Skip searching for SSL bundles on Linux. (#301)

resources/settings/settings_description.json

@@ -129,6 +129,11 @@
         "default": false,
         "hidden": true
       },
+      {
+        "value": "autodetectCertBundle",
+        "default": false,
+        "platforms": [ "linux" ]
+      },
       {
         "value": "forceExternalWebclient",
         "default": false

src/player/PlayerComponent.cpp

@@ -135,30 +135,34 @@ bool PlayerComponent::componentInitialize()
     mpv::qt::set_property(m_mpv, "tls-verify", "no");
   } else {
 #if !defined(Q_OS_WIN) && !defined(Q_OS_MAC)
-    QList<QByteArray> list;
-    list << "/etc/ssl/certs/ca-certificates.crt"
-        << "/etc/pki/tls/certs/ca-bundle.crt"
-        << "/usr/share/ssl/certs/ca-bundle.crt"
-        << "/usr/local/share/certs/ca-root-nss.crt"
-        << "/etc/ssl/cert.pem"
-        << "/usr/share/curl/curl-ca-bundle.crt"
-        << "/usr/local/share/curl/curl-ca-bundle.crt"
-        << "/var/lib/ca-certificates/ca-bundle.pem";
-
-    bool success = false;
-
-    for (auto path : list)
-    {
-      if (access(path.data(), R_OK) == 0) {
-        mpv::qt::set_property(m_mpv, "tls-ca-file", path.data());
-        mpv::qt::set_property(m_mpv, "tls-verify", "yes");
-        success = true;
-        break;
+    if (SettingsComponent::Get().autodetectCertBundle()) {
+      QList<QByteArray> list;
+      list << "/etc/ssl/certs/ca-certificates.crt"
+          << "/etc/pki/tls/certs/ca-bundle.crt"
+          << "/usr/share/ssl/certs/ca-bundle.crt"
+          << "/usr/local/share/certs/ca-root-nss.crt"
+          << "/etc/ssl/cert.pem"
+          << "/usr/share/curl/curl-ca-bundle.crt"
+          << "/usr/local/share/curl/curl-ca-bundle.crt"
+          << "/var/lib/ca-certificates/ca-bundle.pem";
+
+      bool success = false;
+
+      for (auto path : list)
+      {
+        if (access(path.data(), R_OK) == 0) {
+          mpv::qt::set_property(m_mpv, "tls-ca-file", path.data());
+          mpv::qt::set_property(m_mpv, "tls-verify", "yes");
+          success = true;
+          break;
+        }
       }
-    }
 
-    if (!success)
-      throw FatalException(tr("Failed to locate CA bundle."));
+      if (!success)
+        throw FatalException(tr("Failed to locate CA bundle."));
+    } else {
+      mpv::qt::set_property(m_mpv, "tls-verify", "yes");
+    }
 #else
     // We need to not use Shinchiro's personal CA file...
     mpv::qt::set_property(m_mpv, "tls-ca-file", "");

src/settings/SettingsComponent.cpp

@@ -799,6 +799,12 @@ bool SettingsComponent::ignoreSSLErrors()
   return SettingsComponent::Get().value(SETTINGS_SECTION_MAIN, "ignoreSSLErrors").toBool();
 }
 
+/////////////////////////////////////////////////////////////////////////////////////////
+bool SettingsComponent::autodetectCertBundle()
+{
+  return SettingsComponent::Get().value(SETTINGS_SECTION_MAIN, "autodetectCertBundle").toBool();
+}
+
 /////////////////////////////////////////////////////////////////////////////////////////
 void SettingsComponent::setCommandLineValues(const QStringList& values)
 {

src/settings/SettingsComponent.h

@@ -62,6 +62,7 @@ public:
   Q_INVOKABLE bool isUsingExternalWebClient();
   Q_INVOKABLE QString getClientName();
   Q_INVOKABLE bool ignoreSSLErrors();
+  Q_INVOKABLE bool autodetectCertBundle();
 
   // host commands
   Q_SLOT Q_INVOKABLE void cycleSettingCommand(const QString& args);