feat: keep backwards compatibility with SSL_CERT_FILE without requiring --native-tls#2401
Merged
charliermarsh merged 4 commits intoastral-sh:mainfrom Mar 13, 2024
Merged
Conversation
Loading
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Small follow up to #2362 to check if
SSL_CERT_FILEis set to enable--native-tlsfunctionality. This maintains backwards compatibility with0.1.17and below users leveraging onlySSL_CERT_FILE.Closes #2400
Test Plan
Assuming
SSL_CERT_FILEis already working via--native-tls, this is simply a shortcut to enable--native-tlsfunctionality implicitly while still being able to letrustls-native-certshandle the loading ofSSL_CERT_FILEinstead of ourselves.Edit: Manually tested by setting up own self-signed CA certificate bundle and set
SSL_CERT_FILEto this and confirmed the loading happens without having to specify--native-tls.