From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([209.51.188.92]:39626) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hBJKi-0005TW-3r for guix-patches@gnu.org; Tue, 02 Apr 2019 09:20:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hBJKc-0006qL-Nh for guix-patches@gnu.org; Tue, 02 Apr 2019 09:20:08 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:55084) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hBJKc-0006qH-HW for guix-patches@gnu.org; Tue, 02 Apr 2019 09:20:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hBJKc-0000HU-B8 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:20:02 -0400 Subject: [bug#35083] [PATCH] gnu: kodi: Allow connecting to HTTPS sources. Resent-Message-ID: Received: from eggs.gnu.org ([209.51.188.92]:39526) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hBJKP-0005EM-9W for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:51 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hBJKM-0006fJ-B7 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:47 -0400 Received: from zancanaro.com.au ([45.76.117.151]:34044) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hBJKK-0006dJ-VM for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:46 -0400 Received: from jolteon (unknown [210.1.202.160]) by zancanaro.com.au (Postfix) with ESMTPSA id 313B626464 for ; Tue, 2 Apr 2019 13:19:41 +0000 (UTC) From: Carlo Zancanaro Date: Wed, 03 Apr 2019 00:19:38 +1100 Message-ID: <8736n035p1.fsf@zancanaro.id.au> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 35083@debbugs.gnu.org --=-=-= Content-Type: text/plain; format=flowed A little while ago I installed Kodi using Guix, and when I started it I got a number of errors from addons attempting to update and failing. I also tried to install a new addon repository which similarly failed. A few days after my attempt, someone posted on Reddit with the same problem[1]. Looking at the logs, I think the issue is that Kodi isn't setting the libcurl options necessary to make HTTPS connections. Here's a patch to fix that. [1]: https://www.reddit.com/r/GUIX/comments/b5421l/can_anyone_confirm_whether_or_not_kodi_can_update/ --=-=-= Content-Type: text/x-diff Content-Disposition: attachment; filename=0001-gnu-kodi-Allow-connecting-to-HTTPS-sources.patch >From 682598efa201d769b79570a0d8f2f5f8b2534247 Mon Sep 17 00:00:00 2001 From: Carlo Zancanaro Date: Tue, 2 Apr 2019 22:36:57 +1100 Subject: [PATCH] gnu: kodi: Allow connecting to HTTPS sources. To: guix-patches@gnu.org * gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/kodi.scm (kodi)[patches]: Add it. --- gnu/local.mk | 1 + gnu/packages/kodi.scm | 3 ++- .../kodi-set-libcurl-ssl-parameters.patch | 16 ++++++++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch diff --git a/gnu/local.mk b/gnu/local.mk index 303cef7bfa..cfdc14e14d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -947,6 +947,7 @@ dist_patch_DATA = \ %D%/packages/patches/kobodeluxe-manpage-minus-not-hyphen.patch \ %D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch \ %D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch \ + %D%/packages/patches/kodi-set-libcurl-ssl-parameters.patch \ %D%/packages/patches/kodi-skip-test-449.patch \ %D%/packages/patches/laby-make-install.patch \ %D%/packages/patches/ldc-bootstrap-disable-tests.patch \ diff --git a/gnu/packages/kodi.scm b/gnu/packages/kodi.scm index 3929909d10..58073b6170 100644 --- a/gnu/packages/kodi.scm +++ b/gnu/packages/kodi.scm @@ -281,7 +281,8 @@ alternatives. In compilers, this can reduce the cascade of secondary errors.") (sha256 (base32 "1w26aqvzxv4c70gcd1vw1pldapsc2xcacwq9b7dqx5m44j0zx1dc")) - (patches (search-patches "kodi-skip-test-449.patch")) + (patches (search-patches "kodi-skip-test-449.patch" + "kodi-set-libcurl-ssl-parameters.patch")) (snippet '(begin (use-modules (guix build utils)) diff --git a/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch new file mode 100644 index 0000000000..f977c6dd98 --- /dev/null +++ b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch @@ -0,0 +1,16 @@ +Kodi doesn't set the CAPATH and CAINFO parameters for libcurl. To make HTTPS +connections work we can set them based on SSL_CERT_DIR and SSL_CERT_FILE. + +--- a/xbmc/filesystem/CurlFile.cpp ++++ b/xbmc/filesystem/CurlFile.cpp +@@ -626,5 +626,9 @@ + // Setup allowed TLS/SSL ciphers. New versions of cURL may deprecate things that are still in use. + if (!m_cipherlist.empty()) + g_curlInterface.easy_setopt(h, CURLOPT_SSL_CIPHER_LIST, m_cipherlist.c_str()); ++ ++ // Load certificate data from environment paths ++ g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAPATH, getenv("SSL_CERT_DIR")); ++ g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAINFO, getenv("SSL_CERT_FILE")); + } + + void CCurlFile::SetRequestHeaders(CReadState* state) \ No newline at end of file -- 2.21.0 --=-=-=--