fixes #17658; add cert dir for ssl ctx (#19920)

add cert dir for ssl ctx Co-authored-by: Paul Roberts <pmr@stelo.org.uk> Co-authored-by: sandytypical <43030857+xflywind@users.noreply.github.com> Co-authored-by: Clay Sweetser <Varriount@users.noreply.github.com>
2026-01-07 21:43:33 +00:00 · 2022-08-29 10:16:19 +08:00
parent ee11302c24
commit 04642335c1
2 changed files with 11 additions and 1 deletions
--- a/lib/pure/net.nim
+++ b/lib/pure/net.nim
@@ -696,7 +696,11 @@ when defineSsl:
          var found = false
          let useEnvVars = (if verifyMode == CVerifyPeerUseEnvVars: true else: false)
          for fn in scanSSLCertificates(useEnvVars = useEnvVars):
-            if newCTX.SSL_CTX_load_verify_locations(fn.cstring, nil) == VerifySuccess:
+            if fn.extractFilename == "":
+              if newCTX.SSL_CTX_load_verify_locations(nil, cstring(fn.normalizePathEnd(false))) == VerifySuccess:
+                found = true
+                break
+            elif newCTX.SSL_CTX_load_verify_locations(cstring(fn), nil) == VerifySuccess:
              found = true
              break
          if not found:
--- a/lib/pure/ssl_certs.nim
+++ b/lib/pure/ssl_certs.nim
@@ -126,7 +126,13 @@ iterator scanSSLCertificates*(useEnvVars = false): string =
          if fileExists(p):
            yield p
        elif dirExists(p):
+          # check if it's a dir where each cert is one file
+          # named by it's hasg
+          for fn in joinPath(p, "*.0").walkFiles:
+            yield p.normalizePathEnd(true)
+            break
          for fn in joinPath(p, "*").walkFiles():
+
            yield fn
    else:
      var