core/pkgs/by-name/op/openssl/1.1/nix-ssl-cert-file.patch

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

16 lines
717 B
Diff
Raw Normal View History

2024-05-02 00:46:19 +00:00
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 244512c935..f0b70d7ea1 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -46,7 +46,9 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
switch (cmd) {
case X509_L_FILE_LOAD:
if (argl == X509_FILETYPE_DEFAULT) {
- file = ossl_safe_getenv(X509_get_default_cert_file_env());
+ file = ossl_safe_getenv("NIX_SSL_CERT_FILE");
+ if (!file)
+ file = ossl_safe_getenv(X509_get_default_cert_file_env());
if (file)
ok = (X509_load_cert_crl_file(ctx, file,
X509_FILETYPE_PEM) != 0);