summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/libwaitress/waitress.c16
-rw-r--r--src/libwaitress/waitress.h1
2 files changed, 11 insertions, 6 deletions
diff --git a/src/libwaitress/waitress.c b/src/libwaitress/waitress.c
index 8b6daa8..1a6d4cd 100644
--- a/src/libwaitress/waitress.c
+++ b/src/libwaitress/waitress.c
@@ -61,12 +61,12 @@ void WaitressInit (WaitressHandle_t *waith, const char *caPath) {
memset (waith, 0, sizeof (*waith));
waith->timeout = 30000;
#ifdef ENABLE_TLS
- gnutls_certificate_allocate_credentials (&waith->tlsCred);
- if (caPath == NULL) {
- caPath = "/etc/ssl/certs/ca-certificates.crt";
+ if (caPath != NULL) {
+ gnutls_certificate_allocate_credentials (&waith->tlsCred);
+ gnutls_certificate_set_x509_trust_file (waith->tlsCred, caPath,
+ GNUTLS_X509_FMT_PEM);
+ waith->tlsInitialized = true;
}
- gnutls_certificate_set_x509_trust_file (waith->tlsCred, caPath,
- GNUTLS_X509_FMT_PEM);
#endif
}
@@ -76,7 +76,9 @@ void WaitressFree (WaitressHandle_t *waith) {
free (waith->url.url);
free (waith->proxy.url);
#ifdef ENABLE_TLS
- gnutls_certificate_free_credentials (waith->tlsCred);
+ if (waith->tlsInitialized) {
+ gnutls_certificate_free_credentials (waith->tlsCred);
+ }
#endif
memset (waith, 0, sizeof (*waith));
}
@@ -1029,6 +1031,8 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
#ifdef ENABLE_TLS
if (waith->url.tls) {
+ assert (waith->tlsInitialized);
+
waith->request.read = WaitressGnutlsRead;
waith->request.write = WaitressGnutlsWrite;
gnutls_init (&waith->request.tlsSession, GNUTLS_CLIENT);
diff --git a/src/libwaitress/waitress.h b/src/libwaitress/waitress.h
index eb79393..bc697e7 100644
--- a/src/libwaitress/waitress.h
+++ b/src/libwaitress/waitress.h
@@ -95,6 +95,7 @@ typedef struct {
int timeout;
#ifdef ENABLE_TLS
gnutls_certificate_credentials_t tlsCred;
+ bool tlsInitialized;
#endif
/* per-request data */