From 2a59c5fcb579c76715f0015784b6a0a8ebda0c0c Mon Sep 17 00:00:00 2001
From: wildart <wildart@gmail.com>
Date: Sun, 13 Mar 2016 19:58:06 -0400
Subject: [PATCH] Use OpenSSL environment variables SSL_CERT_FILE and
 SSL_CERT_DIR to use to point libgit2 to specific bundle of trusted CA
 certificates. Relates to: #13399, #15128

---
 base/libgit2.jl        | 24 ++++++++++++++++--------
 base/libgit2/consts.jl | 20 ++++++++++++++++++++
 2 files changed, 36 insertions(+), 8 deletions(-)

diff --git a/base/libgit2.jl b/base/libgit2.jl
index 3fdae6c88878a..3c44901e8d27c 100644
--- a/base/libgit2.jl
+++ b/base/libgit2.jl
@@ -498,10 +498,13 @@ function transact(f::Function, repo::GitRepo)
     end
 end
 
-function set_ssl_cert_locations(cert_file)
-    GIT_OPT_SET_SSL_CERT_LOCATIONS = 12
-    ccall((:git_libgit2_opts, :libgit2), Cint, (Cint, Cstring, Ptr{Void}),
-                        GIT_OPT_SET_SSL_CERT_LOCATIONS, cert_file, C_NULL)
+function set_ssl_cert_locations(cert_loc)
+    cert_file = isfile(cert_loc) ? cert_loc : Cstring(C_NULL)
+    cert_dir  = isdir(cert_loc) ? cert_loc : Cstring(C_NULL)
+    cert_file == C_NULL && cert_dir == C_NULL && return
+    ccall((:git_libgit2_opts, :libgit2), Cint,
+          (Cint, Cstring, Cstring),
+          Cint(Consts.SET_SSL_CERT_LOCATIONS), cert_file, cert_dir)
 end
 
 function __init__()
@@ -511,11 +514,16 @@ function __init__()
         ccall((:git_libgit2_shutdown, :libgit2), Cint, ())
     end
 
-    # If we have a bundled ca cert file, point libgit2 at that so SSL connections work.
-    cert_file = abspath(ccall(:jl_get_julia_home, Any, ()),Base.DATAROOTDIR,"julia","cert.pem")
-    if isfile(cert_file)
-        set_ssl_cert_locations(cert_file)
+    # Look for OpenSSL env variable for CA bundle
+    cert_loc = if "SSL_CERT_DIR" in keys(ENV)
+        ENV["SSL_CERT_DIR"]
+    elseif "SSL_CERT_FILE" in keys(ENV)
+        ENV["SSL_CERT_FILE"]
+    else
+        # If we have a bundled ca cert file, point libgit2 at that so SSL connections work.
+        abspath(ccall(:jl_get_julia_home, Any, ()),Base.DATAROOTDIR,"julia","cert.pem")
     end
+    set_ssl_cert_locations(cert_loc)
 end
 
 
diff --git a/base/libgit2/consts.jl b/base/libgit2/consts.jl
index ee4c0f88d50fd..5218120c1010d 100644
--- a/base/libgit2/consts.jl
+++ b/base/libgit2/consts.jl
@@ -291,4 +291,24 @@ These priority levels correspond to the natural escalation logic (from higher to
                       CONFIG_LEVEL_LOCAL   = 4,
                       CONFIG_LEVEL_APP     = 5,
                       CONFIG_HIGHEST_LEVEL =-1)
+
+    """
+Global library options.
+
+These are used to select which global option to set or get and are used in `git_libgit2_opts()`.
+    """
+    @enum(GIT_OPT,  GET_MWINDOW_SIZE         = 0,
+                    SET_MWINDOW_SIZE         = 1,
+                    GET_MWINDOW_MAPPED_LIMIT = 2,
+                    SET_MWINDOW_MAPPED_LIMIT = 3,
+                    GET_SEARCH_PATH          = 4,
+                    SET_SEARCH_PATH          = 5,
+                    SET_CACHE_OBJECT_LIMIT   = 6,
+                    SET_CACHE_MAX_SIZE       = 7,
+                    ENABLE_CACHING           = 8,
+                    GET_CACHED_MEMORY        = 9,
+                    GET_TEMPLATE_PATH        = 10,
+                    SET_TEMPLATE_PATH        = 11,
+                    SET_SSL_CERT_LOCATIONS   = 12)
+
 end