Date: prev next · Thread: first prev next last
2016 Archives by date, by thread · List index


Hi all,

This gerrit:
<https://gerrit.libreoffice.org/23141>

is a proposed fix for tdf#98416
<https://bugs.documentfoundation.org/show_bug.cgi?id=98416>

In curl doc about ssl store, here:
<https://curl.haxx.se/docs/sslcerts.html>

the relevant quote:
"
...

--with-ca-bundle=FILE: use the specified file as CA certificate store. CA certificates need to be concatenated in PEM format into this file.

--with-ca-path=PATH: use the specified path as CA certificate store. CA certificates need to be stored as individual PEM files in this directory. You may need to run c_rehash after adding files there.

If neither of the two options is specified, configure will try to auto-detect a setting. It's also possible to explicitly not hardcode any default store but rely on the built in default the crypto library may provide instead. You can achieve that by passing both --without-ca-bundle and --without-ca-path to the configure script.

...
"
Hence the need to explicitly disable the hardcoded store, the comment in the gerrit patch should be explicative.

IIRC in LO, curl relies on nss for the CA certificate store, not on curl own store.

--
Kind Regards,
Giuseppe Castagno aka beppec56
Acca Esse http://www.acca-esse.eu
giuseppe.castagno at acca-esse.eu

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.