From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Stefan Monnier <monnier@IRO.UMontreal.CA>
Newsgroups: gmane.emacs.devel
Subject: Re: need help with certificate bundles for ALL the platforms Emacs
	supports
Date: Sun, 12 Feb 2012 22:28:24 -0500
Message-ID: <jwvvcnbzag5.fsf-monnier+emacs@gnu.org>
References: <4F25FA2F.2010401@gmail.com>
	<F076A8BD691F41DA9BABE716EA24A149@us.oracle.com>
	<4F27F4A1.6030907@gmail.com>
	<6E4BE1E758D04283A7C3A660ED379966@us.oracle.com>
	<87liolnipl.fsf@lifelogs.com>
	<50081AA79F2F4860A3B9DCEDFC1ABEC8@us.oracle.com>
	<877h04nc2e.fsf@lifelogs.com> <83ehucfjc8.fsf@gnu.org>
	<87r4ycjbjz.fsf_-_@lifelogs.com> <83mx8zev8s.fsf@gnu.org>
	<87vcnnj1xm.fsf@lifelogs.com> <87ipjgw0r3.fsf_-_@lifelogs.com>
	<87zkcqr4td.fsf@lifelogs.com> <jwv1uq234d2.fsf-monnier+emacs@gnu.org>
	<87fwef8zui.fsf@lifelogs.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1329103713 25878 80.91.229.3 (13 Feb 2012 03:28:33 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Mon, 13 Feb 2012 03:28:33 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Feb 13 04:28:33 2012
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Rwmac-0002BQ-Q9
	for ged-emacs-devel@m.gmane.org; Mon, 13 Feb 2012 04:28:30 +0100
Original-Received: from localhost ([::1]:48111 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Rwmac-0000QI-9w
	for ged-emacs-devel@m.gmane.org; Sun, 12 Feb 2012 22:28:30 -0500
Original-Received: from eggs.gnu.org ([140.186.70.92]:33140)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <monnier@iro.umontreal.ca>) id 1RwmaZ-0000Pu-BI
	for emacs-devel@gnu.org; Sun, 12 Feb 2012 22:28:28 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <monnier@iro.umontreal.ca>) id 1RwmaY-0001pB-C9
	for emacs-devel@gnu.org; Sun, 12 Feb 2012 22:28:27 -0500
Original-Received: from pruche.dit.umontreal.ca ([132.204.246.22]:42204)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <monnier@iro.umontreal.ca>) id 1RwmaY-0001p0-6i
	for emacs-devel@gnu.org; Sun, 12 Feb 2012 22:28:26 -0500
Original-Received: from pastel.home (lechon.iro.umontreal.ca [132.204.27.242])
	by pruche.dit.umontreal.ca (8.14.1/8.14.1) with ESMTP id q1D3SOG8008708;
	Sun, 12 Feb 2012 22:28:25 -0500
Original-Received: by pastel.home (Postfix, from userid 20848)
	id 96CA359537; Sun, 12 Feb 2012 22:28:24 -0500 (EST)
In-Reply-To: <87fwef8zui.fsf@lifelogs.com> (Ted Zlatanov's message of "Sun, 12
	Feb 2012 17:13:25 -0500")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.92 (gnu/linux)
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 5
X-NAI-Spam-Score: 0
X-NAI-Spam-Rules: 1 Rules triggered
	RV4130=0
X-NAI-Spam-Version: 2.2.0.9309 : core <4130> : streams <728081> : uri <1064347>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 132.204.246.22
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:148533
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/148533>

> +(defcustom gnutls-trustfiles '(
> +                               ;; Debian, Ubuntu, Gentoo and Arch Linux
> +                               "/etc/ssl/certs/ca-certificates.crt"
> +                               ;; Fedora and RHEL
> +                               "/etc/pki/tls/certs/ca-bundle.crt"
> +                               ;; Suse
> +                               "/etc/ssl/ca-bundle.pem"
> +                               )
> +  "List of functions or filenames yielding CA bundle locations.
> +The files may be in PEM or DER format, as per the GnuTLS documentation.
> +The files may not exist, in which case they will be ignored.
> +Functions will be called and may return a filename or a list of filenames."
> +  :group 'gnutls
> +  :type '(repeat (choice (function :tag "Function")
> +                         (file :tag "Bundle filename"))))

How 'bout something like

   (defcustom gnutls-trustfile
       (let ((file (if (boundp 'cert-bundle-location)
                       cert-bundle-location))
             (candidates 
              '("/etc/ssl/certs/ca-certificates.crt" ; Debian, Gentoo, Arch.
                "/etc/pki/tls/certs/ca-bundle.crt"   ; Fedora and RHEL.
                "/etc/ssl/ca-bundle.pem"             ; Suse.
                )))
         (while candidates
           (if (file-readable-p (car candidates))
               (setq file (car candidate) candidates nil)
             (setq candidates (cdr candidates))))
         file)
     "Name of the CA bundle file.
   The file may be in PEM or DER format, as per the GnuTLS documentation."
     :group 'gnutls
     :type '(choice (const nil) (file :tag "Bundle filename")))


-- Stefan