From c43d2695cb9625b6824308f1a9308f2da066eaf6 Mon Sep 17 00:00:00 2001
From: southorange0929 <southorange0929@foxmail.com>
Date: Mon, 3 Jun 2024 10:28:12 +0800
Subject: [PATCH 1/3] feat: support load openharmony root certs by default

---
 src/imp/openssl.rs | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/src/imp/openssl.rs b/src/imp/openssl.rs
index 8fc43620..7915b009 100644
--- a/src/imp/openssl.rs
+++ b/src/imp/openssl.rs
@@ -109,6 +109,25 @@ fn load_android_root_certs(connector: &mut SslContextBuilder) -> Result<(), Erro
     Ok(())
 }
 
+#[cfg(target_env = "ohos")]
+fn load_ohos_root_certs(connector: &mut SslContextBuilder) -> Result<(), Error> {
+    use std::fs;
+
+    if let Ok(dir) = fs::read_dir("/system/etc/security/cacerts") {
+        let certs = dir
+            .filter_map(|r| r.ok())
+            .filter_map(|e| fs::read(e.path()).ok())
+            .filter_map(|b| X509::from_pem(&b).ok());
+        for cert in certs {
+            if let Err(err) = connector.cert_store_mut().add_cert(cert) {
+                debug!("load_ohos_root_certs error: {:?}", err);
+            }
+        }
+    }
+
+    Ok(())
+}
+
 #[derive(Debug)]
 pub enum Error {
     Normal(ErrorStack),
@@ -320,6 +339,9 @@ impl TlsConnector {
         #[cfg(target_os = "android")]
         load_android_root_certs(&mut connector)?;
 
+        #[cfg(target_env = "ohos")]
+        load_ohos_root_certs(&mut connector)?;
+
         Ok(TlsConnector {
             connector: connector.build(),
             use_sni: builder.use_sni,

From d7395e6197dd5f6fb8d3e3e1f8d08f2dda6de5dd Mon Sep 17 00:00:00 2001
From: southorange0929 <southorange0929@foxmail.com>
Date: Tue, 4 Jun 2024 15:09:12 +0800
Subject: [PATCH 2/3] feat: update folder

---
 src/imp/openssl.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/imp/openssl.rs b/src/imp/openssl.rs
index 7915b009..40155b38 100644
--- a/src/imp/openssl.rs
+++ b/src/imp/openssl.rs
@@ -113,7 +113,7 @@ fn load_android_root_certs(connector: &mut SslContextBuilder) -> Result<(), Erro
 fn load_ohos_root_certs(connector: &mut SslContextBuilder) -> Result<(), Error> {
     use std::fs;
 
-    if let Ok(dir) = fs::read_dir("/system/etc/security/cacerts") {
+    if let Ok(dir) = fs::read_dir("/system/etc/security/certificates") {
         let certs = dir
             .filter_map(|r| r.ok())
             .filter_map(|e| fs::read(e.path()).ok())

From a788cb2d3963bb82ae39739527799a6b7fdd1c75 Mon Sep 17 00:00:00 2001
From: southorange0929 <southorange0929@foxmail.com>
Date: Tue, 16 Jul 2024 10:26:16 +0800
Subject: [PATCH 3/3] feat: update folder

---
 src/imp/openssl.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/imp/openssl.rs b/src/imp/openssl.rs
index 40155b38..6693a784 100644
--- a/src/imp/openssl.rs
+++ b/src/imp/openssl.rs
@@ -113,7 +113,7 @@ fn load_android_root_certs(connector: &mut SslContextBuilder) -> Result<(), Erro
 fn load_ohos_root_certs(connector: &mut SslContextBuilder) -> Result<(), Error> {
     use std::fs;
 
-    if let Ok(dir) = fs::read_dir("/system/etc/security/certificates") {
+    if let Ok(dir) = fs::read_dir("/etc/security/certificates") {
         let certs = dir
             .filter_map(|r| r.ok())
             .filter_map(|e| fs::read(e.path()).ok())