debian7: force usage of brewed ca-certificates

Homebrew · Feb 21, 2022 · 4d1b434 · 4d1b434
1 parent 6661f5b
commit 4d1b434
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 9 deletions.
diff --git a/Library/Homebrew/brew.sh b/Library/Homebrew/brew.sh
@@ -493,8 +493,10 @@ else
   # shellcheck disable=SC2154
   if [[ -n "${HOMEBREW_ON_DEBIAN7}" ]]
   then
-    # Special version for our debian 7 docker container used to build patchelf and binutils
+    # Special version for our debian 7 docker container used to build binutils
     HOMEBREW_MINIMUM_CURL_VERSION="7.25.0"
+    HOMEBREW_SYSTEM_CA_CERTIFICATES_TOO_OLD="1"
+    HOMEBREW_FORCE_BREWED_CA_CERTIFICATES="1"
   else
     # Ensure the system Curl is a version that supports modern HTTPS certificates.
     HOMEBREW_MINIMUM_CURL_VERSION="7.41.0"

diff --git a/Library/Homebrew/development_tools.rb b/Library/Homebrew/development_tools.rb
@@ -100,7 +100,9 @@ def clear_version_cache
 
     sig { returns(T::Boolean) }
     def ca_file_handles_most_https_certificates?
-      true
+      # The system CA file is too old for some modern HTTPS certificates on
+      # older OS versions.
+      ENV["HOMEBREW_SYSTEM_CA_CERTIFICATES_TOO_OLD"].nil?
     end
 
     sig { returns(T::Boolean) }

diff --git a/Library/Homebrew/extend/os/mac/development_tools.rb b/Library/Homebrew/extend/os/mac/development_tools.rb
@@ -37,13 +37,6 @@ def default_compiler
       :clang
     end
 
-    sig { returns(T::Boolean) }
-    def ca_file_handles_most_https_certificates?
-      # The system CA file is too old for some modern HTTPS certificates on
-      # older macOS versions.
-      ENV["HOMEBREW_SYSTEM_CA_CERTIFICATES_TOO_OLD"].nil?
-    end
-
     sig { returns(T::Boolean) }
     def curl_handles_most_https_certificates?
       # The system Curl is too old for some modern HTTPS certificates on