From 40500e4f2b45e7ea8687d65028305b00c36057ed Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 3 Jan 2025 21:06:06 +0100
Subject: [PATCH] fixup! Implement wolfSSL_X509_STORE_set_default_paths

---
 src/x509_str.c | 8 ++++++--
 tests/api.c    | 9 +++++++++
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/x509_str.c b/src/x509_str.c
index e1dbf8ed4..061d72a14 100644
--- a/src/x509_str.c
+++ b/src/x509_str.c
@@ -1553,6 +1553,8 @@ static int X509StoreLoadFile(WOLFSSL_X509_STORE *str,
     static_buffer_init(&content, stackBuffer, FILE_BUFFER_SIZE);
 #endif
 
+    WOLFSSL_MSG_EX("X509StoreLoadFile: Loading file: %s", fname);
+
     ret = X509StoreReadFile(fname, &content, &contentLen, &type);
     if (ret != WOLFSSL_SUCCESS) {
         WOLFSSL_MSG("Failed to load file");
@@ -1678,12 +1680,14 @@ WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str,
 #if defined(XGETENV) && !defined(NO_GETENV)
 int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE *str)
 {
-    int ret = WOLFSSL_FAILURE;
+    int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
     char* certDir = NULL;
     char* certFile = NULL;
 
-    certDir = wc_strdup_ex(XGETENV("SSL_CERT_DIR"), DYNAMIC_TYPE_TMP_BUFFER);
+    WOLFSSL_ENTER("wolfSSL_X509_STORE_set_default_paths");
+
     certFile = wc_strdup_ex(XGETENV("SSL_CERT_FILE"), DYNAMIC_TYPE_TMP_BUFFER);
+    certDir = wc_strdup_ex(XGETENV("SSL_CERT_DIR"), DYNAMIC_TYPE_TMP_BUFFER);
 
     ret = wolfSSL_X509_STORE_load_locations(str, certFile, certDir);
 
diff --git a/tests/api.c b/tests/api.c
index eb38e3867..cae0b5503 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -62369,6 +62369,15 @@ static int test_wolfSSL_X509_STORE_load_locations(void)
     ExpectIntEQ(X509_STORE_load_locations(store, NULL, certs_path),
         WOLFSSL_SUCCESS);
 
+#if defined(XGETENV) && !defined(NO_GETENV) && defined(_POSIX_C_SOURCE) && \
+    _POSIX_C_SOURCE >= 200112L
+    ExpectIntEQ(wolfSSL_CTX_UnloadCAs(ctx), WOLFSSL_SUCCESS);
+    /* Test with env vars */
+    ExpectIntEQ(setenv("SSL_CERT_FILE", client_pem_file, 1), 0);
+    ExpectIntEQ(setenv("SSL_CERT_DIR", certs_path, 1), 0);
+    ExpectIntEQ(X509_STORE_set_default_paths(store), WOLFSSL_SUCCESS);
+#endif
+
 #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
     /* Clear nodes */
     ERR_clear_error();