From 23398f7da3be0c6025c567603cc2cb9a25f05dca Mon Sep 17 00:00:00 2001 From: bananna-droid <211863225+bananna-droid@users.noreply.github.com> Date: Sun, 25 Jan 2026 19:52:23 -0700 Subject: [PATCH 1/3] Add CA certificate bundle path override for SSL issues Fix for linux for issue 146 Allows users to specify a custom CA certificate bundle path via ca_cert_config.txt configuration file. This addresses SSL certificate validation failures on Linux systems where libgit2's default certificate detection fails. Implementation uses git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS) to set the certificate path at runtime. The feature is opt-in and should have zero impact on existing users. --- addons/godot-git-plugin/ca_cert_config.txt | 20 +++++++++ godot-git-plugin/src/git_plugin.cpp | 47 +++++++++++++++++++++- godot-git-plugin/src/git_plugin.h | 4 +- 3 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 addons/godot-git-plugin/ca_cert_config.txt diff --git a/addons/godot-git-plugin/ca_cert_config.txt b/addons/godot-git-plugin/ca_cert_config.txt new file mode 100644 index 00000000..2e596b4c --- /dev/null +++ b/addons/godot-git-plugin/ca_cert_config.txt @@ -0,0 +1,20 @@ +# CA Certificate Bundle Configuration for godot-git-plugin +# Uncomment the line that matches your system + +# Linux (Debian/Ubuntu/Mint) +#/etc/ssl/certs/ca-certificates.crt + +# Linux (RHEL/CentOS/Fedora) +# /etc/pki/tls/certs/ca-bundle.crt + +# Linux (OpenSUSE) +# /etc/ssl/ca-bundle.pem + +# macOS (Homebrew OpenSSL) +# /usr/local/etc/openssl@3/cert.pem + +# macOS (System) +# /etc/ssl/cert.pem + +# Custom path +# /path/to/your/ca-bundle.crt \ No newline at end of file diff --git a/godot-git-plugin/src/git_plugin.cpp b/godot-git-plugin/src/git_plugin.cpp index af7360a1..b33b4e05 100644 --- a/godot-git-plugin/src/git_plugin.cpp +++ b/godot-git-plugin/src/git_plugin.cpp @@ -29,8 +29,34 @@ #define COMMA , +godot::String get_plugin_base_path() { + return "res://addons/godot-git-plugin/"; +} + void GitPlugin::_bind_methods() { - // Doesn't seem to require binding functions for now + godot::ClassDB::bind_method(godot::D_METHOD("set_ca_bundle_path", "path"), &GitPlugin::_set_ca_bundle_path); +} + +void GitPlugin::_set_ca_bundle_path(const godot::String &path) { + // Store path for later use. If empty, default runtime behavior remains unchanged. + ca_bundle_path = path; + + if (!ca_bundle_path.is_empty()) { + // Convert to C string + std::string path_str = std::string(path.utf8().get_data()); + + // Tell libgit2 to use this certificate file + int error = git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, path_str.c_str(), NULL); + + if (error == 0) { + godot::UtilityFunctions::print("GitPlugin: CA bundle set to ", ca_bundle_path); + } else { + const git_error *e = git_error_last(); + godot::UtilityFunctions::print("GitPlugin: Failed to set CA bundle: ", e ? e->message : "unknown error"); + } + } else { + godot::UtilityFunctions::print("GitPlugin: CA bundle cleared"); + } } GitPlugin::GitPlugin() { @@ -701,6 +727,25 @@ bool GitPlugin::_initialize(const godot::String &project_path) { create_gitignore_and_gitattributes(); } + + godot::String config_path = "res://addons/godot-git-plugin/ca_cert_config.txt"; + if (godot::FileAccess::file_exists(config_path)) { + godot::UtilityFunctions::print("GitPlugin: file_exists ",config_path); + godot::Ref file = + godot::FileAccess::open(config_path, godot::FileAccess::READ); + if (file.is_valid()) { + while (!file->eof_reached()) { + godot::String line = file->get_line().strip_edges(); + if (line.is_empty() || line.begins_with("#")) { + continue; + } + _set_ca_bundle_path(line); + break; + } + file->close(); + } + } + return true; } diff --git a/godot-git-plugin/src/git_plugin.h b/godot-git-plugin/src/git_plugin.h index eb2a7dd9..c5857739 100644 --- a/godot-git-plugin/src/git_plugin.h +++ b/godot-git-plugin/src/git_plugin.h @@ -29,7 +29,8 @@ class GitPlugin : public godot::EditorVCSInterface { git_oid pull_merge_oid = {}; godot::String repo_project_path; std::unordered_map map_changes; - + godot::String ca_bundle_path; + GitPlugin(); // Endpoints @@ -56,6 +57,7 @@ class GitPlugin : public godot::EditorVCSInterface { void _push(const godot::String &remote, bool force) override; void _fetch(const godot::String &remote) override; godot::TypedArray _get_line_diff(const godot::String &file_path, const godot::String &text) override; + void _set_ca_bundle_path(const godot::String &path); // Helpers godot::TypedArray _parse_diff(git_diff *p_diff); From cd3a6f8a14da877862ab5c8c0259181c8f8f10dc Mon Sep 17 00:00:00 2001 From: bananna-droid <211863225+bananna-droid@users.noreply.github.com> Date: Tue, 27 Jan 2026 10:39:08 -0700 Subject: [PATCH 2/3] Apply clang-format to fix code style --- godot-git-plugin/src/git_plugin.cpp | 41 ++++++++++++++--------------- godot-git-plugin/src/git_plugin.h | 2 +- 2 files changed, 21 insertions(+), 22 deletions(-) diff --git a/godot-git-plugin/src/git_plugin.cpp b/godot-git-plugin/src/git_plugin.cpp index b33b4e05..e3716997 100644 --- a/godot-git-plugin/src/git_plugin.cpp +++ b/godot-git-plugin/src/git_plugin.cpp @@ -30,7 +30,7 @@ #define COMMA , godot::String get_plugin_base_path() { - return "res://addons/godot-git-plugin/"; + return "res://addons/godot-git-plugin/"; } void GitPlugin::_bind_methods() { @@ -44,10 +44,10 @@ void GitPlugin::_set_ca_bundle_path(const godot::String &path) { if (!ca_bundle_path.is_empty()) { // Convert to C string std::string path_str = std::string(path.utf8().get_data()); - + // Tell libgit2 to use this certificate file int error = git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, path_str.c_str(), NULL); - + if (error == 0) { godot::UtilityFunctions::print("GitPlugin: CA bundle set to ", ca_bundle_path); } else { @@ -727,24 +727,23 @@ bool GitPlugin::_initialize(const godot::String &project_path) { create_gitignore_and_gitattributes(); } - - godot::String config_path = "res://addons/godot-git-plugin/ca_cert_config.txt"; - if (godot::FileAccess::file_exists(config_path)) { - godot::UtilityFunctions::print("GitPlugin: file_exists ",config_path); - godot::Ref file = - godot::FileAccess::open(config_path, godot::FileAccess::READ); - if (file.is_valid()) { - while (!file->eof_reached()) { - godot::String line = file->get_line().strip_edges(); - if (line.is_empty() || line.begins_with("#")) { - continue; - } - _set_ca_bundle_path(line); - break; - } - file->close(); - } - } + godot::String config_path = "res://addons/godot-git-plugin/ca_cert_config.txt"; + if (godot::FileAccess::file_exists(config_path)) { + godot::UtilityFunctions::print("GitPlugin: file_exists ", config_path); + godot::Ref file = + godot::FileAccess::open(config_path, godot::FileAccess::READ); + if (file.is_valid()) { + while (!file->eof_reached()) { + godot::String line = file->get_line().strip_edges(); + if (line.is_empty() || line.begins_with("#")) { + continue; + } + _set_ca_bundle_path(line); + break; + } + file->close(); + } + } return true; } diff --git a/godot-git-plugin/src/git_plugin.h b/godot-git-plugin/src/git_plugin.h index c5857739..57ea0042 100644 --- a/godot-git-plugin/src/git_plugin.h +++ b/godot-git-plugin/src/git_plugin.h @@ -30,7 +30,7 @@ class GitPlugin : public godot::EditorVCSInterface { godot::String repo_project_path; std::unordered_map map_changes; godot::String ca_bundle_path; - + GitPlugin(); // Endpoints From 4ca4e3c9010c461abe1cfa0c4643e4b91a6f5e4c Mon Sep 17 00:00:00 2001 From: bananna-droid <211863225+bananna-droid@users.noreply.github.com> Date: Wed, 28 Jan 2026 16:38:38 -0700 Subject: [PATCH 3/3] Enhance CA certificate bundle configuration and path normalization for SSL support on Windows --- addons/godot-git-plugin/ca_cert_config.txt | 37 ++++++++++++++++++++-- godot-git-plugin/src/git_plugin.cpp | 7 ++-- 2 files changed, 40 insertions(+), 4 deletions(-) diff --git a/addons/godot-git-plugin/ca_cert_config.txt b/addons/godot-git-plugin/ca_cert_config.txt index 2e596b4c..dcf15de7 100644 --- a/addons/godot-git-plugin/ca_cert_config.txt +++ b/addons/godot-git-plugin/ca_cert_config.txt @@ -1,5 +1,17 @@ # CA Certificate Bundle Configuration for godot-git-plugin -# Uncomment the line that matches your system +# +# This file allows you to specify a custom CA certificate bundle path +# to resolve SSL certificate validation errors on all platforms. +# +# INSTRUCTIONS: +# 1. Uncomment the line that matches your system +# 2. Adjust the path if your certificates are located elsewhere +# 3. Restart Godot after making changes + +# +# ============================================================ +# LINUX - Common certificate bundle locations: +# ============================================================ # Linux (Debian/Ubuntu/Mint) #/etc/ssl/certs/ca-certificates.crt @@ -10,6 +22,13 @@ # Linux (OpenSUSE) # /etc/ssl/ca-bundle.pem +# Custom path +# /path/to/your/ca-bundle.crt + +# ============================================================ +# MACOS - Common certificate bundle locations: +# ============================================================ + # macOS (Homebrew OpenSSL) # /usr/local/etc/openssl@3/cert.pem @@ -17,4 +36,18 @@ # /etc/ssl/cert.pem # Custom path -# /path/to/your/ca-bundle.crt \ No newline at end of file +# /path/to/your/ca-bundle.crt + +# ============================================================ +# WINDOWS - Common certificate bundle locations: +# ============================================================ + +# Use forward slashes (/) in paths, even on Windows +# Git backend selection during installation doesn't affect this plugin +# Git for Windows (works with both OpenSSL and Secure Channel installations) +# Possible Windows Paths for cert included with Git +# C:/Program Files/Git/mingw64/etc/ssl/certs/ca-bundle.crt +# C:/Program Files/Git/usr/ssl/certs/ca-bundle.crt + +# Custom path +# C:/path/to/your/ca-bundle.crt \ No newline at end of file diff --git a/godot-git-plugin/src/git_plugin.cpp b/godot-git-plugin/src/git_plugin.cpp index e3716997..452ecd21 100644 --- a/godot-git-plugin/src/git_plugin.cpp +++ b/godot-git-plugin/src/git_plugin.cpp @@ -42,14 +42,17 @@ void GitPlugin::_set_ca_bundle_path(const godot::String &path) { ca_bundle_path = path; if (!ca_bundle_path.is_empty()) { + // Normalize path (convert backslashes to forward slashes) + godot::String normalized_path = ca_bundle_path.replace("\\", "/"); + // Convert to C string - std::string path_str = std::string(path.utf8().get_data()); + std::string path_str = std::string(normalized_path.utf8().get_data()); // Tell libgit2 to use this certificate file int error = git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, path_str.c_str(), NULL); if (error == 0) { - godot::UtilityFunctions::print("GitPlugin: CA bundle set to ", ca_bundle_path); + godot::UtilityFunctions::print("GitPlugin: CA bundle set to ", normalized_path); } else { const git_error *e = git_error_last(); godot::UtilityFunctions::print("GitPlugin: Failed to set CA bundle: ", e ? e->message : "unknown error");