pidgin-ca_file.patch

   1 diff --color -urN pidgin-2.14.1.orig/libpurple/certificate.c pidgin-2.14.1/libpurple/certificate.c
   2 --- pidgin-2.14.1.orig/libpurple/certificate.c  2020-06-10 04:41:32.000000000 +0200
   3 +++ pidgin-2.14.1/libpurple/certificate.c       2020-10-22 17:55:33.752632736 +0200
   4 @@ -845,6 +845,7 @@
   5         GPatternSpec *pempat, *crtpat;
   6         GList *iter = NULL;
   7         GSList *crts = NULL;
   8 +       gboolean is_ca_file;
   9
  10         if (x509_ca_initialized) return TRUE;
  11
  12 @@ -864,13 +865,16 @@
  13
  14         /* Populate the certificates pool from the search path(s) */
  15         for (iter = x509_ca_paths; iter; iter = iter->next) {
  16 -               certdir = g_dir_open(iter->data, 0, NULL);
  17 -               if (!certdir) {
  18 -                       purple_debug_error("certificate/x509/ca", "Couldn't open location '%s'\n", (const char *)iter->data);
  19 -                       continue;
  20 +               is_ca_file = g_file_test(iter->data, G_FILE_TEST_IS_REGULAR);
  21 +               if (!is_ca_file) {
  22 +                       certdir = g_dir_open(iter->data, 0, NULL);
  23 +                       if (!certdir) {
  24 +                               purple_debug_error("certificate/x509/ca", "Couldn't open location '%s'\n", (const char *)iter->data);
  25 +                               continue;
  26 +                       }
  27                 }
  28
  29 -               while ( (entry = g_dir_read_name(certdir)) ) {
  30 +               while ((is_ca_file && (entry = iter->data)) || (entry = g_dir_read_name(certdir)) ) {
  31                         gchar *fullpath;
  32                         PurpleCertificate *crt;
  33
  34 @@ -878,7 +882,7 @@
  35                                 continue;
  36                         }
  37
  38 -                       fullpath = g_build_filename(iter->data, entry, NULL);
  39 +                       fullpath = is_ca_file ? g_strdup(entry) : g_build_filename(iter->data, entry, NULL);
  40
  41                         /* TODO: Respond to a failure in the following? */
  42                         crts = purple_certificates_import(x509, fullpath);
  43 @@ -902,8 +906,14 @@
  44                         }
  45
  46                         g_free(fullpath);
  47 +
  48 +                       if (is_ca_file) {
  49 +                               break;
  50 +                       }
  51 +               }
  52 +               if (!is_ca_file) {
  53 +                       g_dir_close(certdir);
  54                 }
  55 -               g_dir_close(certdir);
  56         }
  57
  58         g_pattern_spec_free(pempat);
  59 @@ -924,8 +934,9 @@
  60                 x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR,
  61                                                    "ca-certs", NULL));
  62  #else
  63 +               x509_ca_paths = g_list_append(x509_ca_paths, g_strdup("/etc/certs/ca-certificates.crt"));
  64  # ifdef SSL_CERTIFICATES_DIR
  65 -               x509_ca_paths = g_list_append(NULL, g_strdup(SSL_CERTIFICATES_DIR));
  66 +               x509_ca_paths = g_list_append(x509_ca_paths, g_strdup(SSL_CERTIFICATES_DIR));
  67  # endif
  68                 x509_ca_paths = g_list_append(x509_ca_paths,
  69                         g_build_filename(DATADIR, "purple", "ca-certs", NULL));