fix: fixes bug in CVerifyPeerUseEnvVars (#19247)

Previously CVerifyPeerUseEnvVars was not being passed into scanSslCertificates, which meant that we weren't scanning additional certificate locations given via the SSL_CERT_FILE and SSL_CERT_DIR environment variables
author: Nick Wilburn <senior.crepe@gmail.com> 2021-12-14 06:22:10 -0600
committer: GitHub <noreply@github.com> 2021-12-14 12:22:10 +0000
commit: c55930f2e644fe04526eb4878e7e106229812fe4 (patch)
tree: 06abafef27cfe64e38fe840ae5d458bd90bdf423 /lib
parent: 78b86b79425f37683ce522dbdd567f52ea26aa35 (diff)
download: Nim-c55930f2e644fe04526eb4878e7e106229812fe4.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/pure/net.nim b/lib/pure/net.nim
index 2d1bb0b33..ced6b2fb2 100644
--- a/lib/pure/net.nim
+++ b/lib/pure/net.nim
@@ -680,7 +680,8 @@ when defineSsl:
           # Scan for certs in known locations. For CVerifyPeerUseEnvVars also scan
           # the SSL_CERT_FILE and SSL_CERT_DIR env vars
           var found = false
-          for fn in scanSSLCertificates():
+          let useEnvVars = (if verifyMode == CVerifyPeerUseEnvVars: true else: false)
+          for fn in scanSSLCertificates(useEnvVars = useEnvVars):
             if newCTX.SSL_CTX_load_verify_locations(fn, nil) == VerifySuccess:
               found = true
               break
author	Nick Wilburn <senior.crepe@gmail.com>	2021-12-14 06:22:10 -0600
committer	GitHub <noreply@github.com>	2021-12-14 12:22:10 +0000
commit	c55930f2e644fe04526eb4878e7e106229812fe4 (patch)
tree	06abafef27cfe64e38fe840ae5d458bd90bdf423 /lib
parent	78b86b79425f37683ce522dbdd567f52ea26aa35 (diff)
download	Nim-c55930f2e644fe04526eb4878e7e106229812fe4.tar.gz