[Bug 31474] [Patch] Make CA cert paths configurable more friendly
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Mon Nov 15 14:04:26 CET 2010
https://bugs.freedesktop.org/show_bug.cgi?id=31474
--- Comment #9 from Simon McVittie <simon.mcvittie at collabora.co.uk> 2010-11-15 05:04:26 PST ---
Review of attachment 40123:
--> (https://bugs.freedesktop.org/review?bug=31474&attachment=40123)
I'm inclined to merge this (but only in 0.11, and with a pointer in NEWS).
::: configure.ac
@@ -99,4 +99,30 @@
-AC_ARG_WITH(ca-certificates,
- AC_HELP_STRING([--with-ca-certificates],[path to CA certificates
@<:@default=/etc/ssl/certs/ca-certificates.crt@:>@]),
- ca_certificates_path="$withval",
ca_certificates_path="/etc/ssl/certs/ca-certificates.crt")
-AC_DEFINE_UNQUOTED(CA_CERTIFICATES_PATH, ["${ca_certificates_path}"], [Path to
CA certificates])
+# -----------------------------------------------------------
+# Make CA certificates path configurable
+# Stolen from GIO's TLS
... 27 more ...
I'm a bit suspicious about using a name that looks as though it "belongs to"
GLib too, but I don't think it's a big deal, and having exactly the same check
as GIO TLS seems like a win. It's not as if this is API or anything.
The new name does make it clearer that this is a CA-cert-bundle file, as
opposed to a directory of hashed symlinks (e.g. Debian's /etc/ssl/certs/) or a
$PATH-like search path, which I think is good.
Nicolas, if the current GIO TLS work doesn't already make this unnecessary,
could you add g_get_system_ca_file() or something so that long-term we can just
delegate this to GIO? :-)
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the telepathy-bugs
mailing list