Differential D53490

devel/uv: Make the selected TLS provider use the system default truststore
ClosedPublic
Actions

Authored by michaelo on Thu, Oct 30, 9:55 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sun, Nov 9, 4:01 PM

	Unknown Object (File)
	Sat, Nov 8, 3:10 PM

	Unknown Object (File)
	Fri, Nov 7, 2:04 AM

	Unknown Object (File)
	Fri, Nov 7, 2:03 AM

	Unknown Object (File)
	Fri, Nov 7, 2:03 AM

	Unknown Object (File)
	Thu, Nov 6, 9:32 PM

	Unknown Object (File)
	Mon, Nov 3, 10:35 AM

	Unknown Object (File)
	Mon, Nov 3, 10:32 AM

View All 18 Files

Subscribers

Details

Reviewers

yuri
vishwin

Group Reviewers

Commits

R11:9ddf7a912155: devel/uv: Make the selected TLS provider use the system default truststore

Summary

uv uses openssl_probe::probe() transitively which unfortunately discovers the
wrong truststore sources resulting in certificate validation errors even if
certctl(8) manages everything nicely. The selected provider might be OpenSSL
from the system, vendored OpenSSL, rustls or maybe something else.

Note: uv still requires you to use --native-tls or UV_NATIVE_TLS=1

Approved by: yuri (maintainer), mikael (rust maintainer)
Obtained from: https://github.com/alexcrichton/openssl-probe/pull/39
MFH: 2025Q4

Diff Detail

Repository

R11 FreeBSD ports repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

michaelo created this revision.Thu, Oct 30, 9:55 PM

Herald added a subscriber: ziaee. · View Herald TranscriptThu, Oct 30, 9:55 PM

michaelo requested review of this revision.Thu, Oct 30, 9:55 PM

Harbormaster completed remote builds in B68301: Diff 165506.Thu, Oct 30, 9:55 PM

michaelo added a reviewer: rust.Thu, Oct 30, 9:57 PM

michaelo added a reviewer: vishwin.Fri, Oct 31, 9:48 PM

This revision was not accepted when it landed; it landed in state Needs Review.Mon, Nov 3, 8:29 AM

Closed by commit R11:9ddf7a912155: devel/uv: Make the selected TLS provider use the system default truststore (authored by michaelo, committed by yuri). · Explain Why

This revision was automatically updated to reflect the committed changes.

yuri added a commit: R11:9ddf7a912155: devel/uv: Make the selected TLS provider use the system default truststore.

@yuri Thank you for the merge!

Revision Contents
Changeset List

Path

Size

devel/

uv/

1 line

files/

patch-cargo-crates_openssl-probe-0.1.6_src_lib.rs

50 lines

Diff 165715

devel/uv/Makefile

Loading...

devel/uv/files/patch-cargo-crates_openssl-probe-0.1.6_src_lib.rs

Loading...