Index: libsoup-2.32.2/libsoup/soup-gnutls.c
===================================================================
--- libsoup-2.32.2.orig/libsoup/soup-gnutls.c
+++ libsoup-2.32.2/libsoup/soup-gnutls.c
@@ -618,8 +618,8 @@ soup_ssl_get_client_credentials (const c
gnutls_certificate_set_verify_flags (creds->creds,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
+ creds->have_ca_file = TRUE;
if (ca_file) {
- creds->have_ca_file = TRUE;
status = gnutls_certificate_set_x509_trust_file (
creds->creds, ca_file, GNUTLS_X509_FMT_PEM);
if (status < 0) {
@@ -631,6 +631,24 @@ soup_ssl_get_client_credentials (const c
* creds to the caller.
*/
}
+ } else {
+// use system certificates. this should really be provided by gnutls ...
+#define SSL_CERT_DIR "/etc/ssl/certs"
+ GDir* dir = g_dir_open(SSL_CERT_DIR, 0, NULL);
+ if (dir) {
+ const char* name;
+ while ((name = g_dir_read_name(dir))) {
+ char* fn = g_strjoin("/", SSL_CERT_DIR, name, NULL);
+ if (g_str_has_suffix(name, ".pem")) {
+ status = gnutls_certificate_set_x509_trust_file (
+ creds->creds, fn, GNUTLS_X509_FMT_PEM);
+ if (status < 0)
+ g_warning("failed to import %s", fn);
+ }
+ g_free(fn);
+ }
+ g_dir_close(dir);
+ }
}
return creds;
distrib
>
Mageia
>
1
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
e52940ff871640ea4185f6f70268c28b
>
files
>
4
