tidy-up: make 'CA' uppercase, where missing

```sh
git grep -w ca | grep -v -E -i 'ca[;"=/()%_.-]' | grep -v -E -i '[*$"=/()%_.-]ca'
```

Closes #22135
This commit is contained in:
Viktor Szakats 2026-06-22 15:52:23 +02:00
parent 5735540835
commit b0d0f16d20
No known key found for this signature in database
14 changed files with 25 additions and 25 deletions

View file

@ -1127,7 +1127,7 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
capath="$want_capath"
ca="no"
elif test "$ca_native" != "no"; then
dnl native ca configured, do not look further
dnl native CA configured, do not look further
ca="no"
capath="no"
else
@ -1161,7 +1161,7 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
fi
done
fi
AC_MSG_NOTICE([want $want_capath ca $ca])
AC_MSG_NOTICE([want $want_capath CA $ca])
if test "x$want_capath" = "xunset"; then
check_capath="/etc/ssl/certs"
fi
@ -1197,13 +1197,13 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
if test "x$ca" != "xno"; then
CURL_CA_BUNDLE="$ca"
AC_DEFINE_UNQUOTED(CURL_CA_BUNDLE, "$ca", [Location of default ca bundle])
AC_DEFINE_UNQUOTED(CURL_CA_BUNDLE, "$ca", [Location of default CA bundle])
AC_SUBST(CURL_CA_BUNDLE)
AC_MSG_RESULT([$ca])
fi
if test "x$capath" != "xno"; then
CURL_CA_PATH="\"$capath\""
AC_DEFINE_UNQUOTED(CURL_CA_PATH, "$capath", [Location of default ca path])
AC_DEFINE_UNQUOTED(CURL_CA_PATH, "$capath", [Location of default CA path])
AC_MSG_RESULT([$capath (capath)])
fi
if test "x$ca" = "xno" && test "x$capath" = "xno"; then

View file

@ -5535,11 +5535,11 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
Verbose errors: ${curl_verbose_msg}
Code coverage: ${curl_coverage_msg}
SSPI: ${curl_sspi_msg}
ca native: ${ca_native}
ca cert bundle: ${ca}${ca_warning}
ca cert path: ${capath}${capath_warning}
ca cert embed: ${CURL_CA_EMBED_msg}
ca fallback: ${with_ca_fallback}
CA native: ${ca_native}
CA cert bundle: ${ca}${ca_warning}
CA cert path: ${capath}${capath_warning}
CA cert embed: ${CURL_CA_EMBED_msg}
CA fallback: ${with_ca_fallback}
LDAP: ${curl_ldap_msg}
LDAPS: ${curl_ldaps_msg}
IPFS/IPNS: ${curl_ipfs_msg}

View file

@ -204,16 +204,16 @@ world wide.
## Why do you not update ca-bundle.crt
In the curl project we have decided not to attempt to keep this file updated
(or even present) since deciding what to add to a ca cert bundle is an
(or even present) since deciding what to add to a CA cert bundle is an
undertaking we have not been ready to accept, and the one we can get from
Mozilla is perfectly fine so there is no need to duplicate that work.
Today, with many services performed over HTTPS, every operating system should
come with a default ca cert bundle that can be deemed somewhat trustworthy and
come with a default CA cert bundle that can be deemed somewhat trustworthy and
that collection (if reasonably updated) should be deemed to be a lot better
than a private curl version.
If you want the most recent collection of ca certs that Mozilla Firefox uses,
If you want the most recent collection of CA certs that Mozilla Firefox uses,
we recommend using our online [CA certificate
service](https://curl.se/docs/caextract.html) setup for this purpose.

View file

@ -591,7 +591,7 @@ Failing the verification causes curl to deny the connection. You must then
use [`--insecure`](https://curl.se/docs/manpage.html#-k) (`-k`) in case you
want to tell curl to ignore that the server cannot be verified.
More about server certificate verification and ca cert bundles can be read in
More about server certificate verification and CA cert bundles can be read in
the [`SSLCERTS` document](https://curl.se/docs/sslcerts.html).
At times you may end up with your own CA cert store and then you can tell

View file

@ -155,7 +155,7 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_CAINFO, NULL);
curl_easy_setopt(curl, CURLOPT_CAPATH, NULL);
/* first try: retrieve page without ca certificates -> should fail
/* first try: retrieve page without CA certificates -> should fail
* unless libcurl was built --with-ca-fallback enabled at build-time
*/
result = curl_easy_perform(curl);

View file

@ -1420,7 +1420,7 @@ to figure out success on each individual transfer.
# SSL, Certificates and Other Tricks
[ seeding, passwords, keys, certificates, ENGINE, ca certs ]
[ seeding, passwords, keys, certificates, ENGINE, CA certs ]
# Sharing Data Between Easy Handles

View file

@ -53,7 +53,7 @@ int main(void)
char *cainfo = NULL;
curl_easy_getinfo(curl, CURLINFO_CAINFO, &cainfo);
if(cainfo) {
printf("default ca info path: %s\n", cainfo);
printf("default CA info path: %s\n", cainfo);
}
curl_easy_cleanup(curl);
}

View file

@ -56,7 +56,7 @@ int main(void)
char *capath = NULL;
curl_easy_getinfo(curl, CURLINFO_CAPATH, &capath);
if(capath) {
printf("default ca path: %s\n", capath);
printf("default CA path: %s\n", capath);
}
curl_easy_cleanup(curl);
}

View file

@ -34,7 +34,7 @@
/* Global configuration parameters: normally generated by autoconf. */
/* ---------------------------------------------------------------- */
/* Location of default ca bundle */
/* Location of default CA bundle */
/* Use the system keyring as the default CA bundle. */
#define CURL_CA_BUNDLE "/QIBM/UserData/ICSS/Cert/Server/DEFAULT.KDB"

View file

@ -22,13 +22,13 @@
*
***************************************************************************/
/* Location of default ca bundle */
/* Location of default CA bundle */
#cmakedefine CURL_CA_BUNDLE "${CURL_CA_BUNDLE}"
/* define "1" to use built-in ca store of TLS backend */
/* define "1" to use built-in CA store of TLS backend */
#cmakedefine CURL_CA_FALLBACK 1
/* Location of default ca path */
/* Location of default CA path */
#cmakedefine CURL_CA_PATH "${CURL_CA_PATH}"
/* Default SSL backend */

View file

@ -241,7 +241,7 @@ static void ssl_easy_config_compl_options(struct Curl_peer *origin,
uint8_t options = sslc->primary.ssl_options;
/* If set via CURLOPT_(PROXY_)SSL_OPTIONS, we definitely use it.
* If not, we switch it on for supported backends if no custom
* ca settings exist. */
* CA settings exist. */
sslc->native_ca_store = !!(options & CURLSSLOPT_NATIVE_CA);
sslc->enable_beast = !!(options & CURLSSLOPT_ALLOW_BEAST);
sslc->no_partialchain = !!(options & CURLSSLOPT_NO_PARTIALCHAIN);

View file

@ -45,7 +45,7 @@ if test "$HAVE_PROTO_BSDSOCKET_H" = "1"; then
test "amissl" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
AMISSL_ENABLED=1
OPENSSL_ENABLED=1
dnl Use AmiSSL's built-in ca bundle
dnl Use AmiSSL's built-in CA bundle
check_for_ca_bundle=1
with_ca_fallback=yes
LIBS="-lamisslstubs -lamisslauto $LIBS"

View file

@ -215,7 +215,7 @@ $write cvh ""
$!
$! We are now setting this on the GNV build, so also do this
$! for compatibility.
$write cvh "/* Location of default ca path */"
$write cvh "/* Location of default CA path */"
$write cvh "#define curl_ca_path ""gnv$curl_ca_path"""
$!
$! The config_h.com finds a bunch of default disable commands in

View file

@ -23,7 +23,7 @@
# *
# ***************************************************************************
# This shell script creates a fresh ca-bundle.crt file for use with libcurl.
# It extracts all ca certs it finds in the local Firefox database and converts
# It extracts all CA certs it finds in the local Firefox database and converts
# them all into PEM format.
#
# It uses the "certutil" command line tool from the NSS project to perform the