pyrox.dev
lol
1From d13a550dbc8876c35b912fe3e0eadd45b278be27 Mon Sep 17 00:00:00 2001
2From: Will Dietz <w@wdtz.org>
3Date: Fri, 18 May 2018 09:51:48 -0500
4Subject: [PATCH] add certificate path fallbacks
5
6---
7 lib/fetch/common.c | 2 ++
8 1 file changed, 2 insertions(+)
9
10diff --git a/lib/fetch/common.c b/lib/fetch/common.c
11index 94fb2651..79b50115 100644
12--- a/lib/fetch/common.c
13+++ b/lib/fetch/common.c
14@@ -1012,6 +1012,8 @@ fetch_ssl_setup_peer_verification(SSL_CTX *ctx, int verbose)
15
16 if (getenv("SSL_NO_VERIFY_PEER") == NULL) {
17 ca_cert_file = getenv("SSL_CA_CERT_FILE");
18+ ca_cert_file = ca_cert_file ? ca_cert_file : getenv("NIX_SSL_CERT_FILE");
19+ ca_cert_file = ca_cert_file ? ca_cert_file : "/etc/ssl/certs/ca-certificates.crt";
20 ca_cert_path = getenv("SSL_CA_CERT_PATH") != NULL ?
21 getenv("SSL_CA_CERT_PATH") : X509_get_default_cert_dir();
22 if (verbose) {
23--
242.17.0
25