52 lines
1.9 KiB
Diff
52 lines
1.9 KiB
Diff
|
From: cunix@bitmessage.ch
|
||
|
Date: 2019-04-29 16:00:00
|
||
|
Subject: System certs as fallback for project certs
|
||
|
References: https://github.com/godotengine/godot/pull/22066#issuecomment-421565719
|
||
|
https://github.com/godotengine/godot/pull/22066#issuecomment-422528664
|
||
|
https://github.com/godotengine/godot/issues/22232
|
||
|
Upstream: might be offered to upstream
|
||
|
|
||
|
If project has no value set for "network/ssl/certificates" (the default),
|
||
|
function "get_project_cert_array" returns no certificates because we don't
|
||
|
use builtin certs - BUILTIN_CERTS_ENABLED is not defined. Therefore the
|
||
|
editor shows an error.
|
||
|
|
||
|
We use a distro specific "system_certs_path" as build option and apply it here
|
||
|
via "_SYSTEM_CERTS_PATH" (defined in included "core/io/certs_compressed.gen.h")
|
||
|
as fallback for project certificates.
|
||
|
|
||
|
---
|
||
|
|
||
|
diff -r -U 5 a/core/io/stream_peer_ssl.cpp b/core/io/stream_peer_ssl.cpp
|
||
|
--- a/core/io/stream_peer_ssl.cpp
|
||
|
+++ b/core/io/stream_peer_ssl.cpp
|
||
|
@@ -33,10 +33,12 @@
|
||
|
#include "core/io/certs_compressed.gen.h"
|
||
|
#include "core/io/compression.h"
|
||
|
#include "core/os/file_access.h"
|
||
|
#include "core/project_settings.h"
|
||
|
|
||
|
+#include <string.h>
|
||
|
+
|
||
|
StreamPeerSSL *(*StreamPeerSSL::_create)() = NULL;
|
||
|
|
||
|
StreamPeerSSL *StreamPeerSSL::create() {
|
||
|
|
||
|
return _create();
|
||
|
@@ -96,10 +98,14 @@
|
||
|
ProjectSettings::get_singleton()->set_custom_property_info("network/ssl/certificates", PropertyInfo(Variant::STRING, "network/ssl/certificates", PROPERTY_HINT_FILE, "*.crt"));
|
||
|
|
||
|
if (certs_path != "") {
|
||
|
// Use certs defined in project settings.
|
||
|
return get_cert_file_as_array(certs_path);
|
||
|
+ } else if (strcmp(_SYSTEM_CERTS_PATH, "") != 0) {
|
||
|
+ // Use system certs only if user did not override it in project settings
|
||
|
+ // and if _SYSTEM_CERTS_PATH is set.
|
||
|
+ return get_cert_file_as_array(_SYSTEM_CERTS_PATH);
|
||
|
}
|
||
|
#ifdef BUILTIN_CERTS_ENABLED
|
||
|
else {
|
||
|
// Use builtin certs only if user did not override it in project settings.
|
||
|
out.resize(_certs_uncompressed_size + 1);
|
||
|
|