uclient-fetch: wolfSSL: fix certificate validation

[project/uclient.git] / uclient-fetch.c

diff --git a/uclient-fetch.c b/uclient-fetch.c
index 1c66ac6d33ae6d5cf24bd8379e7d5233746ca1b5..958f75618194d141d5aaaec74ca0db165a2ae8f2 100644 (file)
--- a/uclient-fetch.c
+++ b/uclient-fetch.c
@@ -503,6 +503,7 @@ static void init_ca_cert(void)
        glob("/etc/ssl/certs/*.crt", 0, NULL, &gl);
        for (i = 0; i < gl.gl_pathc; i++)
                ssl_ops->context_add_ca_crt_file(ssl_ctx, gl.gl_pathv[i]);
+       globfree(&gl);
 }
 
 static void init_ustream_ssl(void)
@@ -590,6 +591,8 @@ int main(int argc, char **argv)
                        switch (longopt_idx) {
                        case L_NO_CHECK_CERTIFICATE:
                                verify = false;
+                               if (ssl_ctx)
+                                       ssl_ops->context_set_require_validation(ssl_ctx, verify);
                                break;
                        case L_CA_CERTIFICATE:
                                has_cert = true;