git.openwrt.org Git - feed/packages.git/commit

author	Matthew Hagan <mnhagan88@gmail.com>
	Thu, 30 Dec 2021 20:55:03 +0000 (20:55 +0000)
committer	Daniel Golle <daniel@makrotopia.org>
	Sun, 9 Jan 2022 21:18:15 +0000 (21:18 +0000)
commit	019501fe44edd788985d3abae80629763699542d
tree	3f1ecd7a697a69808b4f22355cb5d1085daab6dc	tree \| snapshot
parent	256de74759e1920d3e63ed2b630dccf66188d33f	commit \| diff

transmission: add ca_bundle support with procd-ujail

With procd-ujail enabled, it is not possible to use HTTPS URLs, for
example when either for downloading torrent files or blocklists. The
followig example occurs when downloading a URL from the "Upload Torrent
Files" dialogue box:

Error adding
"https://releases.ubuntu.com/21.10/ubuntu-21.10-desktop-amd64.iso.torrent":
gotMetadataFromURL: http error 0: No Response

syslog will also hint that no CA_BUNDLE is being used:

transmission-daemon[6683]: [2021-12-30 20:01:30.990] web will verify
tracker certs using envvar CURL_CA_BUNDLE: none (web.c:455)

This patch rectifies this issue by adding a ca_bundle configurable,
enabled by default. This explicitly fixes the ca_bundle file location
to /etc/ssl/certs/ca-certificates.crt and adds this file to the procd
jail. On subsequent testing, HTTPS URL download functionality is
restored.

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>

net/transmission/Makefile		diff \| blob \| history
net/transmission/files/transmission.init		diff \| blob \| history