pyrox.dev / nixpkgs
lol
fork atom

perlPackages.LWPProtocolHttps: update patch for NIX_SSL_CERT_FILE

Update patch that supports NIX_SSL_CERT_FILE env variable so it's
compatible with LWP::Protocol::https 6.11

The new patch does not handle SSL_CERT_FILE or default cert store paths
as this is managed by IO::Socket::SSL.

Stig Palmquist ae4c0e39 3605aee7

+9 -26
+9 -26
pkgs/development/perl-modules/lwp-protocol-https-cert-file.patch
··· 1 - From 321401098f2c86a6f68e186cfc06e030b09484b6 Mon Sep 17 00:00:00 2001 2 - From: Tyson Whitehead <twhitehead@gmail.com> 3 - Date: Fri, 29 Jun 2018 15:47:00 -0400 4 - Subject: [PATCH] Respect NIX_SSL_CERT_FILE and SSL_CERT_FILE (in that order) 5 - 6 - --- 7 - lib/LWP/Protocol/https.pm | 8 ++++++++ 8 - 1 file changed, 8 insertions(+) 9 - 10 1 diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm 11 - index f7230e2..c78b9ce 100644 2 + index 645e828..7098f64 100644 12 3 --- a/lib/LWP/Protocol/https.pm 13 4 +++ b/lib/LWP/Protocol/https.pm 14 - @@ -23,6 +23,14 @@ sub _extra_sock_opts 15 - $ssl_opts{SSL_verify_mode} = 0; 5 + @@ -29,6 +29,9 @@ sub _extra_sock_opts 6 + } 16 7 } 17 8 if ($ssl_opts{SSL_verify_mode}) { 18 - + unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { 19 - + $ssl_opts{SSL_ca_file} = $ENV{'NIX_SSL_CERT_FILE'} 20 - + if !defined $ssl_opts{SSL_ca_file}; 21 - + $ssl_opts{SSL_ca_file} = $ENV{'SSL_CERT_FILE'} 22 - + if !defined $ssl_opts{SSL_ca_file}; 23 - + $ssl_opts{SSL_ca_file} = "/etc/ssl/certs/ca-certificates.crt" 24 - + if !defined $ssl_opts{SSL_ca_file} && -e "/etc/ssl/certs/ca-certificates.crt"; 25 - + } 26 - unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { 27 - eval { 28 - require Mozilla::CA; 29 - -- 30 - 2.14.0 31 - 9 + + if ($ENV{NIX_SSL_CERT_FILE}) { 10 + + $ssl_opts{SSL_ca_file} //= $ENV{NIX_SSL_CERT_FILE}; 11 + + } 12 + unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { 13 + if ($Net::HTTPS::SSL_SOCKET_CLASS eq 'IO::Socket::SSL' 14 + && defined &IO::Socket::SSL::default_ca