diff options
author | Alex Vakulenko <avakulenko@google.com> | 2015-08-19 12:02:02 -0700 |
---|---|---|
committer | Alex Vakulenko <avakulenko@google.com> | 2015-08-19 14:18:36 -0700 |
commit | 3703d3770e024331033dcfe7bf68c9e60eaa9cec (patch) | |
tree | 2bee310aac947a29f4cc1562ac57b8d7b508b888 | |
parent | 92d2cebf70919c9b1d0e6779837d245859736c98 (diff) | |
download | libchromeos-3703d3770e024331033dcfe7bf68c9e60eaa9cec.tar.gz |
libchromeos: Fix the CA store path
The certificates are stored at /system/etc/security/cacerts on Brillo
BUG: 23352819
Change-Id: I0ed8a084bb8597671fffd33b03f3d5b5dc01f52c
-rw-r--r-- | chromeos/http/http_transport_curl.cc | 9 | ||||
-rw-r--r-- | chromeos/streams/tls_stream.cc | 9 |
2 files changed, 14 insertions, 4 deletions
diff --git a/chromeos/http/http_transport_curl.cc b/chromeos/http/http_transport_curl.cc index af601c4..5a3e207 100644 --- a/chromeos/http/http_transport_curl.cc +++ b/chromeos/http/http_transport_curl.cc @@ -15,7 +15,12 @@ namespace { -const char kChromeOSCACertificatePath[] = "/usr/share/chromeos-ca-certificates"; +const char kCACertificatePath[] = +#ifdef __ANDROID__ + "/system/etc/security/cacerts"; +#else + "/usr/share/chromeos-ca-certificates"; +#endif } // namespace @@ -132,7 +137,7 @@ std::shared_ptr<http::Connection> Transport::CreateConnection( if (code == CURLE_OK) { code = curl_interface_->EasySetOptStr(curl_handle, CURLOPT_CAPATH, - kChromeOSCACertificatePath); + kCACertificatePath); } if (code == CURLE_OK) { code = diff --git a/chromeos/streams/tls_stream.cc b/chromeos/streams/tls_stream.cc index 8c3c2ee..6dc5ef5 100644 --- a/chromeos/streams/tls_stream.cc +++ b/chromeos/streams/tls_stream.cc @@ -56,7 +56,12 @@ void TlsInfoCallback(const SSL *ssl, int where, int ret) { int ssl_ctx_private_data_index = -1; // Default trusted certificate store location. -const char kChromeOSCACertificatePath[] = "/usr/share/chromeos-ca-certificates"; +const char kCACertificatePath[] = +#ifdef __ANDROID__ + "/system/etc/security/cacerts"; +#else + "/usr/share/chromeos-ca-certificates"; +#endif } // anonymous namespace @@ -351,7 +356,7 @@ bool TlsStream::TlsStreamImpl::Init(StreamPtr socket, return ReportError(error, FROM_HERE, "Cannot set the cipher list"); res = SSL_CTX_load_verify_locations(ctx_.get(), nullptr, - kChromeOSCACertificatePath); + kCACertificatePath); if (res != 1) { return ReportError(error, FROM_HERE, "Failed to specify trusted certificate location"); |