pkgs/development/libraries/openssl/1.1/nix-ssl-cert-file.patch at python-updates

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / development / libraries / openssl / 1.1 / nix-ssl-cert-file.patch

at python-updates 15 lines 717 B view raw

wrap content

 1diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
 2index 244512c935..f0b70d7ea1 100644
 3--- a/crypto/x509/by_file.c
 4+++ b/crypto/x509/by_file.c
 5@@ -46,7 +46,9 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
 6     switch (cmd) {
 7     case X509_L_FILE_LOAD:
 8         if (argl == X509_FILETYPE_DEFAULT) {
 9-            file = ossl_safe_getenv(X509_get_default_cert_file_env());
10+            file = ossl_safe_getenv("NIX_SSL_CERT_FILE");
11+            if (!file)
12+                file = ossl_safe_getenv(X509_get_default_cert_file_env());
13             if (file)
14                 ok = (X509_load_cert_crl_file(ctx, file,
15                                               X509_FILETYPE_PEM) != 0);