On Fri, Dec 11, 2015 at 01:22:48PM +0200, Eli Zaretskii wrote: > > Date: Thu, 10 Dec 2015 01:12:37 +0100 > > From: Ángel González <keis...@gmail.com> > > Cc: bug-wget <bug-wget@gnu.org> > > > > On 09/12/15 03:06, Random Coder wrote: > > > I'm not sure if the wget maintainers would be interested, but I've > > > been carrying this patch around in my private builds of wget for a > > > while. It allows wget to load SSL certs from the default Windows cert > > > store. > > > > > > The patch itself is fairly straightforward, but as it changes the > > > default SSL behavior, and no care was taken to follow coding convents > > > when I wrote it, so it's probably not ready for inclusion in the > > > codebase. Still, if it's useful, feel free to use it for ideas. > > Wow, supporting the OS store would certainly be very cool. > > > > I would probably move it to windows.c and attempt to make it also work > > in gnutls, but in general it looks good. > > Wget compiled with GnuTLS already supports this feature: it calls > gnutls_certificate_set_x509_system_trust when the GnuTLS library > supports that. gnutls_certificate_set_x509_system_trust does > internally what the proposed patch does. > > So I think this code should indeed go only to openssl.c, as gnutls.c > already has its equivalent. > AFAIK OpenSSL source contains crypto engine that delegates all operations to Windows native cryptographical subsystem. It's only matter of default configuration.
-- Petr
signature.asc
Description: PGP signature
