diff --git a/checkin_notes b/checkin_notes index 296c099bc0..49c2e06629 100644 --- a/checkin_notes +++ b/checkin_notes @@ -12069,3 +12069,11 @@ David 3 Dec 2007 client_state.C,h cs_cmdline.C gui_rpc_server_ops.C + +Rom 3 Dec 2007 + - client: Use a buffer scoped to the HTTP_OP object instead of + a std::string scoped to the stack when passing the CABundle + location to libcurl. + + client/ + http_curl.C, .h diff --git a/client/http_curl.C b/client/http_curl.C index 153604cfb2..01c5bd6c57 100644 --- a/client/http_curl.C +++ b/client/http_curl.C @@ -147,6 +147,7 @@ void get_user_agent_string() { HTTP_OP::HTTP_OP() { strcpy(m_url, ""); + strcpy(m_curl_ca_bundle_location, ""); content_length = 0; file_offset = 0; strcpy(request_header, ""); @@ -328,14 +329,22 @@ The checking this option controls is of the identity that the server claims. The if (pszProg) { szPath[pszProg - szPath + 1] = 0; - strCABundlePath = szPath; - strCABundlePath += CA_BUNDLE_FILENAME; + strncat( + m_curl_ca_bundle_location, + szPath, + sizeof(m_curl_ca_bundle_location)-strlen(m_curl_ca_bundle_location) + ); + strncat( + m_curl_ca_bundle_location, + CA_BUNDLE_FILENAME, + sizeof(m_curl_ca_bundle_location)-strlen(m_curl_ca_bundle_location) + ); - if (boinc_file_exists(strCABundlePath.c_str())) { + if (boinc_file_exists(m_curl_ca_bundle_location)) { // call this only if a local copy of ca-bundle.crt exists; // otherwise, let's hope that it exists in the default place // - curlErr = curl_easy_setopt(curlEasy, CURLOPT_CAINFO, strCABundlePath.c_str()); + curlErr = curl_easy_setopt(curlEasy, CURLOPT_CAINFO, m_curl_ca_bundle_location); } } #else diff --git a/client/http_curl.h b/client/http_curl.h index 48c4df2b73..3ddbdd72f4 100644 --- a/client/http_curl.h +++ b/client/http_curl.h @@ -63,6 +63,7 @@ public: PROXY_INFO pi; char m_url[256]; + char m_curl_ca_bundle_location[256]; // string needed for ssl support char szCurlProxyUserPwd[128]; // string needed for proxy username/password int content_length;