Make libcurl respect the SSL_CERT_{DIR,FILE} variables by default. The variables
are fetched during initialization to preserve thread-safety (curl_global_init(3)
must be called when no other threads exist).

This fixes network functionality in rust:cargo, and probably removes the need
for other future workarounds.
===================================================================
--- curl-8.5.0.orig/lib/easy.c	2023-12-17 00:36:32.400468561 -0500
+++ curl-8.5.0/lib/easy.c	2023-12-17 00:39:08.898612331 -0500
@@ -137,6 +137,9 @@
 static char *leakpointer;
 #endif

+char * Curl_ssl_cert_dir = NULL;
+char * Curl_ssl_cert_file = NULL;
+
 /**
  * curl_global_init() globally initializes curl given a bitwise set of the
  * different features of what to initialize.
@@ -163,6 +166,9 @@
     goto fail;
   }

+  Curl_ssl_cert_dir = curl_getenv("SSL_CERT_DIR");
+  Curl_ssl_cert_file = curl_getenv("SSL_CERT_FILE");
+
   if(!Curl_ssl_init()) {
     DEBUGF(fprintf(stderr, "Error: Curl_ssl_init failed\n"));
     goto fail;
@@ -287,6 +293,9 @@
   Curl_ssl_cleanup();
   Curl_resolver_global_cleanup();

+  free(Curl_ssl_cert_dir);
+  free(Curl_ssl_cert_file);
+
 #ifdef _WIN32
   Curl_win32_cleanup(easy_init_flags);
 #endif
diff -ur curl-7.66.0.orig/lib/url.c curl-7.66.0/lib/url.c
--- curl-7.66.0.orig/lib/url.c	2020-01-02 15:43:11.883921171 +0100
+++ curl-7.66.0/lib/url.c	2020-01-02 16:21:11.563880346 +0100
@@ -524,6 +524,21 @@
     if(result)
       return result;
 #endif
+    extern char * Curl_ssl_cert_dir;
+    extern char * Curl_ssl_cert_file;
+    if(Curl_ssl_cert_dir) {
+        if(result = Curl_setstropt(&set->str[STRING_SSL_CAPATH], Curl_ssl_cert_dir))
+            return result;
+        if(result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_PROXY], Curl_ssl_cert_dir))
+            return result;
+    }
+
+    if(Curl_ssl_cert_file) {
+        if(result = Curl_setstropt(&set->str[STRING_SSL_CAFILE], Curl_ssl_cert_file))
+            return result;
+        if(result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_PROXY], Curl_ssl_cert_file))
+            return result;
+    }
   }
 
   set->wildcard_enabled = FALSE;
 href='/guix/log/gnu/machine.scm?id=f9755ff2ac545bf90f50e64b6e70787b9b508427'>machine.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/machine.scm?id=f9755ff2ac545bf90f50e64b6e70787b9b508427&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-02-08 13:34:02 +0100'>2022-02-08</span></td><td><a href='/guix/commit/gnu/machine.scm?id=ab7114191d4599e36958c2ec18491618bf0cc6a9'>gnu: Fix typo.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/machine.scm: Fix typo in top-level comment.

Signed-off-by: Ludovic Courtès &lt;ludo@gnu.org&gt;
</span></span></td><td>jgart</td></tr>
<tr><td><span title='2020-07-25 19:11:36 +0200'>2020-07-25</span></td><td><a href='/guix/commit/gnu/machine.scm?id=a5e2fc73760a2ae023f2e56bdbf8025971f90e64'>utils: Move &lt;location&gt; and '&amp;error-location' to (guix diagnostics).</a><span class='msg-avail'>...<span class='msg-tooltip'>* guix/utils.scm (&lt;location&gt;, source-properties-&gt;location)
(location-&gt;source-properties, &amp;error-location): Move to...
* guix/diagnostics.scm: ... here.
* gnu.scm: Adjust imports accordingly.
* gnu/machine.scm: Likewise.
* gnu/system.scm: Likewise.
* gnu/tests.scm: Likewise.
* guix/inferior.scm: Likewise.
* tests/channels.scm: Likewise.
* tests/packages.scm: Likewise.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2020-02-09 23:16:45 +0100'>2020-02-09</span></td><td><a href='/guix/commit/gnu/machine.scm?id=e81344428726f3dae5d2a2e7bb296f46fcde6cc5'>Update e-mail address for Jakob L. Kreuze.</a><span class='msg-avail'>...<span class='msg-tooltip'>As requested here:
&lt;https://lists.gnu.org/archive/html/guix-devel/2020-02/msg00128.html&gt;.

* .mailmap: Add an entry for Jakob.
* gnu/machine.scm, gnu/machine/digital-ocean.scm, gnu/machine/ssh.scm,
gnu/packages/admin.scm, gnu/packages/i2p.scm, gnu/packages/music.scm,
gnu/packages/web.scm, gnu/tests/reconfigure.scm, guix/scripts/deploy.scm,
guix/scripts/system/reconfigure.scm: Update their e-mail address.
</span></span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2019-12-08 00:47:26 +0100'>2019-12-08</span></td><td><a href='/guix/commit/gnu/machine.scm?id=a1d7920861a8d6c6774149eaf939eb2636942090'>machine: Remove unnecessary record self-referencing bindings.</a><span class='msg-avail'>...<span class='msg-tooltip'>'this-machine' and 'this-machine-ssh-configuration' were useless given
that there are no thunked fields.

* gnu/machine.scm (&lt;machine&gt;)[this-machine]: Remove.
* gnu/machine/ssh.scm (&lt;machine-ssh-configuration&gt;)
[this-machine-ssh-configuration]: Remove.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2019-12-07 00:59:56 +0100'>2019-12-07</span></td><td><a href='/guix/commit/gnu/machine.scm?id=eaabc5e87f4e48d7bce88ca231f5fc2d554ca3d6'>machine: Add provenance tracking to each machine operating system.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/machine.scm (&lt;machine&gt;): Rename accessor to
'%machine-operating-system'.
(machine-operating-system): New procedure.
* doc/guix.texi (Service Reference): Mention it.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2019-08-15 07:43:09 -0400'>2019-08-15</span></td><td><a href='/guix/commit/gnu/machine.scm?id=9c70c460a05b2bc60f3f3602f0a2dba0f79ce86c'>machine: Implement 'roll-back-machine'.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/machine.scm (roll-back-machine, &amp;deploy-error, deploy-error?)
(deploy-error-should-roll-back)
(deploy-error-captured-args): New variable.
* gnu/machine/ssh.scm (roll-back-managed-host): New variable.
* guix/scripts/deploy.scm (guix-deploy): Roll-back systems when a
deployment fails.
</span></span></td><td>Jakob L. Kreuze</td></tr>
<tr><td><span title='2019-08-06 15:48:51 -0400'>2019-08-06</span></td><td><a href='/guix/commit/gnu/machine.scm?id=d97ce20400b5d2967bfbc0e9fbfb99bbb2daed4f'>machine: Rename 'system' field.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/machine.scm (machine-system): Delete variable.
(machine-operating-system): New variable.
All callers changed.
* doc/guix.texi (Invoking guix deploy): Use the
'machine-operating-system' accessor rather than 'machine-system'.
</span></span></td><td>Jakob L. Kreuze</td></tr>
<tr><td><span title='2019-07-06 02:10:04 -0400'>2019-07-06</span></td><td><a href='/guix/commit/gnu/machine.scm?id=fa9edf09e992db7510c7471486dffc93e1e707e5'>gnu: Add machine type for deployment specifications.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/machine.scm: New file.
* gnu/machine/ssh.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
</span></span></td><td>Jakob L. Kreuze</td></tr>

Age	Commit message (Expand)	Author
2022-02-08	gnu: Fix typo....* gnu/machine.scm: Fix typo in top-level comment. Signed-off-by: Ludovic Courtès <ludo@gnu.org>	jgart
2020-07-25	utils: Move <location> and '&error-location' to (guix diagnostics)....* guix/utils.scm (<location>, source-properties->location) (location->source-properties, &error-location): Move to... * guix/diagnostics.scm: ... here. * gnu.scm: Adjust imports accordingly. * gnu/machine.scm: Likewise. * gnu/system.scm: Likewise. * gnu/tests.scm: Likewise. * guix/inferior.scm: Likewise. * tests/channels.scm: Likewise. * tests/packages.scm: Likewise.	Ludovic Courtès
2020-02-09	Update e-mail address for Jakob L. Kreuze....As requested here: <https://lists.gnu.org/archive/html/guix-devel/2020-02/msg00128.html>. * .mailmap: Add an entry for Jakob. * gnu/machine.scm, gnu/machine/digital-ocean.scm, gnu/machine/ssh.scm, gnu/packages/admin.scm, gnu/packages/i2p.scm, gnu/packages/music.scm, gnu/packages/web.scm, gnu/tests/reconfigure.scm, guix/scripts/deploy.scm, guix/scripts/system/reconfigure.scm: Update their e-mail address.	Tobias Geerinckx-Rice
2019-12-08	machine: Remove unnecessary record self-referencing bindings....'this-machine' and 'this-machine-ssh-configuration' were useless given that there are no thunked fields. * gnu/machine.scm (<machine>)[this-machine]: Remove. * gnu/machine/ssh.scm (<machine-ssh-configuration>) [this-machine-ssh-configuration]: Remove.	Ludovic Courtès
2019-12-07	machine: Add provenance tracking to each machine operating system....* gnu/machine.scm (<machine>): Rename accessor to '%machine-operating-system'. (machine-operating-system): New procedure. * doc/guix.texi (Service Reference): Mention it.	Ludovic Courtès
2019-08-15	machine: Implement 'roll-back-machine'....* gnu/machine.scm (roll-back-machine, &deploy-error, deploy-error?) (deploy-error-should-roll-back) (deploy-error-captured-args): New variable. * gnu/machine/ssh.scm (roll-back-managed-host): New variable. * guix/scripts/deploy.scm (guix-deploy): Roll-back systems when a deployment fails.	Jakob L. Kreuze
2019-08-06	machine: Rename 'system' field....* gnu/machine.scm (machine-system): Delete variable. (machine-operating-system): New variable. All callers changed. * doc/guix.texi (Invoking guix deploy): Use the 'machine-operating-system' accessor rather than 'machine-system'.	Jakob L. Kreuze
2019-07-06	gnu: Add machine type for deployment specifications....* gnu/machine.scm: New file. * gnu/machine/ssh.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.	Jakob L. Kreuze