Description
Though, I have reported this upstream, but since git2-rs is a downstream consumer and effectively renders the process environment useless, therefore reporting here again.
init() calls openssl_env_init() in good spirit, but completely breaks certificate validation because openssl_probe::init_ssl_cert_env_vars() sets invalid environment variables. This directly affects cargo since it uses curl-rust which in turn uses system's OpenSSL.
FreeBSD has a system default truststore managed by certctl(8) which is wired with the system's OpenSSL. There is no need to override that in anyway unless the user wishes to. I have a working simple patch which solves the issue for FreeBSD. I cannot tell for other systems, but this call could be problematic somewhere else as well, thefore curl-rust adds an explict off-by-default config for it: https://github.com/alexcrichton/curl-rust/blob/da8ebac10b60458e73d32a9c5834b08c980d5b59/src/easy/handler.rs#L677
PS: I am a FreeBSD committer.