Use OS CA store for Mint HTTP connections

This commit is contained in:
XxXCertifiedForkliftDriverXxX 2023-06-26 13:50:49 +00:00
parent fb8081e1a3
commit 767e1272b3
3 changed files with 26 additions and 1 deletions

View file

@ -262,11 +262,14 @@ defp http_children do
proxy = Pleroma.HTTP.AdapterHelper.format_proxy(proxy_url) proxy = Pleroma.HTTP.AdapterHelper.format_proxy(proxy_url)
pool_size = Config.get([:http, :pool_size]) pool_size = Config.get([:http, :pool_size])
:public_key.cacerts_load()
config = config =
[:http, :adapter] [:http, :adapter]
|> Config.get([]) |> Config.get([])
|> Pleroma.HTTP.AdapterHelper.add_pool_size(pool_size) |> Pleroma.HTTP.AdapterHelper.add_pool_size(pool_size)
|> Pleroma.HTTP.AdapterHelper.maybe_add_proxy_pool(proxy) |> Pleroma.HTTP.AdapterHelper.maybe_add_proxy_pool(proxy)
|> Pleroma.HTTP.AdapterHelper.maybe_add_cacerts(:public_key.cacerts_get())
|> Keyword.put(:name, MyFinch) |> Keyword.put(:name, MyFinch)
[{Finch, config}] [{Finch, config}]

View file

@ -47,6 +47,17 @@ def maybe_add_proxy_pool(opts, proxy) do
|> put_in([:pools, :default, :conn_opts, :proxy], proxy) |> put_in([:pools, :default, :conn_opts, :proxy], proxy)
end end
def maybe_add_cacerts(opts, nil), do: opts
def maybe_add_cacerts(opts, cacerts) do
opts
|> maybe_add_pools()
|> maybe_add_default_pool()
|> maybe_add_conn_opts()
|> maybe_add_transport_opts()
|> put_in([:pools, :default, :conn_opts, :transport_opts, :cacerts], cacerts)
end
def add_pool_size(opts, pool_size) do def add_pool_size(opts, pool_size) do
opts opts
|> maybe_add_pools() |> maybe_add_pools()
@ -82,6 +93,16 @@ defp maybe_add_conn_opts(opts) do
end end
end end
defp maybe_add_transport_opts(opts) do
transport_opts = get_in(opts, [:pools, :default, :conn_opts, :transport_opts])
unless is_nil(transport_opts) do
opts
else
put_in(opts, [:pools, :default, :conn_opts, :transport_opts], [])
end
end
@doc """ @doc """
Merge default connection & adapter options with received ones. Merge default connection & adapter options with received ones.
""" """

View file

@ -203,7 +203,8 @@ defp deps do
{:excoveralls, "0.15.1", only: :test}, {:excoveralls, "0.15.1", only: :test},
{:mox, "~> 1.0", only: :test}, {:mox, "~> 1.0", only: :test},
{:websockex, "~> 0.4.3", only: :test}, {:websockex, "~> 0.4.3", only: :test},
{:dialyxir, "~> 1.0", only: [:dev], runtime: false} {:dialyxir, "~> 1.0", only: [:dev], runtime: false},
{:mint, "~> 1.5.1", override: true}
] ++ oauth_deps() ] ++ oauth_deps()
end end