--- a/loudmouth/lm-ssl-gnutls.c Wed Feb 10 23:23:38 2016 +0100
+++ b/loudmouth/lm-ssl-gnutls.c Thu Feb 11 21:00:41 2016 +0100
@@ -187,7 +187,6 @@
{
gnutls_global_init ();
gnutls_certificate_allocate_credentials (&ssl->gnutls_xcred);
- gnutls_certificate_set_x509_system_trust(ssl->gnutls_xcred);
}
gboolean
@@ -272,6 +271,8 @@
}
if (base->ca_path) {
_lm_ssl_set_ca(ssl, base->ca_path);
+ } else {
+ gnutls_certificate_set_x509_system_trust(ssl->gnutls_xcred);
}
gnutls_credentials_set (ssl->gnutls_session,
GNUTLS_CRD_CERTIFICATE,
--- a/loudmouth/lm-ssl-openssl.c Wed Feb 10 23:23:38 2016 +0100
+++ b/loudmouth/lm-ssl-openssl.c Thu Feb 11 21:00:41 2016 +0100
@@ -383,7 +383,6 @@
cert_file, "/etc/ssl/certs")) {
g_warning("SSL_CTX_load_verify_locations() failed");
}*/
- SSL_CTX_set_default_verify_paths (ssl->ssl_ctx);
SSL_CTX_set_verify (ssl->ssl_ctx, SSL_VERIFY_PEER, ssl_verify_cb);
}
@@ -436,6 +435,8 @@
}
if (base->ca_path) {
_lm_ssl_set_ca (ssl, base->ca_path);
+ } else {
+ SSL_CTX_set_default_verify_paths (ssl->ssl_ctx);
}
ssl->ssl = SSL_new(ssl->ssl_ctx);