From 272c95891cbc3cea040f9defb78893cd640edc33 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Tue, 8 Dec 2009 02:30:25 +0000
Subject: [PATCH] Null out curl CA list to prevent misleading access to it.

---
 xmltooling/util/CurlURLInputStream.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/xmltooling/util/CurlURLInputStream.cpp b/xmltooling/util/CurlURLInputStream.cpp
index 2dbd77b..1e21ea8 100644
--- a/xmltooling/util/CurlURLInputStream.cpp
+++ b/xmltooling/util/CurlURLInputStream.cpp
@@ -171,6 +171,7 @@ void CurlURLInputStream::init(const DOMElement* e)
     curl_easy_setopt(fEasy, CURLOPT_USERPWD,NULL);
     curl_easy_setopt(fEasy, CURLOPT_SSL_VERIFYHOST, 2);
     curl_easy_setopt(fEasy, CURLOPT_SSL_VERIFYPEER, 0);
+    curl_easy_setopt(fEasy, CURLOPT_CAINFO, NULL);
     curl_easy_setopt(fEasy, CURLOPT_SSL_CIPHER_LIST, "ALL:!aNULL:!LOW:!EXPORT:!SSLv2");
     curl_easy_setopt(fEasy, CURLOPT_NOPROGRESS, 1);
     curl_easy_setopt(fEasy, CURLOPT_NOSIGNAL, 1);
-- 
2.1.4