[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#32530] [PATCH] gnu: octave: Fix CA certificate use.

From: Ludovic Courtès
Subject: [bug#32530] [PATCH] gnu: octave: Fix CA certificate use.
Date: Wed, 19 Sep 2018 21:52:32 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)


Marius Bakke <address@hidden> skribis:

> Kei Kebreau <address@hidden> writes:


>> Here's the search path patch. With this, I needed both nss-certs and
>> cURL installed alongside Octave to get certificates working.

This is expected (see <>), which is
why I wrote it wouldn’t quite solve the issue; still, it’s a step in the
right direction.  :-)

>> diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
>> index 6d45dc0cc..8bdba8655 100644
>> --- a/gnu/packages/curl.scm
>> +++ b/gnu/packages/curl.scm
>> @@ -83,7 +83,10 @@
>>             (variable "CURL_CA_BUNDLE")
>>             (file-type 'regular)
>>             (separator #f)                         ;single entry
>> -           (files '("etc/ssl/certs/ca-certificates.crt")))))
>> +           (files '("etc/ssl/certs/ca-certificates.crt")))
>> +          (search-path-specification
>> +           (variable "CURLOPT_CAPATH")
>> +           (files '("etc/ssl/certs")))))
> Adding this native-search-path to the "octave" package should be
> sufficient.

I think we should avoid doing this though, because conceptually
CURLOPT_CAPATH “belongs” to cURL, not to Octave.

> Then you won't need curl in the profile, nor do we need to rebuild all
> the things that depend on curl.  Can you try that?

The patch above can go to the next ‘core-updates’ IMO.

Kei, what about the two other options we discussed?  Namely:

>   2. On GuixSD, we could define CURLOPT_CAPATH=/etc/ssl/certs in
>      /etc/profile, like we already do for other variables.
>   3. We could document this variable under “X.509 Certificates” in the
>      manual.

Thank you!


reply via email to

[Prev in Thread] Current Thread [Next in Thread]