mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

fix TLS certificate handling on Android

Browse source
This commit is contained in:
Joey Hess 2013-05-09 12:38:26 -04:00
parent 5faecdcb1d
commit f19e0d9f80
2 changed files with 39 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
standalone/android/haskell-patches/certificate_1.3.7-0001-support-Android-cert-store.patch Normal file
View file

@ -0,0 +1,37 @@
From 3779c75175e895f94b21341ebd6361e9d6af54fd Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Thu, 9 May 2013 12:36:23 -0400
Subject: [PATCH] support Android cert store
Android puts it in a different place and has only hashed files.
See https://github.com/vincenthz/hs-certificate/issues/19
---
System/Certificate/X509/Unix.hs | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/System/Certificate/X509/Unix.hs b/System/Certificate/X509/Unix.hs
index 8463465..74e9503 100644
--- a/System/Certificate/X509/Unix.hs
+++ b/System/Certificate/X509/Unix.hs
@@ -35,7 +35,8 @@ import qualified Control.Exception as E
import Data.Char
defaultSystemPath :: FilePath
-defaultSystemPath = "/etc/ssl/certs/"
+defaultSystemPath = "/system/etc/security/cacerts/"
+--defaultSystemPath = "/etc/ssl/certs/"
envPathOverride :: String
envPathOverride = "SYSTEM_CERTIFICATE_PATH"
@@ -47,7 +48,7 @@ listDirectoryCerts path = (map (path </>) . filter isCert <$> getDirectoryConten
&& isDigit (s !! 9)
&& (s !! 8) == '.'
&& all isHexDigit (take 8 s)
- isCert x = (not $ isPrefixOf "." x) && (not $ isHashedFile x)
+ isCert x = (not $ isPrefixOf "." x)
getSystemCertificateStore :: IO CertificateStore
getSystemCertificateStore = makeCertificateStore . concat <$> (getSystemPath >>= listDirectoryCerts >>= mapM readCertificates)
--
1.8.2.rc3

3
standalone/android/install-haskell-packages
View file

@ -109,7 +109,8 @@ install_pkgs () {
unpatched crypto-api-0.10.2 unpatched crypto-api-0.10.2
unpatched cprng-aes-0.3.4 unpatched cprng-aes-0.3.4
unpatched http-types-0.8.0 mime-types-0.1.0.3 unpatched http-types-0.8.0 mime-types-0.1.0.3
unpatched certificate-1.3.7 system-fileio-0.3.11 tls-1.1.2 patched certificate-1.3.7
unpatched system-fileio-0.3.11 tls-1.1.2
unpatched utf8-string-0.3.7 unpatched utf8-string-0.3.7
unpatched publicsuffixlist-0.1 unpatched publicsuffixlist-0.1
unpatched xml-conduit-1.0.3.3 unpatched xml-conduit-1.0.3.3