tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: wip/gnurl: Request for review



Leonardo Taccari transcribed 593 bytes:
> > [...]
> > So given that I don't see a way to get the gnutls certificates path, and having a
> > package work out the box, assuming that ${SSLCERTS} exists should be okay?
> > Those settings are required when I go ahead with this:
> >
> > CONFIGURE_ARGS+=        --with-ca-path=${SSLCERTS}
> > .include "../../security/openssl/buildlink3.mk"
> > [...]
> 
> Couldn't `CONFIGURE_ARGS+= --with-ca-fallback' be used instead to
> automatically pick up the ones preferred by gnutls?
> 
> (security/gnutls is already built with
> `--with-default-trust-store-file=${PREFIX}/share/mozilla-rootcerts/cacert.pem')

Just tried that and it keeps producing negative results.
What we have on other systems is CURL_CA_BUNDLE as a environment variable.
in practice this works out rather unreliable, at least the way it is
approached for curl and gnurl in Guix (ensure that every application packaged
respects this variable and if not, patch the application to do so if it uses
curl).
Is setting $sslcert a problem? I'm trying to understand the implications,
I've packaged software for some time this is just my first with pkgsrc.


Home | Main Index | Thread Index | Old Index