Add termux support

[malbarbo]

Termux is Android terminal emulator and Linux environment app, some users are expecting to use rustc on termux (including some chromebook users). This will help fix https://github.com/rust-lang-nursery/rustup.rs/issues/1058.

Even if https://github.com/sfackler/rust-openssl/issues/610 got fixed, termux has its own environment, so it seems reasonable to use termux installed certificates.

[alexcrichton]

According to this comment this may not work? In testing locally though does this work out for you?

[malbarbo]

Running this program

extern crate openssl_probe;

pub fn main() {
    openssl_probe::init_ssl_cert_env_vars();
    println!("{:?}", ::std::env::var_os("SSL_CERT_FILE"));
}

on my phone prints:

Some("/data/data/com.termux/files/usr/etc/tls/cert.pem")

Which is the correct path. Testing with rustup is a bit more complicated (I would have to set various path dependencies...), but considering this simple example, I think it will work. Note that init_ssl_cert_env_vars is called direct in the rustup code and indirect (via curl easy) in cargo.

Can you clarify why the comment you link suggest that it may not work?

[alexcrichton]

Oh right yeah I'm confident the env vars are set, but is that actually read by Cargo/rustup and does it fix the certificate problems you were seeing?

[malbarbo]

Ok, after some trouble I was able to build rustup-init with this update and can assert that it worked.

I checked the rustup code and it is using curl crate (the direct call to init_ssl_cert_env_vars is in rustls backend). The curl crate is calling init_ssl_cert_env_vars. Considering that cargo is also using curl,
I suppose that cargo will work too.

Sorry for trying to hurry...

[alexcrichton]

Oh no worries! Just wanted to make sure we had at least one data point :)

Thanks for checking!

[malbarbo]

Thanks! You you mind releasing a 0.1.1 version?

[alexcrichton]

Certainly, done!

[jaysonsantos]

Could it be something like this?

pub fn find_certs_dirs() -> Vec<PathBuf> {
    // see http://gagravarr.org/writing/openssl-certs/others.shtml
    let prefix = var_os("PREFIX").unwrap_or("");
    [
        "/var/ssl",
        "/usr/share/ssl",
        "/usr/local/ssl",
        "/usr/local/openssl",
        "/usr/local/share",
        "/usr/lib/ssl",
        "/usr/ssl",
        "/etc/openssl",
        "/etc/pki/tls",
        "/etc/ssl",
        "/etc/tls",
    ].iter().map(|s| PathBuf::from(*s)).filter(|p| {
        fs::metadata(format!("{}{}", prefix, p)).is_ok()
    }).collect()
}

so, every system that has a PREFIX like termux does would be covered here

[malbarbo]

Do you know other systems that use PREFIX env var?

[jaysonsantos]

@malbarbo I don't know but it would be cool because autotools also allows --prefix