From 9b837748aa61c74ffe0b369b7de8f51994cc0f85 Mon Sep 17 00:00:00 2001 From: kervala Date: Mon, 18 Apr 2016 13:40:46 +0200 Subject: [PATCH] Merge with develop --- code/ryzom/client/src/http_client_curl.cpp | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/code/ryzom/client/src/http_client_curl.cpp b/code/ryzom/client/src/http_client_curl.cpp index 5056815d2..92bf3e957 100644 --- a/code/ryzom/client/src/http_client_curl.cpp +++ b/code/ryzom/client/src/http_client_curl.cpp @@ -20,6 +20,7 @@ #include #include +#include using namespace NLMISC; using namespace NLNET; @@ -62,11 +63,11 @@ bool CCurlHttpClient::authenticate(const std::string &user, const std::string &p const char *CAFilename = "ssl_ca_cert.pem"; // this is the certificate "Thawte Server CA" // *************************************************************************** -static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm) +static CURLcode sslctx_function(CURL * /* curl */, void *sslctx, void * /* parm */) { // look for certificate in search paths string path = CPath::lookup(CAFilename); - nldebug("Cert path '%s'", path.c_str()); + nlinfo("Cert path '%s'", path.c_str()); if (path.empty()) { @@ -91,6 +92,8 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm) // get a BIO BIO *bio = BIO_new_mem_buf(&buffer[0], file.getFileSize()); + + char errorBuffer[1024]; if (bio) { @@ -113,8 +116,19 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm) // add our certificate to this store if (X509_STORE_add_cert(store, itmp->x509) == 0) { - nlwarning("Error adding certificate"); - res = CURLE_SSL_CACERT; + uint errCode = ERR_get_error(); + + // ignore already in hash table errors + if (ERR_GET_LIB(errCode) != ERR_LIB_X509 || ERR_GET_REASON(errCode) != X509_R_CERT_ALREADY_IN_HASH_TABLE) + { + ERR_error_string_n(errCode, errorBuffer, 1024); + nlwarning("Error adding certificate %s: %s", itmp->x509->name, errorBuffer); + res = CURLE_SSL_CACERT; + } + } + else + { + nlinfo("Added certificate %s", itmp->x509->name); } } }