Ricardo Wurmus transcribed 1.6K bytes: > > Marius Bakke writes: > > > ng0 writes: > > > >> feh https://i.imgur.com/263enxT.jpg > >> feh opens image > >> > >> Problem: > >> user@abyayala ~/src/guix/guix$ feh https://i.imgur.com/263enxT.jpg > >> feh WARNING: open url: server certificate verification failed. CAfile: none CRLfile: none > >> feh WARNING: https://i.imgur.com/263enxT.jpg - File does not exist > >> feh: No loadable images specified. > >> See 'man feh' for detailed usage information > >> > >> nss etc are in my profile, no problem with other curl based applications. > > > > The attached patch should fix the problem. Can you try it? Thanks! I'll test it in the next couple of days. > We’ve done something similar in r-curl IIRC. I wonder if we should just > patch libcurl, so that all users of libcurl would benefit from this change. In my opinion that would be preferable. > > +diff --git a/src/imlib.c b/src/imlib.c > > +index dfb79aa..82a9865 100644 > > +--- a/src/imlib.c > > ++++ b/src/imlib.c > > +@@ -429,6 +429,10 @@ static char *feh_http_load_image(char *url) > > + if (opt.insecure_ssl) { > > + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); > > + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); > > ++ } else { > > ++ // Allow the user to specify custom CA certificates. > > ++ curl_easy_setopt(curl, CURLOPT_CAINFO, > > ++ getenv("CURL_CA_BUNDLE")); > > + } > > Is it safe to pass the empty string to curl_easy_setopt, in case > CURL_CA_BUNDLE is unset? Do we need to check the value first or can we > pass it without checking? > > -- > Ricardo > > GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC > https://elephly.net > > > -- ng0 GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588 GnuPG: https://dist.ng0.infotropique.org/dist/keys/ https://www.infotropique.org https://ng0.infotropique.org