vcl: don't override user's SSL_CERT_FILE for bundled OpenSSL
Change-Id: I5d61fe62c2e6814ea757a0b543f7dbf45e0db456
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159219
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
diff --git a/vcl/source/app/svmain.cxx b/vcl/source/app/svmain.cxx
index aa22d61..3458e6d 100644
--- a/vcl/source/app/svmain.cxx
+++ b/vcl/source/app/svmain.cxx
@@ -197,18 +197,22 @@ int ImplSVMain()
#if defined(LINUX) && !defined(SYSTEM_OPENSSL)
if (!bWasInitVCL)
{
try // to point bundled OpenSSL to some system certificate file
{ // ... this only works if the client actually calls
// SSL_CTX_set_default_verify_paths() or similar; e.g. python ssl.
char const*const path = GetCABundleFile();
OUString constexpr name(u"SSL_CERT_FILE"_ustr);
OUString const filepath(::rtl::OStringToOUString(
::std::string_view(path), osl_getThreadTextEncoding()));
osl_setEnvironment(name.pData, filepath.pData);
}
catch (uno::RuntimeException const& e)
OUString constexpr name(u"SSL_CERT_FILE"_ustr);
OUString temp;
if (osl_getEnvironment(name.pData, &temp.pData) == osl_Process_E_NotFound)
{
SAL_WARN("vcl", e.Message);
try // to point bundled OpenSSL to some system certificate file
{ // ... this only works if the client actually calls
// SSL_CTX_set_default_verify_paths() or similar; e.g. python ssl.
char const*const path = GetCABundleFile();
OUString const filepath(::rtl::OStringToOUString(
::std::string_view(path), osl_getThreadTextEncoding()));
osl_setEnvironment(name.pData, filepath.pData);
}
catch (uno::RuntimeException const& e)
{
SAL_WARN("vcl", e.Message);
}
}
}
#endif
