guix/gnu/packages/patches/glib-networking-ssl-cert-file.patch
宋文武 907f939b9b gnu: glib-networking: Prefer 'SSL_CERT_FILE' as TLS CA file.
This is an improvement over commit af6100f.

* gnu/packages/gnome.scm (glib-networking)[source](patches): New field.
  [arguments]: Pass '/etc/ssl/certs/ca-certificates.crt' to configure.
  Set 'SSL_CERT_FILE' to '/dev/null' in 'use-empty-ssl-cert-file' phase.
  (libsoup)[arguments]: Set 'SSL_CERT_FILE' to '/dev/null' in
  'pre-check' phase.
* gnu/packages/patches/glib-networking-ssl-cert-file.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
2015-08-14 17:58:48 -04:00

30 lines
993 B
Diff

From b010e41346d418220582c20ab8d7f3971e4fb78a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@gmail.com>
Date: Fri, 14 Aug 2015 17:28:36 +0800
Subject: [PATCH] gnutls: Allow overriding the anchor file location by
'SSL_CERT_FILE'
---
tls/gnutls/gtlsbackend-gnutls.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tls/gnutls/gtlsbackend-gnutls.c b/tls/gnutls/gtlsbackend-gnutls.c
index 55ec1a5..217d3c8 100644
--- a/tls/gnutls/gtlsbackend-gnutls.c
+++ b/tls/gnutls/gtlsbackend-gnutls.c
@@ -101,8 +101,10 @@ g_tls_backend_gnutls_real_create_database (GTlsBackendGnutls *self,
GError **error)
{
const gchar *anchor_file = NULL;
+ anchor_file = g_getenv ("SSL_CERT_FILE");
#ifdef GTLS_SYSTEM_CA_FILE
- anchor_file = GTLS_SYSTEM_CA_FILE;
+ if (!anchor_file)
+ anchor_file = GTLS_SYSTEM_CA_FILE;
#endif
return g_tls_file_database_new (anchor_file, error);
}
--
2.4.3