From f117145dc734838631aa48f433feb3d75a02a184 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Sat, 16 Nov 2019 06:44:33 +0000
Subject: Allow portable to override the default CA bundle location ok
 kinichiro@ jsing@

---
 src/lib/libtls/tls_config.c   | 4 ++--
 src/lib/libtls/tls_internal.h | 6 +++++-
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c
index 6a717abd48..424fd73c93 100644
--- a/src/lib/libtls/tls_config.c
+++ b/src/lib/libtls/tls_config.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_config.c,v 1.56 2019/04/04 15:09:09 jsing Exp $ */
+/* $OpenBSD: tls_config.c,v 1.57 2019/11/16 06:44:33 beck Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -28,7 +28,7 @@
 
 #include "tls_internal.h"
 
-static const char default_ca_file[] = "/etc/ssl/cert.pem";
+static const char default_ca_file[] = TLS_DEFAULT_CA_FILE;
 
 const char *
 tls_default_ca_cert_file(void)
diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
index efccc9fdbe..3d806f8b6e 100644
--- a/src/lib/libtls/tls_internal.h
+++ b/src/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.75 2019/11/02 13:37:59 jsing Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.76 2019/11/16 06:44:33 beck Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -28,6 +28,10 @@
 
 __BEGIN_HIDDEN_DECLS
 
+#ifndef TLS_DEFAULT_CA_FILE
+#define TLS_DEFAULT_CA_FILE 	"/etc/ssl/cert.pem"
+#endif
+
 #define TLS_CIPHERS_DEFAULT	"TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"
 #define TLS_CIPHERS_COMPAT	"HIGH:!aNULL"
 #define TLS_CIPHERS_LEGACY	"HIGH:MEDIUM:!aNULL"
-- 
cgit v1.2.3-55-g6feb