diff --git a/ci/build-in-docker.sh b/ci/build-in-docker.sh index 5ee5ee9..42e4283 100755 --- a/ci/build-in-docker.sh +++ b/ci/build-in-docker.sh @@ -31,8 +31,7 @@ case "$ARCH" in esac # libassuan-static is supported only from 3.19 onwards -# TODO: change this to a stable release once Alpine 3.19 was released -image="$image_prefix"/alpine:edge +image="$image_prefix"/alpine:3.19 repo_root="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")"/..)" diff --git a/src/appimagetool.c b/src/appimagetool.c index 6c22fbd..1233c9a 100644 --- a/src/appimagetool.c +++ b/src/appimagetool.c @@ -877,8 +877,8 @@ main (int argc, char *argv[]) } else { if (!fetch_runtime(arch, &size, &data, verbose)) { die( - "Failed to download runtime file, please download the runtime manually from" - "https://github.com/AppImage/type2-runtime/releases and pass it to appimagetool with" + "Failed to download runtime file, please download the runtime manually from " + "https://github.com/AppImage/type2-runtime/releases and pass it to appimagetool with " "--runtime-file" ); } diff --git a/src/appimagetool_fetch_runtime.cpp b/src/appimagetool_fetch_runtime.cpp index 5c7c225..be996a1 100644 --- a/src/appimagetool_fetch_runtime.cpp +++ b/src/appimagetool_fetch_runtime.cpp @@ -134,57 +134,72 @@ class GetRequest { } void setUpTlsCaChainCompatibility(bool verbose) { + bool foundFile = false; + bool foundDir = false; + // from curl 7.84.0 on, one can query the default values and check if these files or directories exist // if not, we anyway run the detection #define querying_supported LIBCURL_VERSION_NUM >= CURL_VERSION_BITS(7, 84, 0) #if querying_supported { const auto caInfo = getOption(CURLINFO_CAINFO); - if (std::filesystem::exists(caInfo)) { + if (caInfo != nullptr && std::filesystem::exists(caInfo)) { if (verbose) { std::cerr << "libcurl's default CA certificate bundle file " << caInfo << " was found on this system" << std::endl; } - return; + foundFile = true; + } else { + if (verbose) { + std::cerr << "libcurl's default CA certificate bundle file " << caInfo << " was not found on this system, nulling" << std::endl; + } + setOption(CURLOPT_CAINFO, ""); } } { const auto caPath = getOption(CURLINFO_CAPATH); - if (std::filesystem::is_directory(caPath)) { + if (caPath != nullptr && std::filesystem::is_directory(caPath)) { if (verbose) { std::cerr << "libcurl's default CA certificate bundle directory " << caPath << " was found on this system" << std::endl; } - return; + foundDir = true; + } else { + if (verbose) { + std::cerr << "libcurl's default CA certificate bundle directory " << caPath << " was not found on this system, nulling" << std::endl; + } + setOption(CURLOPT_CAPATH, ""); } } #else #warning "libcurl version too old, not trying to use default values for system-provided CA certificate bundles" #endif - { + if (!foundFile) { const auto chainFile = findCaBundleFile(); if (!chainFile.empty()) { if (verbose) { std::cerr << "Using CA bundle file in " << chainFile << std::endl; } setOption(CURLOPT_CAINFO, chainFile.c_str()); - return; } + foundFile = true; } - { + if (!foundDir) { const auto chainDir = findCaBundleDirectory(); if (!chainDir.empty()) { if (verbose) { - std::cerr << "Using CA bundle file in " << chainDir << std::endl; + std::cerr << "Using CA bundle dir in " << chainDir << std::endl; } - setOption(CURLOPT_CAINFO, chainDir.c_str()); - return; + setOption(CURLOPT_CAPATH, chainDir.c_str()); } + foundDir = true; } - std::cerr << "Warning: could not find valid CA chain bundle, HTTPS requests will likely fail" << std::endl; + if (!foundFile && !foundDir) { + std::cerr << "Warning: could not find valid CA chain bundle, HTTPS requests will likely fail" << std::endl; + } } public: