-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add cross-platform support for SSL_CERT_FILE #32
Conversation
This will be used shortly to load certs from an env var, on all platforms. This also simplifies the logic of unix's load_native_certs. Previously this had leftover parts of an implementation for partial results, but it was no longer used - first_error always took precendence.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like the right direction, some style suggestions below.
Also if you can make sure all files end with a trailing newline, that would be nice. |
Newlines fixed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
Thanks! |
Fixes #16
This includes a commit to extract file loading from the unix configuration. I've refactored and simplify that, which seemed to have some leftover complexity logic from partial loading, that was removed by #26. I've also updated the README, which referenced the old API that was replaced by #26.
The final commit is the actual change. I've had to add serial_tests on the tests here, because the env-var setting is global, so it breaks things when running tests in parallel. The tests use badssl.com (self-signed.badssl.com specifically) which is a site specifically for testing SSL client behaviour with various certificate scenarios.
I have only implemented SSL_CERT_FILE here, not SSL_CERT_DIR. There was some discussion about this at the start of #16, I think the conclusion was that it's much more complicated (see #9) and rarely worthwhile. Happy to discuss, but imo we should leave that as a future extension if/when somebody specifically requests it.
One very debatable point: this returns an error if the variable is set but points to a non-existent/unreadable/unparseable certificate file (rather than falling back to the existing platform logic). Is that the right decision? It makes it much easier to spot issues early if SSL_CERT_FILE was set incorrectly, but I imagine it might cause unexpected problems in some cases. What do you think?
If we're happy with that there's probably an argument for providing more specific error messages here at least, I can look into that if we're agreed that failing is the right choice.