From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ricardo Wurmus Subject: Re: WebKit: Failing to play most HTML5 videos Date: Wed, 12 Dec 2018 08:56:04 +0100 Message-ID: <875zvz5gbv.fsf@elephly.net> References: <87bm5wtd3d.fsf@ambrevar.xyz> <87sgz45vj6.fsf@elephly.net> <87r2eoashg.fsf@ambrevar.xyz> <87pnu8as0n.fsf@ambrevar.xyz> <87h8fj5x5u.fsf@elephly.net> <877egf5gme.fsf@elephly.net> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:37541) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gWzNk-0005vJ-H0 for help-guix@gnu.org; Wed, 12 Dec 2018 02:56:40 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gWzNg-00060a-DX for help-guix@gnu.org; Wed, 12 Dec 2018 02:56:36 -0500 Received: from sender-of-o53.zoho.com ([135.84.80.218]:21712) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gWzNg-0005zi-4i for help-guix@gnu.org; Wed, 12 Dec 2018 02:56:32 -0500 In-reply-to: <877egf5gme.fsf@elephly.net> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: Pierre Neidhardt Cc: help-guix Ricardo Wurmus writes: > Ricardo Wurmus writes: > >> Pierre Neidhardt writes: >> >>> With Epiphany: [=E2=80=A6] >>> 0:00:02.444056430 6908 0xdc3320 WARN curlhttpsrc gst= curlhttpsrc.c:1068:gst_curl_http_src_handle_response: Curl fa= iled the transfer (60): SSL peer certificate or SSH remote key was not OK >> >> That=E2=80=99s the same error I got. It may be worth checking if we can= patch >> gstcurlhttpsrc.c to ensure that the path of the certificate bundle is >> set via environment variable. >> >> A hack to check that this is indeed the cause might be to place the cert >> bundle in the expected default location that libcurl uses when the >> client does not specify a location. > > Here=E2=80=99s a little patch to confirm that indeed this problem is caus= ed by > gstcurlhttpsrc.c (of gst-plugins-bad) not configuring libcurl to look > for certificates in the right place: [=E2=80=A6] I should note that gstcurlhttpsrc.c has a mechanism to set the location of the ca-certificates.crt file: --8<---------------cut here---------------start------------->8--- g_object_class_install_property (gobject_class, PROP_SSL_CA_FILE, g_param_spec_string ("ssl-ca-file", "SSL CA File", "Location of an SSL CA file to use for checking SSL certificates", GSTCURL_HANDLE_DEFAULT_CURLOPT_CAINFO, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS)); --8<---------------cut here---------------end--------------->8--- I just don=E2=80=99t know how we could possibly provide a value for this property as we don=E2=80=99t call the plugin on the command line. It would= be nicer, of course, if we could use this mechanism instead of using a patch similar to what I showed in my previous email. -- Ricardo