add profanity-specific CAfile

The profanity-internal mechanism to allow connecting to a server isn't
easily portable to cURL. Therefor introduce a profanity-specific CAfile
which is managed individually and will be configured in libcurl calls.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>

1 files changed, 3 insertions, 0 deletions

diff --git a/src/event/server_events.c b/src/event/server_events.c
index 5963c96b..4a35302f 100644
--- a/src/event/server_events.c
+++ b/src/event/server_events.c
@@ -47,6 +47,7 @@
 #include "config/preferences.h"
 #include "config/tlscerts.h"
 #include "config/account.h"
+#include "config/cafile.h"
 #include "config/scripts.h"
 #include "event/client_events.h"
 #include "event/common.h"
@@ -1138,6 +1139,7 @@ sv_ev_certfail(const char* const errormsg, const TLSCertificate* cert)
 {
     // check profanity trusted certs
     if (tlscerts_exists(cert->fingerprint)) {
+        cafile_add(cert);
         return 1;
     }
 
@@ -1181,6 +1183,7 @@ sv_ev_certfail(const char* const errormsg, const TLSCertificate* cert)
         cons_show("Adding %s to trusted certificates.", cert->fingerprint);
         if (!tlscerts_exists(cert->fingerprint)) {
             tlscerts_add(cert);
+            cafile_add(cert);
         }
         free(cmd);
         return 1;