forked from wolfSSL/wolfssl
8cae05348c
This new function, wolfSSL_CTX_load_system_CA_certs, currently only supports Linux-based OS's. It searches through conventional CA directories and once it finds one, attempts to load CA certs from it. After the first directory is found, we don't check the others. This commit also adds a function wolfSSL_get_system_CA_dirs, which returns a pointer to an array of directories where wolfSSL_CTX_load_system_CA_certs will look for CA certs. This is used in a unit test, where we only want to expect success if one of these directories actually exists on the test system. Finally, this commit adds support for SSL_CTX_set_default_verify_paths to the compatibility layer. It doesn't model the exact behavior of its OpenSSL counterpart; it's mostly a wrapper around wolfSSL_CTX_load_system_CA_certs, manipulating the return value of that function to conform to OpenSSL's conventions.
The wolfSSL manual is available at: http://www.wolfssl.com/documentation/wolfSSL-Manual.pdf The wolfSSL API guide is available at: https://www.wolfssl.com/doxygen/wolfssl_API.html The wolfCrypt API guide is available at: https://www.wolfssl.com/doxygen/wolfcrypt_API.html