Skip to content

Commit 9fdcfd1

Browse files
marcpruxmarcprux
committed
Cleanup and add comments
1 parent b6d7191 commit 9fdcfd1

File tree

1 file changed

+3
-5
lines changed

1 file changed

+3
-5
lines changed

Sources/FoundationNetworking/URLSession/libcurl/EasyHandle.swift

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -224,9 +224,7 @@ extension _EasyHandle {
224224
// When no certificate file has been specified, assemble all the certificate files
225225
// from the Android certificate store and writes them to a single `cacerts.pem` file
226226
//
227-
// See https://android.googlesource.com/platform/frameworks/base/+/8b192b19f264a8829eac2cfaf0b73f6fc188d933%5E%21/#F0
228-
229-
// See https://github.com/apple/swift-nio-ssl/blob/d1088ebe0789d9eea231b40741831f37ab654b61/Sources/NIOSSL/AndroidCABundle.swift#L30
227+
// See https://github.com/apple/swift-nio-ssl/blob/main/Sources/NIOSSL/AndroidCABundle.swift
230228
let certsFolders = [
231229
"/apex/com.android.conscrypt/cacerts", // >= Android14
232230
"/system/etc/security/cacerts" // < Android14
@@ -251,7 +249,7 @@ extension _EasyHandle {
251249
""".data(using: .utf8)!)
252250

253251
// Go through each folder and load each certificate file (ending with ".0"),
254-
// and append them together into a single aggreagate file tha curl can load.
252+
// and append them together into a single aggreagate file that curl can load.
255253
// The .0 files will contain some extra metadata, but libcurl only cares about the
256254
// -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- sections,
257255
// so we can naïvely concatenate them all and libcurl will understand the bundle.
@@ -268,7 +266,6 @@ extension _EasyHandle {
268266
try fs.write(contentsOf: try Data(contentsOf: certURL))
269267
} catch {
270268
// ignore individual errors and soldier on…
271-
//logger.warning("bootstrapSSLCertificates: error reading certificate file \(certURL.path): \(error)")
272269
continue
273270
}
274271
}
@@ -277,6 +274,7 @@ extension _EasyHandle {
277274
try! fs.close()
278275

279276
aggregateCertPath.withCString { pathPtr in
277+
// note that it would be nice to use CFURLSessionOptionCAPATH instead (https://curl.se/libcurl/c/CURLOPT_CAPATH.html), but it requires a special command to hash the directory contents, which we cannot
280278
try! CFURLSession_easy_setopt_ptr(rawHandle, CFURLSessionOptionCAINFO, UnsafeMutablePointer(mutating: pathPtr)).asError()
281279
}
282280
return

0 commit comments

Comments
 (0)