From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: [PATCH] gnurl: add CA path to configure-flags
Date: Tue, 14 Jun 2016 12:12:56 +0200
Message-ID: <87y468gjtj.fsf@gnu.org>
References: <20160611205128.GA23445@khazad-dum> <20160612142215.GA20253@solar>
	<87eg81du97.fsf@gnu.org> <20160613153834.GA4065@khazad-dum>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:37352)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1bClLD-0006qn-39
	for guix-devel@gnu.org; Tue, 14 Jun 2016 06:13:04 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1bClL8-0001el-Sp
	for guix-devel@gnu.org; Tue, 14 Jun 2016 06:13:02 -0400
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:50144)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1bClL8-0001ec-P9
	for guix-devel@gnu.org; Tue, 14 Jun 2016 06:12:58 -0400
Received: from pluto.bordeaux.inria.fr ([193.50.110.57]:60196 helo=pluto)
	by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
	(Exim 4.82) (envelope-from <ludo@gnu.org>) id 1bClL8-0001TZ-3k
	for guix-devel@gnu.org; Tue, 14 Jun 2016 06:12:58 -0400
In-Reply-To: <20160613153834.GA4065@khazad-dum> (ng0@we.make.ritual.n0.is's
	message of "Mon, 13 Jun 2016 15:38:34 +0000")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

ng0 <ng0@we.make.ritual.n0.is> skribis:

> On 2016-06-13(04:43:32+0200), Ludovic Court=C3=A8s wrote:
>> Hi,
>>
>> Andreas Enge <andreas@enge.fr> skribis:
>>
>> > On Sat, Jun 11, 2016 at 08:51:28PM +0000, ng0 wrote:
>> >> * gnurl(configure-flags): --with-ca-path=3D/etc/ssl/certs/
>> >
>> > my impression is that this absolute path does not do what we would like
>> > it to. Optimally, the user would decide, by installing a certificate b=
undle
>> > into the profile, which certificates to use. And on a foreign distro, =
the
>> > random certificate bundle in /etc/ssl/certs, which does not come from =
Guix,
>> > would be used by the Guix gnurl, which would be surprising.
>>
>> Besides, our cURL and Gnurl packages are linked against GnuTLS, which is
>> itself configured with =E2=80=98--with-default-trust-store-dir=3D/etc/ss=
l/certs=E2=80=99.
>>
>> Does =E2=80=98--with-ca-path=E2=80=99 change anything to that?
>>
>> Thanks,
>> Ludo=E2=80=99.
>>
>
> I strongly assume that with those set, --with-ca-path is unnecessary.

Fine.  :-)

> I know patches are now tracked in patchworks, can they be closed via
> Email, or do I have to sign up? Else someone who already is signed up
> can close this, as from my perspective this is done.

I think one has to login, which is quite inconvenient.

Ludo=E2=80=99.