From mboxrd@z Thu Jan  1 00:00:00 1970
From: Pierre Neidhardt <mail@ambrevar.xyz>
Subject: Re: WebKit: Failing to play most HTML5 videos
Date: Sun, 13 Jan 2019 20:40:42 +0100
Message-ID: <87o98k8hxh.fsf@ambrevar.xyz>
References: <87bm5wtd3d.fsf@ambrevar.xyz> <87sgz45vj6.fsf@elephly.net>
	<87r2eoashg.fsf@ambrevar.xyz> <87pnu8as0n.fsf@ambrevar.xyz>
	<87h8fj5x5u.fsf@elephly.net> <877egf5gme.fsf@elephly.net>
	<875zvz5gbv.fsf@elephly.net> <87va3ozecr.fsf@ambrevar.xyz>
	<87k1k4scqe.fsf@elephly.net> <87sgyszd31.fsf@ambrevar.xyz>
	<87ftuss21m.fsf@elephly.net> <87ftusyw5q.fsf@ambrevar.xyz>
	<87d0pvsxj3.fsf@elephly.net> <87tvj79mjv.fsf@ambrevar.xyz>
	<875zvnrt11.fsf@elephly.net> <87lg4j9hqd.fsf@ambrevar.xyz>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
Return-path: <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([209.51.188.92]:39374)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mail@ambrevar.xyz>) id 1gilcm-000053-4t
	for help-guix@gnu.org; Sun, 13 Jan 2019 14:40:48 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mail@ambrevar.xyz>) id 1gilcl-0006ni-6F
	for help-guix@gnu.org; Sun, 13 Jan 2019 14:40:48 -0500
Received: from relay11.mail.gandi.net ([217.70.178.231]:34485)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <mail@ambrevar.xyz>) id 1gilck-0006lg-U1
	for help-guix@gnu.org; Sun, 13 Jan 2019 14:40:47 -0500
In-reply-to: <87lg4j9hqd.fsf@ambrevar.xyz>
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/help-guix/>
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=subscribe>
Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org
Sender: "Help-Guix" <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
To: Ricardo Wurmus <rekado@elephly.net>
Cc: help-guix <help-guix@gnu.org>

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

I've investigated some bits.=20

gst-plugins-bad uses the CURLOPT_CAPATH and CURLOPT_CAINFO environment vari=
ables
to find the certificate.
Ricardo, do you know some other knobs?

Looking at existing Guix packages, I found those:

=2D Curl:

=2D-8<---------------cut here---------------start------------->8---
    ;; Note: This search path is respected by the `curl` command-line tool =
only.
    ;; Ideally we would bake this into libcurl itself so other users can be=
nefit,
    ;; but it's not supported upstream due to thread safety concerns.
    (list (search-path-specification
           (variable "CURL_CA_BUNDLE")
           (file-type 'regular)
           (separator #f)                         ;single entry
           (files '("etc/ssl/certs/ca-certificates.crt"))))
=2D-8<---------------cut here---------------end--------------->8---

=2D Feh:

=2D-8<---------------cut here---------------start------------->8---
    (native-search-paths
     ;; Feh allows overriding the libcurl builtin CA path (unset in Guix)
     ;; with the same variable as the `curl` command line HTTP tool.
     (package-native-search-paths curl))
=2D-8<---------------cut here---------------end--------------->8---

=2D Octave-cli

=2D-8<---------------cut here---------------start------------->8---
    ;; Octave code uses this variable to detect directories holding multipl=
e CA
    ;; certificates to verify peers with.  This is required for the network=
ing
    ;; functions that require encryption to work properly.
    (native-search-paths
     (list (search-path-specification
            (variable "CURLOPT_CAPATH")
            (files '("etc/ssl/certs")))))
=2D-8<---------------cut here---------------end--------------->8---

So my best bet would be to add the aforementioned variables to curl, and th=
en do
a:

    (native-search-paths
     (package-native-search-paths curl))
=20=20=20=20=20
from gst-plugins-bad or, if it does not work, from the individual web brows=
ers.

I'll test this and report.

Thoughts?

=2D-=20
Pierre Neidhardt
https://ambrevar.xyz/

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEUPM+LlsMPZAEJKvom9z0l6S7zH8FAlw7lDoACgkQm9z0l6S7
zH8utwf/XkKJb+PXcjL5CARnPFKnZGrOXmhvIUwAwWfEwgyCmq9bkvZIndzOe8xs
GPPx8IJ9BOgzybSG85gGDGvlotsiIENyLDcxNvt4Q84Gukbihw+dsV0Eit4w0u2K
h/PcRkoGi9YeZhTZcTazsXqXRh41dFrAZAD1snVbSb7gx7JxUBLubs2xxzghjVtf
lDGehEjjQZOMslZPKALJESyi4OatAU4vvbva4XDe76gnyQGCit/jBKDTSUrDGr+B
ZRNyNLJ/p8+LOvavH9kHEassFAhndUs907w8rnITgDOMpr+fqsoYz8XXW3li+fjk
cdNRBXECp4G/BxDfZ+ejJdgbFDiivQ==
=JZ3T
-----END PGP SIGNATURE-----
--=-=-=--