diff options
| author | Michael Stahl <michael.stahl@allotropia.de> | 2023-11-08 14:50:26 +0100 |
|---|---|---|
| committer | Michael Stahl <michael.stahl@allotropia.de> | 2023-11-09 16:54:47 +0100 |
| commit | 1472e2d68b9cff43b99069d3ba9439fff0a5684c (patch) | |
| tree | a4d4f1c4f377c8833237f2117c07482f1c3c6402 /vcl | |
| parent | a2fabc78a4ba12ad8df6b040783be0fa22aefa54 (diff) | |
vcl,openssl: set SSL_CERT_FILE for bundled OpenSSL
OpenSSL may read a CA certificate file from $SSL_CERT_FILE, if the
client library calls SSL_CTX_set_default_verify_paths(); python's ssl
module does it but apparently libcurl does not.
So split the code from commit 3fc632c0261c75fb4079a5305e814698e791f75c
and set the environment variable in ImplSVMain(), hopefully before
any threads are spawned; seems to work for PyMailSMTPService.
This needs to have SYSTEM_OPENSSL available in a config header.
Change-Id: I63b747cb61bb236cf4f605bb9858e5b0083388fe
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159149
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Diffstat (limited to 'vcl')
| -rw-r--r-- | vcl/source/app/svmain.cxx | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/vcl/source/app/svmain.cxx b/vcl/source/app/svmain.cxx index bf822c73162e..aa22d61de197 100644 --- a/vcl/source/app/svmain.cxx +++ b/vcl/source/app/svmain.cxx @@ -82,6 +82,7 @@ #include <config_features.h> #include <config_feature_opencl.h> +#include <opensslinit.hxx> #include <osl/process.h> #include <com/sun/star/lang/XComponent.hpp> @@ -192,6 +193,26 @@ int ImplSVMain() int nReturn = EXIT_FAILURE; const bool bWasInitVCL = IsVCLInit(); + +#if defined(LINUX) && !defined(SYSTEM_OPENSSL) + if (!bWasInitVCL) + { + try // to point bundled OpenSSL to some system certificate file + { // ... this only works if the client actually calls + // SSL_CTX_set_default_verify_paths() or similar; e.g. python ssl. + char const*const path = GetCABundleFile(); + OUString constexpr name(u"SSL_CERT_FILE"_ustr); + OUString const filepath(::rtl::OStringToOUString( + ::std::string_view(path), osl_getThreadTextEncoding())); + osl_setEnvironment(name.pData, filepath.pData); + } + catch (uno::RuntimeException const& e) + { + SAL_WARN("vcl", e.Message); + } + } +#endif + const bool bInit = bWasInitVCL || InitVCL(); int nRet = 0; if (!bWasInitVCL && bInit && pSVData->mpDefInst->SVMainHook(&nRet)) |