Marius Bakke writes: > ng0 writes: > >> * gnu/packages/curl.scm (curl)[arguments]: Add "--with-ca-bundle" configure flag. >> [arguments]: Disable failing test number 324. >> --- >> gnu/packages/curl.scm | 13 ++++++++++++- >> 1 file changed, 12 insertions(+), 1 deletion(-) >> >> diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm >> index 7329d870d..3473055b8 100644 >> --- a/gnu/packages/curl.scm >> +++ b/gnu/packages/curl.scm >> @@ -4,6 +4,7 @@ >> ;;; Copyright © 2015 Tomáš Čech >> ;;; Copyright © 2015 Ludovic Courtès >> ;;; Copyright © 2016 Leo Famulari >> +;;; Copyright © 2017 ng0 >> ;;; >> ;;; This file is part of GNU Guix. >> ;;; >> @@ -65,7 +66,8 @@ >> ("pkg-config" ,pkg-config) >> ("python" ,python-2))) >> (arguments >> - `(#:configure-flags '("--with-gnutls" "--with-gssapi") >> + `(#:configure-flags '("--with-gnutls" "--with-gssapi" >> + "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt") > > This may not work on all distros, and is "impure" since this path is not > managed by Guix. If we are doing this, it should be referring to > (string-append (assoc-ref %build-inputs "nss-certs") "/etc/ssl/..."). > That will likely fix the test as well. I realized shortly after posting why this wasn't done already. Curl has 1403 dependent packages, which would apply for "nss-certs" as well if that is added as input. Obviously we want to be able to update TLS certificates quickly without rebuilding ~1/4 of the tree. Perhaps it could be added as a separate package, or by e.g. renaming the current curl package to "curl-minimal".