python3Packages.orjson: Disable failing tests on 32 bit

[NixPkgs.git] / pkgs / development / libraries / gnutls / nix-ssl-cert-file.patch

allow overriding system trust store location via $NIX_SSL_CERT_FILE

diff --git a/lib/system/certs.c b/lib/system/certs.c
index 611c645..6ef6edb 100644
--- a/lib/system/certs.c
+++ b/lib/system/certs.c
@@ -369,6 +369,11 @@ gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list,
                                        unsigned int tl_flags,
                                        unsigned int tl_vflags)
 {
-       return add_system_trust(list, tl_flags|GNUTLS_TL_NO_DUPLICATES, tl_vflags);
+       tl_flags = tl_flags|GNUTLS_TL_NO_DUPLICATES;
+       const char *file = secure_getenv("NIX_SSL_CERT_FILE");
+       return file
+               ? gnutls_x509_trust_list_add_trust_file(
+                       list, file, NULL/*CRL*/, GNUTLS_X509_FMT_PEM, tl_flags, tl_vflags)
+               : add_system_trust(list, tl_flags, tl_vflags);
 }