libcurl: specify capath

Submitted by Shawn J. Goff on April 17, 2013, 6:38 p.m.

Details

Message ID 1366223881-6367-1-git-send-email-shawn7400@gmail.com
State Superseded
Headers show

Commit Message

Shawn J. Goff April 17, 2013, 6:38 p.m.
From: "Shawn J. Goff" <shawn7400@gmail.com>

Since openssl's path is '/etc/ssl/' (specified in our openssl package),
we should also make sure that's what curl is using.

Previously, it's hasn't been specified, which means it changes depending
on the host system where it's compiled.

Signed-off-by: Shawn J. Goff <shawn7400@gmail.com>
---
 package/libcurl/libcurl.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Peter Korsgaard April 17, 2013, 8:06 p.m.
>>>>> "Shawn" == Shawn J Goff <shawn7400@gmail.com> writes:

 Shawn> From: "Shawn J. Goff" <shawn7400@gmail.com>
 Shawn> Since openssl's path is '/etc/ssl/' (specified in our openssl package),
 Shawn> we should also make sure that's what curl is using.

 Shawn> Previously, it's hasn't been specified, which means it changes depending
 Shawn> on the host system where it's compiled.

Out of interest, how does it get this info?

 Shawn> Signed-off-by: Shawn J. Goff <shawn7400@gmail.com>
 Shawn> ---
 Shawn>  package/libcurl/libcurl.mk | 2 +-
 Shawn>  1 file changed, 1 insertion(+), 1 deletion(-)

 Shawn> diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk
 Shawn> index a631953..75c9601 100644
 Shawn> --- a/package/libcurl/libcurl.mk
 Shawn> +++ b/package/libcurl/libcurl.mk
 Shawn> @@ -16,7 +16,7 @@ LIBCURL_INSTALL_STAGING = YES
 Shawn>  # probably almost never used. See
 Shawn>  # http://curl.haxx.se/docs/manpage.html#--ntlm.
 Shawn>  LIBCURL_CONF_OPT = --disable-verbose --disable-manual \
 Shawn> -	--enable-hidden-symbols --disable-ntlm-wb
 Shawn> +	--enable-hidden-symbols --disable-ntlm-wb --with-ca-path=/etc/ssl/certs

It would make more sense to move this under the BR2_PACKAGE_OPENSSL
conditional.
Shawn J. Goff April 17, 2013, 9:30 p.m.
On Wed, Apr 17, 2013 at 4:06 PM, Peter Korsgaard <jacmet@uclibc.org> wrote:
>>>>>> "Shawn" == Shawn J Goff <shawn7400@gmail.com> writes:
>
>  Shawn> From: "Shawn J. Goff" <shawn7400@gmail.com>
>  Shawn> Since openssl's path is '/etc/ssl/' (specified in our openssl package),
>  Shawn> we should also make sure that's what curl is using.
>
>  Shawn> Previously, it's hasn't been specified, which means it changes depending
>  Shawn> on the host system where it's compiled.
>
> Out of interest, how does it get this info?
>

"...it checks a few known paths to see where it might find the default
ca-cert for that system."
from http://curl.haxx.se/mail/lib-2009-08/0223.html

>  Shawn> Signed-off-by: Shawn J. Goff <shawn7400@gmail.com>
>  Shawn> ---
>  Shawn>  package/libcurl/libcurl.mk | 2 +-
>  Shawn>  1 file changed, 1 insertion(+), 1 deletion(-)
>
>  Shawn> diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk
>  Shawn> index a631953..75c9601 100644
>  Shawn> --- a/package/libcurl/libcurl.mk
>  Shawn> +++ b/package/libcurl/libcurl.mk
>  Shawn> @@ -16,7 +16,7 @@ LIBCURL_INSTALL_STAGING = YES
>  Shawn>  # probably almost never used. See
>  Shawn>  # http://curl.haxx.se/docs/manpage.html#--ntlm.
>  Shawn>  LIBCURL_CONF_OPT = --disable-verbose --disable-manual \
>  Shawn> -       --enable-hidden-symbols --disable-ntlm-wb
>  Shawn> +       --enable-hidden-symbols --disable-ntlm-wb --with-ca-path=/etc/ssl/certs
>
> It would make more sense to move this under the BR2_PACKAGE_OPENSSL
> conditional.
It would. Another patch is coming.

Patch hide | download patch | download mbox

diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk
index a631953..75c9601 100644
--- a/package/libcurl/libcurl.mk
+++ b/package/libcurl/libcurl.mk
@@ -16,7 +16,7 @@  LIBCURL_INSTALL_STAGING = YES
 # probably almost never used. See
 # http://curl.haxx.se/docs/manpage.html#--ntlm.
 LIBCURL_CONF_OPT = --disable-verbose --disable-manual \
-	--enable-hidden-symbols --disable-ntlm-wb
+	--enable-hidden-symbols --disable-ntlm-wb --with-ca-path=/etc/ssl/certs
 LIBCURL_CONFIG_SCRIPTS = curl-config
 
 ifeq ($(BR2_PACKAGE_OPENSSL),y)