From: Carlo Zancanaro <carlo@zancanaro.id.au>
To: 35083@debbugs.gnu.org
Subject: [bug#35083] [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
Date: Wed, 03 Apr 2019 00:19:38 +1100 [thread overview]
Message-ID: <8736n035p1.fsf@zancanaro.id.au> (raw)
[-- Attachment #1: Type: text/plain, Size: 555 bytes --]
A little while ago I installed Kodi using Guix, and when I started
it I got a number of errors from addons attempting to update and
failing. I also tried to install a new addon repository which
similarly failed. A few days after my attempt, someone posted on
Reddit with the same problem[1].
Looking at the logs, I think the issue is that Kodi isn't setting
the libcurl options necessary to make HTTPS connections. Here's a
patch to fix that.
[1]:
https://www.reddit.com/r/GUIX/comments/b5421l/can_anyone_confirm_whether_or_not_kodi_can_update/
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-kodi-Allow-connecting-to-HTTPS-sources.patch --]
[-- Type: text/x-diff, Size: 3111 bytes --]
From 682598efa201d769b79570a0d8f2f5f8b2534247 Mon Sep 17 00:00:00 2001
From: Carlo Zancanaro <carlo@zancanaro.id.au>
Date: Tue, 2 Apr 2019 22:36:57 +1100
Subject: [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
To: guix-patches@gnu.org
* gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kodi.scm (kodi)[patches]: Add it.
---
gnu/local.mk | 1 +
gnu/packages/kodi.scm | 3 ++-
.../kodi-set-libcurl-ssl-parameters.patch | 16 ++++++++++++++++
3 files changed, 19 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 303cef7bfa..cfdc14e14d 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -947,6 +947,7 @@ dist_patch_DATA = \
%D%/packages/patches/kobodeluxe-manpage-minus-not-hyphen.patch \
%D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch \
%D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch \
+ %D%/packages/patches/kodi-set-libcurl-ssl-parameters.patch \
%D%/packages/patches/kodi-skip-test-449.patch \
%D%/packages/patches/laby-make-install.patch \
%D%/packages/patches/ldc-bootstrap-disable-tests.patch \
diff --git a/gnu/packages/kodi.scm b/gnu/packages/kodi.scm
index 3929909d10..58073b6170 100644
--- a/gnu/packages/kodi.scm
+++ b/gnu/packages/kodi.scm
@@ -281,7 +281,8 @@ alternatives. In compilers, this can reduce the cascade of secondary errors.")
(sha256
(base32
"1w26aqvzxv4c70gcd1vw1pldapsc2xcacwq9b7dqx5m44j0zx1dc"))
- (patches (search-patches "kodi-skip-test-449.patch"))
+ (patches (search-patches "kodi-skip-test-449.patch"
+ "kodi-set-libcurl-ssl-parameters.patch"))
(snippet
'(begin
(use-modules (guix build utils))
diff --git a/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch
new file mode 100644
index 0000000000..f977c6dd98
--- /dev/null
+++ b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch
@@ -0,0 +1,16 @@
+Kodi doesn't set the CAPATH and CAINFO parameters for libcurl. To make HTTPS
+connections work we can set them based on SSL_CERT_DIR and SSL_CERT_FILE.
+
+--- a/xbmc/filesystem/CurlFile.cpp
++++ b/xbmc/filesystem/CurlFile.cpp
+@@ -626,5 +626,9 @@
+ // Setup allowed TLS/SSL ciphers. New versions of cURL may deprecate things that are still in use.
+ if (!m_cipherlist.empty())
+ g_curlInterface.easy_setopt(h, CURLOPT_SSL_CIPHER_LIST, m_cipherlist.c_str());
++
++ // Load certificate data from environment paths
++ g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAPATH, getenv("SSL_CERT_DIR"));
++ g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAINFO, getenv("SSL_CERT_FILE"));
+ }
+
+ void CCurlFile::SetRequestHeaders(CReadState* state)
\ No newline at end of file
--
2.21.0
next reply other threads:[~2019-04-02 13:20 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-02 13:19 Carlo Zancanaro [this message]
2019-04-10 14:58 ` bug#35083: [PATCH] gnu: kodi: Allow connecting to HTTPS sources Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8736n035p1.fsf@zancanaro.id.au \
--to=carlo@zancanaro.id.au \
--cc=35083@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).