guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] gnu: curl: Update to 7.41.0. Fix #20121.


From: Mark H Weaver
Subject: Re: [PATCH] gnu: curl: Update to 7.41.0. Fix #20121.
Date: Sun, 22 Mar 2015 14:16:00 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux)

Tomáš Čech <address@hidden> writes:

> On Sun, Mar 22, 2015 at 12:56:43PM -0400, Mark H Weaver wrote:
>>
>>It would be better to avoid passing the --with-ca-path= option.  We are
>>attempting to move away from having any compiled-in system-wide location
>>for the CA trust store.  Each user should be able to specify their
>>desired trust store using environment variables or other settings.
>
> I verified that patch is now sufficient as solution and I verified
> that it respects SSL_CERT_DIR with that so it is ideal solution.

Sounds perfect!

> Thanks for kicking me step further. (And yes, that patch is really
> needed :)

Thanks very much for your role in getting that patch produced and
upstreamed.  It sounds like this will allow our 'git' to consult
SSL_CERT_DIR when checking https certificates, which was not possible
before when libcurl was linked with GnuTLS.  Instead, we had to create a
legacy single-file trust store and set SSL_CERT_FILE.  There may still
be other programs that require the single-file trust store, but I'm glad
that libcurl-based programs can now be crossed off that list :)

      Mark



reply via email to

[Prev in Thread] Current Thread [Next in Thread]