diff options
| author |  Joey Hess <joey@kitenet.net> | 2013-05-09 12:38:26 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2013-05-09 12:38:26 -0400 |
| commit | 1831d438d8c5b0e2c5e25b40681ef375112d724b (patch) | |
| tree | b74b1d4b5486570d2ec88edb738769806290941e /standalone/android | |
| parent | 86926f1b587542fbabdfae5c7a4f5faa2888b1bc (diff) | |
fix TLS certificate handling on Android
Diffstat (limited to 'standalone/android')
| -rw-r--r-- | standalone/android/haskell-patches/certificate_1.3.7-0001-support-Android-cert-store.patch | 37 | ||||
| -rwxr-xr-x | standalone/android/install-haskell-packages | 3 |
2 files changed, 39 insertions, 1 deletions
diff --git a/standalone/android/haskell-patches/certificate_1.3.7-0001-support-Android-cert-store.patch b/standalone/android/haskell-patches/certificate_1.3.7-0001-support-Android-cert-store.patch new file mode 100644 index 000000000..5f772bfdf --- /dev/null +++ b/standalone/android/haskell-patches/certificate_1.3.7-0001-support-Android-cert-store.patch @@ -0,0 +1,37 @@ +From 3779c75175e895f94b21341ebd6361e9d6af54fd Mon Sep 17 00:00:00 2001 +From: Joey Hess <joey@kitenet.net> +Date: Thu, 9 May 2013 12:36:23 -0400 +Subject: [PATCH] support Android cert store + +Android puts it in a different place and has only hashed files. +See https://github.com/vincenthz/hs-certificate/issues/19 +--- + System/Certificate/X509/Unix.hs | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/System/Certificate/X509/Unix.hs b/System/Certificate/X509/Unix.hs +index 8463465..74e9503 100644 +--- a/System/Certificate/X509/Unix.hs ++++ b/System/Certificate/X509/Unix.hs +@@ -35,7 +35,8 @@ import qualified Control.Exception as E + import Data.Char + + defaultSystemPath :: FilePath +-defaultSystemPath = "/etc/ssl/certs/" ++defaultSystemPath = "/system/etc/security/cacerts/" ++--defaultSystemPath = "/etc/ssl/certs/" + + envPathOverride :: String + envPathOverride = "SYSTEM_CERTIFICATE_PATH" +@@ -47,7 +48,7 @@ listDirectoryCerts path = (map (path </>) . filter isCert <$> getDirectoryConten + && isDigit (s !! 9) + && (s !! 8) == '.' + && all isHexDigit (take 8 s) +- isCert x = (not $ isPrefixOf "." x) && (not $ isHashedFile x) ++ isCert x = (not $ isPrefixOf "." x) + + getSystemCertificateStore :: IO CertificateStore + getSystemCertificateStore = makeCertificateStore . concat <$> (getSystemPath >>= listDirectoryCerts >>= mapM readCertificates) +-- +1.8.2.rc3 + diff --git a/standalone/android/install-haskell-packages b/standalone/android/install-haskell-packages index 525c11d10..262e34b30 100755 --- a/standalone/android/install-haskell-packages +++ b/standalone/android/install-haskell-packages @@ -109,7 +109,8 @@ install_pkgs () { unpatched crypto-api-0.10.2 unpatched cprng-aes-0.3.4 unpatched http-types-0.8.0 mime-types-0.1.0.3 - unpatched certificate-1.3.7 system-fileio-0.3.11 tls-1.1.2 + patched certificate-1.3.7 + unpatched system-fileio-0.3.11 tls-1.1.2 unpatched utf8-string-0.3.7 unpatched publicsuffixlist-0.1 unpatched xml-conduit-1.0.3.3 |