core/pkgs/by-name/op/openssl/3.0/nix-ssl-cert-file.patch

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

16 lines
741 B
Diff
Raw Normal View History

2024-05-02 00:46:19 +00:00
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 37d73ca84c..e328896234 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -54,7 +54,9 @@ static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp,
switch (cmd) {
case X509_L_FILE_LOAD:
if (argl == X509_FILETYPE_DEFAULT) {
- file = ossl_safe_getenv(X509_get_default_cert_file_env());
+ file = ossl_safe_getenv("NIX_SSL_CERT_FILE");
+ if (!file)
+ file = ossl_safe_getenv(X509_get_default_cert_file_env());
if (file)
ok = (X509_load_cert_crl_file_ex(ctx, file, X509_FILETYPE_PEM,
libctx, propq) != 0);