gnu: kodi: Allow connecting to HTTPS sources.

* gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kodi.scm (kodi)[patches]: Add it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Carlo Zancanaro 2019-04-02 22:36:57 +11:00 committed by Ludovic Courtès
parent 9c074f61ef
commit 3e4e74c10e
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
3 changed files with 19 additions and 1 deletions

View File

@ -956,6 +956,7 @@ dist_patch_DATA = \
%D%/packages/patches/kobodeluxe-manpage-minus-not-hyphen.patch \ %D%/packages/patches/kobodeluxe-manpage-minus-not-hyphen.patch \
%D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch \ %D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch \
%D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch \ %D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch \
%D%/packages/patches/kodi-set-libcurl-ssl-parameters.patch \
%D%/packages/patches/kodi-skip-test-449.patch \ %D%/packages/patches/kodi-skip-test-449.patch \
%D%/packages/patches/laby-make-install.patch \ %D%/packages/patches/laby-make-install.patch \
%D%/packages/patches/lcms-CVE-2018-16435.patch \ %D%/packages/patches/lcms-CVE-2018-16435.patch \

View File

@ -281,7 +281,8 @@ alternatives. In compilers, this can reduce the cascade of secondary errors.")
(sha256 (sha256
(base32 (base32
"1w26aqvzxv4c70gcd1vw1pldapsc2xcacwq9b7dqx5m44j0zx1dc")) "1w26aqvzxv4c70gcd1vw1pldapsc2xcacwq9b7dqx5m44j0zx1dc"))
(patches (search-patches "kodi-skip-test-449.patch")) (patches (search-patches "kodi-skip-test-449.patch"
"kodi-set-libcurl-ssl-parameters.patch"))
(snippet (snippet
'(begin '(begin
(use-modules (guix build utils)) (use-modules (guix build utils))

View File

@ -0,0 +1,16 @@
Kodi doesn't set the CAPATH and CAINFO parameters for libcurl. To make HTTPS
connections work we can set them based on SSL_CERT_DIR and SSL_CERT_FILE.
--- a/xbmc/filesystem/CurlFile.cpp
+++ b/xbmc/filesystem/CurlFile.cpp
@@ -626,5 +626,9 @@
// Setup allowed TLS/SSL ciphers. New versions of cURL may deprecate things that are still in use.
if (!m_cipherlist.empty())
g_curlInterface.easy_setopt(h, CURLOPT_SSL_CIPHER_LIST, m_cipherlist.c_str());
+
+ // Load certificate data from environment paths
+ g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAPATH, getenv("SSL_CERT_DIR"));
+ g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAINFO, getenv("SSL_CERT_FILE"));
}
void CCurlFile::SetRequestHeaders(CReadState* state)