From unknown Sun Jul 27 03:20:49 2025
X-Loop: help-debbugs@gnu.org
Subject: [bug#35083] [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
Resent-From: Carlo Zancanaro <carlo@zancanaro.id.au>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Tue, 02 Apr 2019 13:20:02 +0000
Resent-Message-ID: <handler.35083.B.15542111991065@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 35083
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35083@debbugs.gnu.org
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.15542111991065
          (code B ref -1); Tue, 02 Apr 2019 13:20:02 +0000
Received: (at submit) by debbugs.gnu.org; 2 Apr 2019 13:19:59 +0000
Received: from localhost ([127.0.0.1]:40395 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hBJKZ-0000H7-DD
	for submit@debbugs.gnu.org; Tue, 02 Apr 2019 09:19:59 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53397)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <carlo@zancanaro.id.au>) id 1hBJKX-0000Gq-FD
 for submit@debbugs.gnu.org; Tue, 02 Apr 2019 09:19:57 -0400
Received: from lists.gnu.org ([209.51.188.17]:34630)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <carlo@zancanaro.id.au>)
 id 1hBJKS-0006ia-30
 for submit@debbugs.gnu.org; Tue, 02 Apr 2019 09:19:52 -0400
Received: from eggs.gnu.org ([209.51.188.92]:39526)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <carlo@zancanaro.id.au>) id 1hBJKP-0005EM-9W
 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:51 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED
 autolearn=disabled version=3.3.2
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <carlo@zancanaro.id.au>) id 1hBJKM-0006fJ-B7
 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:47 -0400
Received: from zancanaro.com.au ([45.76.117.151]:34044)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <carlo@zancanaro.id.au>)
 id 1hBJKK-0006dJ-VM
 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:46 -0400
Received: from jolteon (unknown [210.1.202.160])
 by zancanaro.com.au (Postfix) with ESMTPSA id 313B626464
 for <guix-patches@gnu.org>; Tue,  2 Apr 2019 13:19:41 +0000 (UTC)
User-agent: mu4e 1.0; emacs 26.1
From: Carlo Zancanaro <carlo@zancanaro.id.au>
Date: Wed, 03 Apr 2019 00:19:38 +1100
Message-ID: <8736n035p1.fsf@zancanaro.id.au>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 45.76.117.151
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Spam-Score: 0.9 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.1 (/)

--=-=-=
Content-Type: text/plain; format=flowed

A little while ago I installed Kodi using Guix, and when I started 
it I got a number of errors from addons attempting to update and 
failing. I also tried to install a new addon repository which 
similarly failed. A few days after my attempt, someone posted on 
Reddit with the same problem[1].

Looking at the logs, I think the issue is that Kodi isn't setting 
the libcurl options necessary to make HTTPS connections. Here's a 
patch to fix that.

[1]: 
https://www.reddit.com/r/GUIX/comments/b5421l/can_anyone_confirm_whether_or_not_kodi_can_update/


--=-=-=
Content-Type: text/x-diff
Content-Disposition: attachment;
 filename=0001-gnu-kodi-Allow-connecting-to-HTTPS-sources.patch

>From 682598efa201d769b79570a0d8f2f5f8b2534247 Mon Sep 17 00:00:00 2001
From: Carlo Zancanaro <carlo@zancanaro.id.au>
Date: Tue, 2 Apr 2019 22:36:57 +1100
Subject: [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
To: guix-patches@gnu.org

* gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kodi.scm (kodi)[patches]: Add it.
---
 gnu/local.mk                                     |  1 +
 gnu/packages/kodi.scm                            |  3 ++-
 .../kodi-set-libcurl-ssl-parameters.patch        | 16 ++++++++++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 303cef7bfa..cfdc14e14d 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -947,6 +947,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/kobodeluxe-manpage-minus-not-hyphen.patch	\
   %D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch	\
   %D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch	\
+  %D%/packages/patches/kodi-set-libcurl-ssl-parameters.patch		\
   %D%/packages/patches/kodi-skip-test-449.patch		\
   %D%/packages/patches/laby-make-install.patch			\
   %D%/packages/patches/ldc-bootstrap-disable-tests.patch	\
diff --git a/gnu/packages/kodi.scm b/gnu/packages/kodi.scm
index 3929909d10..58073b6170 100644
--- a/gnu/packages/kodi.scm
+++ b/gnu/packages/kodi.scm
@@ -281,7 +281,8 @@ alternatives. In compilers, this can reduce the cascade of secondary errors.")
               (sha256
                (base32
                 "1w26aqvzxv4c70gcd1vw1pldapsc2xcacwq9b7dqx5m44j0zx1dc"))
-              (patches (search-patches "kodi-skip-test-449.patch"))
+              (patches (search-patches "kodi-skip-test-449.patch"
+                                       "kodi-set-libcurl-ssl-parameters.patch"))
               (snippet
                '(begin
                   (use-modules (guix build utils))
diff --git a/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch
new file mode 100644
index 0000000000..f977c6dd98
--- /dev/null
+++ b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch
@@ -0,0 +1,16 @@
+Kodi doesn't set the CAPATH and CAINFO parameters for libcurl. To make HTTPS
+connections work we can set them based on SSL_CERT_DIR and SSL_CERT_FILE.
+
+--- a/xbmc/filesystem/CurlFile.cpp
++++ b/xbmc/filesystem/CurlFile.cpp
+@@ -626,5 +626,9 @@
+   // Setup allowed TLS/SSL ciphers. New versions of cURL may deprecate things that are still in use.
+   if (!m_cipherlist.empty())
+     g_curlInterface.easy_setopt(h, CURLOPT_SSL_CIPHER_LIST, m_cipherlist.c_str());
++
++  // Load certificate data from environment paths
++  g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAPATH, getenv("SSL_CERT_DIR"));
++  g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAINFO, getenv("SSL_CERT_FILE"));
+ }
+ 
+ void CCurlFile::SetRequestHeaders(CReadState* state)
\ No newline at end of file
-- 
2.21.0


--=-=-=--




From unknown Sun Jul 27 03:20:49 2025
MIME-Version: 1.0
X-Mailer: MIME-tools 5.505 (Entity 5.505)
X-Loop: help-debbugs@gnu.org
From: help-debbugs@gnu.org (GNU bug Tracking System)
To: Carlo Zancanaro <carlo@zancanaro.id.au>
Subject: bug#35083: closed (Re: [bug#35083] [PATCH] gnu: kodi: Allow
 connecting to HTTPS sources.)
Message-ID: <handler.35083.D35083.1554908315858.notifdone@debbugs.gnu.org>
References: <87imvldi0g.fsf@gnu.org> <8736n035p1.fsf@zancanaro.id.au>
X-Gnu-PR-Message: they-closed 35083
X-Gnu-PR-Package: guix-patches
X-Gnu-PR-Keywords: patch
Reply-To: 35083@debbugs.gnu.org
Date: Wed, 10 Apr 2019 14:59:02 +0000
Content-Type: multipart/mixed; boundary="----------=_1554908342-893-1"

This is a multi-part message in MIME format...

------------=_1554908342-893-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Your bug report

#35083: [PATCH] gnu: kodi: Allow connecting to HTTPS sources.

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 35083@debbugs.gnu.org.

--=20
35083: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D35083
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems

------------=_1554908342-893-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at 35083-done) by debbugs.gnu.org; 10 Apr 2019 14:58:35 +0000
Received: from localhost ([127.0.0.1]:53431 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hEEgM-0000Dl-NR
	for submit@debbugs.gnu.org; Wed, 10 Apr 2019 10:58:35 -0400
Received: from eggs.gnu.org ([209.51.188.92]:37857)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1hEEgK-0000DX-LP
 for 35083-done@debbugs.gnu.org; Wed, 10 Apr 2019 10:58:33 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:35598)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1hEEgD-00025k-LS; Wed, 10 Apr 2019 10:58:26 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=44650 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>)
 id 1hEEgD-0002tW-3D; Wed, 10 Apr 2019 10:58:25 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: Carlo Zancanaro <carlo@zancanaro.id.au>
Subject: Re: [bug#35083] [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
References: <8736n035p1.fsf@zancanaro.id.au>
Date: Wed, 10 Apr 2019 16:58:23 +0200
In-Reply-To: <8736n035p1.fsf@zancanaro.id.au> (Carlo Zancanaro's message of
 "Wed, 03 Apr 2019 00:19:38 +1100")
Message-ID: <87imvldi0g.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 35083-done
Cc: 35083-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hello,

Carlo Zancanaro <carlo@zancanaro.id.au> skribis:

> A little while ago I installed Kodi using Guix, and when I started it
> I got a number of errors from addons attempting to update and
> failing. I also tried to install a new addon repository which
> similarly failed. A few days after my attempt, someone posted on
> Reddit with the same problem[1].
>
> Looking at the logs, I think the issue is that Kodi isn't setting the
> libcurl options necessary to make HTTPS connections. Here's a patch to
> fix that.
>
> [1]:
> https://www.reddit.com/r/GUIX/comments/b5421l/can_anyone_confirm_whether_=
or_not_kodi_can_update/
>
>>>From 682598efa201d769b79570a0d8f2f5f8b2534247 Mon Sep 17 00:00:00 2001
> From: Carlo Zancanaro <carlo@zancanaro.id.au>
> Date: Tue, 2 Apr 2019 22:36:57 +1100
> Subject: [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
> To: guix-patches@gnu.org
>
> * gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/kodi.scm (kodi)[patches]: Add it.

Awesome.  Applied, thanks!

Ludo=E2=80=99.


------------=_1554908342-893-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at submit) by debbugs.gnu.org; 2 Apr 2019 13:19:59 +0000
Received: from localhost ([127.0.0.1]:40395 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hBJKZ-0000H7-DD
	for submit@debbugs.gnu.org; Tue, 02 Apr 2019 09:19:59 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53397)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <carlo@zancanaro.id.au>) id 1hBJKX-0000Gq-FD
 for submit@debbugs.gnu.org; Tue, 02 Apr 2019 09:19:57 -0400
Received: from lists.gnu.org ([209.51.188.17]:34630)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <carlo@zancanaro.id.au>)
 id 1hBJKS-0006ia-30
 for submit@debbugs.gnu.org; Tue, 02 Apr 2019 09:19:52 -0400
Received: from eggs.gnu.org ([209.51.188.92]:39526)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <carlo@zancanaro.id.au>) id 1hBJKP-0005EM-9W
 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:51 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED
 autolearn=disabled version=3.3.2
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <carlo@zancanaro.id.au>) id 1hBJKM-0006fJ-B7
 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:47 -0400
Received: from zancanaro.com.au ([45.76.117.151]:34044)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <carlo@zancanaro.id.au>)
 id 1hBJKK-0006dJ-VM
 for guix-patches@gnu.org; Tue, 02 Apr 2019 09:19:46 -0400
Received: from jolteon (unknown [210.1.202.160])
 by zancanaro.com.au (Postfix) with ESMTPSA id 313B626464
 for <guix-patches@gnu.org>; Tue,  2 Apr 2019 13:19:41 +0000 (UTC)
User-agent: mu4e 1.0; emacs 26.1
From: Carlo Zancanaro <carlo@zancanaro.id.au>
To: guix-patches@gnu.org
Subject: [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
Date: Wed, 03 Apr 2019 00:19:38 +1100
Message-ID: <8736n035p1.fsf@zancanaro.id.au>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 45.76.117.151
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Spam-Score: 0.9 (/)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.1 (/)

--=-=-=
Content-Type: text/plain; format=flowed

A little while ago I installed Kodi using Guix, and when I started 
it I got a number of errors from addons attempting to update and 
failing. I also tried to install a new addon repository which 
similarly failed. A few days after my attempt, someone posted on 
Reddit with the same problem[1].

Looking at the logs, I think the issue is that Kodi isn't setting 
the libcurl options necessary to make HTTPS connections. Here's a 
patch to fix that.

[1]: 
https://www.reddit.com/r/GUIX/comments/b5421l/can_anyone_confirm_whether_or_not_kodi_can_update/


--=-=-=
Content-Type: text/x-diff
Content-Disposition: attachment;
 filename=0001-gnu-kodi-Allow-connecting-to-HTTPS-sources.patch

>From 682598efa201d769b79570a0d8f2f5f8b2534247 Mon Sep 17 00:00:00 2001
From: Carlo Zancanaro <carlo@zancanaro.id.au>
Date: Tue, 2 Apr 2019 22:36:57 +1100
Subject: [PATCH] gnu: kodi: Allow connecting to HTTPS sources.
To: guix-patches@gnu.org

* gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kodi.scm (kodi)[patches]: Add it.
---
 gnu/local.mk                                     |  1 +
 gnu/packages/kodi.scm                            |  3 ++-
 .../kodi-set-libcurl-ssl-parameters.patch        | 16 ++++++++++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 303cef7bfa..cfdc14e14d 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -947,6 +947,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/kobodeluxe-manpage-minus-not-hyphen.patch	\
   %D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch	\
   %D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch	\
+  %D%/packages/patches/kodi-set-libcurl-ssl-parameters.patch		\
   %D%/packages/patches/kodi-skip-test-449.patch		\
   %D%/packages/patches/laby-make-install.patch			\
   %D%/packages/patches/ldc-bootstrap-disable-tests.patch	\
diff --git a/gnu/packages/kodi.scm b/gnu/packages/kodi.scm
index 3929909d10..58073b6170 100644
--- a/gnu/packages/kodi.scm
+++ b/gnu/packages/kodi.scm
@@ -281,7 +281,8 @@ alternatives. In compilers, this can reduce the cascade of secondary errors.")
               (sha256
                (base32
                 "1w26aqvzxv4c70gcd1vw1pldapsc2xcacwq9b7dqx5m44j0zx1dc"))
-              (patches (search-patches "kodi-skip-test-449.patch"))
+              (patches (search-patches "kodi-skip-test-449.patch"
+                                       "kodi-set-libcurl-ssl-parameters.patch"))
               (snippet
                '(begin
                   (use-modules (guix build utils))
diff --git a/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch
new file mode 100644
index 0000000000..f977c6dd98
--- /dev/null
+++ b/gnu/packages/patches/kodi-set-libcurl-ssl-parameters.patch
@@ -0,0 +1,16 @@
+Kodi doesn't set the CAPATH and CAINFO parameters for libcurl. To make HTTPS
+connections work we can set them based on SSL_CERT_DIR and SSL_CERT_FILE.
+
+--- a/xbmc/filesystem/CurlFile.cpp
++++ b/xbmc/filesystem/CurlFile.cpp
+@@ -626,5 +626,9 @@
+   // Setup allowed TLS/SSL ciphers. New versions of cURL may deprecate things that are still in use.
+   if (!m_cipherlist.empty())
+     g_curlInterface.easy_setopt(h, CURLOPT_SSL_CIPHER_LIST, m_cipherlist.c_str());
++
++  // Load certificate data from environment paths
++  g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAPATH, getenv("SSL_CERT_DIR"));
++  g_curlInterface.easy_setopt(m_state->m_easyHandle, CURLOPT_CAINFO, getenv("SSL_CERT_FILE"));
+ }
+ 
+ void CCurlFile::SetRequestHeaders(CReadState* state)
\ No newline at end of file
-- 
2.21.0


--=-=-=--



------------=_1554908342-893-1--