summary refs log tree commit diff
path: root/pkgs/development/libraries/openssl/1.1/nix-ssl-cert-file.patch
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/libraries/openssl/1.1/nix-ssl-cert-file.patch')
-rw-r--r--pkgs/development/libraries/openssl/1.1/nix-ssl-cert-file.patch15
1 files changed, 15 insertions, 0 deletions
diff --git a/pkgs/development/libraries/openssl/1.1/nix-ssl-cert-file.patch b/pkgs/development/libraries/openssl/1.1/nix-ssl-cert-file.patch
new file mode 100644
index 00000000000..9e871cfb1d3
--- /dev/null
+++ b/pkgs/development/libraries/openssl/1.1/nix-ssl-cert-file.patch
@@ -0,0 +1,15 @@
+diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
+index 244512c935..f0b70d7ea1 100644
+--- a/crypto/x509/by_file.c
++++ b/crypto/x509/by_file.c
+@@ -46,7 +46,9 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
+     switch (cmd) {
+     case X509_L_FILE_LOAD:
+         if (argl == X509_FILETYPE_DEFAULT) {
+-            file = ossl_safe_getenv(X509_get_default_cert_file_env());
++            file = ossl_safe_getenv("NIX_SSL_CERT_FILE");
++            if (!file)
++                file = ossl_safe_getenv(X509_get_default_cert_file_env());
+             if (file)
+                 ok = (X509_load_cert_crl_file(ctx, file,
+                                               X509_FILETYPE_PEM) != 0);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 22:19:32 +0000