groove/routeros-scripts-main
1
0
Fork 0
mirror of https://github.com/eworm-de/routeros-scripts.git synced 2026-02-14 04:09:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix curl false positives when default capath contains system certs

Browse source 
If curl has a default capath (debian 12 capath=/etc/ssl/certs)
it will add those certs and return ok to any valid https url,
defeating the intended use of the cacert option in the Makefile
that validates sites and certs.

To avoid that, adding option "--capath /dev/null" overrides
the default value, if any.
This commit is contained in:
Miquel Bonastre 2025-01-30 20:27:14 +01:00
parent a446f31262
commit 1b4c64a1fa
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
certs/Makefile
View file

@ -29,4 +29,4 @@ DOMAINS = \
all: $(DOMAINS)
$(DOMAINS):
curl --output /dev/null --silent --connect-timeout 5 --cacert $(notdir $@).pem https://$(dir $@)
curl --output /dev/null --silent --connect-timeout 5 --capath /dev/null --cacert $(notdir $@).pem https://$(dir $@)