From 2ae03883c2526965f1a93cf5c691c41f02dc14b4 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Fri, 9 Jun 2017 16:45:38 +0200 Subject: [PATCH] gnu: curl: Look up SSL certificates in /etc/ssl/certs by default. * gnu/packages/curl.scm (curl)[arguments]<#:configure-flags>: Add '--with-ca-path'. <#:phases>: Delete test that tries to use it. --- gnu/packages/curl.scm | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index 2e4a48d1e..7248a6d40 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -67,7 +67,14 @@ ("pkg-config" ,pkg-config) ("python" ,python-2))) (arguments - `(#:configure-flags '("--with-gnutls" "--with-gssapi") + `(#:configure-flags '("--with-gnutls" "--with-gssapi" + ;; Hard-code a default CA certificate path so that + ;; most things work "out of the box", at least on + ;; GuixSD and Debian-based distributions. + ;; libcurl does not support overriding this at runtime + ;; except through the API, and it's impractical to + ;; patch every application to respect CURL_CA_BUNDLE. + "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt") ;; Add a phase to patch '/bin/sh' occurances in tests/runtests.pl #:phases (modify-phases %standard-phases @@ -87,6 +94,10 @@ (substitute* "tests/runtests.pl" (("/bin/sh") (which "sh"))) + ;; XXX: This test fails because the default CA bundle path + ;; does not exist in the build environment. + (delete-file "tests/data/test324") + ;; XXX FIXME: Test #1510 seems to work on some machines and not ;; others, possibly based on the kernel version. It works on GuixSD ;; on x86_64 with linux-libre-4.1, but fails on Hydra for both i686 -- 2.14.3