	}
+#endif
 
 	(void) servername;
 	if (
author	Patrick McDermott <patrick.mcdermott@libiquity.com>	2019-07-31 01:52:42 (EDT)
committer	Patrick McDermott <patrick.mcdermott@libiquity.com>	2019-07-31 01:52:42 (EDT)
commit	56f5702a7abc8aba9804a1d45f3a5662a2121a19 (patch)
tree	065c9c91edd573f2e86c3d59c944a9f74de6a88d /src
parent	6256730f0c367def45c219027706d3adbe74276b (diff)