Re: wip/gnurl: Request for review

To: tech-pkg%netbsd.org@localhost
Subject: Re: wip/gnurl: Request for review
From: ng0%n0.is@localhost
Date: Mon, 21 Jan 2019 13:59:42 +0000

Leonardo Taccari transcribed 593 bytes:
> > [...]
> > So given that I don't see a way to get the gnutls certificates path, and having a
> > package work out the box, assuming that ${SSLCERTS} exists should be okay?
> > Those settings are required when I go ahead with this:
> >
> > CONFIGURE_ARGS+=        --with-ca-path=${SSLCERTS}
> > .include "../../security/openssl/buildlink3.mk"
> > [...]
> 
> Couldn't `CONFIGURE_ARGS+= --with-ca-fallback' be used instead to
> automatically pick up the ones preferred by gnutls?
> 
> (security/gnutls is already built with
> `--with-default-trust-store-file=${PREFIX}/share/mozilla-rootcerts/cacert.pem')

Just tried that and it keeps producing negative results.
What we have on other systems is CURL_CA_BUNDLE as a environment variable.
in practice this works out rather unreliable, at least the way it is
approached for curl and gnurl in Guix (ensure that every application packaged
respects this variable and if not, patch the application to do so if it uses
curl).
Is setting $sslcert a problem? I'm trying to understand the implications,
I've packaged software for some time this is just my first with pkgsrc.

Follow-Ups:
- Re: wip/gnurl: Request for review
  - From: Leonardo Taccari

References:
- wip/gnurl: Request for review
  - From: ng0
- Re: wip/gnurl: Request for review
  - From: Santhosh Raju
- Re: wip/gnurl: Request for review
  - From: ng0
- Re: wip/gnurl: Request for review
  - From: Santhosh Raju
- Re: wip/gnurl: Request for review
  - From: ng0
- Re: wip/gnurl: Request for review
  - From: Leonardo Taccari

Prev by Date: Re: wip/gnurl: Request for review
Next by Date: Re: wip/gnurl: Request for review
Previous by Thread: Re: wip/gnurl: Request for review
Next by Thread: Re: wip/gnurl: Request for review
Indexes:

Home | Main Index | Thread Index | Old Index