Merge pull request #67 from awslabs/CAInfo

Added ca info configuration.

Author: JonathanHenson

aws-cpp-sdk-core/include/aws/core/client/ClientConfiguration.h

@@ -112,9 +112,16 @@ namespace Aws
             bool verifySSL;
             /**
              * If your Certificate Authority path is different from the default, you can tell
-             * curl where to find your CA trust store.
+             * clients that aren't using the default trust store where to find your CA trust store.
+             * If you are on windows or apple, you likely don't want this.
              */
             Aws::String caPath;
+            /**
+             * If you certificate file is different from the default, you can tell clients that
+             * aren't using the default trust store where to find your ca file.
+             * If you are on windows or apple, you likely dont't want this.
+             */
+             Aws::String caFile;
             /**
              * Rate Limiter implementation for outgoing bandwidth. Default is wide-open.
              */

aws-cpp-sdk-core/include/aws/core/http/curl/CurlHttpClient.h

@@ -54,6 +54,7 @@ class AWS_CORE_API CurlHttpClient: public HttpClient
     unsigned m_proxyPort;
     bool m_verifySSL;
     Aws::String m_caPath;
+    Aws::String m_caFile;
     bool m_allowRedirects;
 
     static std::atomic<bool> isInit;

aws-cpp-sdk-core/source/http/curl/CurlHttpClient.cpp

@@ -284,7 +284,8 @@ CurlHttpClient::CurlHttpClient(const ClientConfiguration& clientConfig) :
     m_curlHandleContainer(clientConfig.maxConnections, clientConfig.requestTimeoutMs, clientConfig.connectTimeoutMs),
     m_isUsingProxy(!clientConfig.proxyHost.empty()), m_proxyUserName(clientConfig.proxyUserName),
     m_proxyPassword(clientConfig.proxyPassword), m_proxyHost(clientConfig.proxyHost),
-    m_proxyPort(clientConfig.proxyPort), m_verifySSL(clientConfig.verifySSL), m_caPath(clientConfig.caPath), m_allowRedirects(clientConfig.followRedirects)
+    m_proxyPort(clientConfig.proxyPort), m_verifySSL(clientConfig.verifySSL), m_caPath(clientConfig.caPath),
+    m_caFile(clientConfig.caFile), m_allowRedirects(clientConfig.followRedirects)
 {
 }
 
@@ -358,6 +359,10 @@ std::shared_ptr<HttpResponse> CurlHttpClient::MakeRequest(HttpRequest& request,
         {
             curl_easy_setopt(connectionHandle, CURLOPT_CAPATH, m_caPath.c_str());
         }
+        if(!m_caFile.empty())
+        {
+            curl_easy_setopt(connectionHandle, CURLOPT_CAINFO, m_caFile.c_str());
+        }
 
 	// only set by android test builds because the emulator is missing a cert needed for aws services
 #ifdef TEST_CERT_PATH