From a4ff6cde5d20398069c65b45e0b8c74ba1e92e16 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Wed, 7 Dec 2005 23:46:21 +0000
Subject: Actually set default SSL certificate path if --sslcertpath is unset.
 Reported by Heino Tiedemann and Rob MacGregor.

svn path=/branches/BRANCH_6-3/; revision=4516
---
 NEWS     | 2 ++
 socket.c | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/NEWS b/NEWS
index cd0f1cec..32e628c3 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,8 @@ fetchmail 6.3.1 (not yet released):
 * Fix broken default port in POP2. Patch by Stanislav Brabec, SUSE [CZ]. (MA)
 * Fix manual page, some lines starting with ' were escaped by \&. (MA)
 * Ship with gettext-0.14.3 again, as 6.2.9-rc10 did. Found by Sunil Shetye. (MA)
+* Actually set default SSL certificate path if --sslcertpath is unset.
+  Reported by Heino Tiedemann and Rob MacGregor. (MA)
 
 fetchmail 6.3.0 (released 2005-11-30):
 
diff --git a/socket.c b/socket.c
index 6fade9dd..dbd8ce14 100644
--- a/socket.c
+++ b/socket.c
@@ -841,6 +841,8 @@ int SSLOpen(int sock, char *mycert, char *mykey, char *myproto, int certck, char
 	}
 	if (certpath)
 		SSL_CTX_load_verify_locations(_ctx, NULL, certpath);
+	else
+		SSL_CTX_set_default_verify_paths(_ctx);
 	
 	_ssl_context[sock] = SSL_new(_ctx);
 	
-- 
cgit v1.2.3