On Tue, Feb 13, 2018 at 4:28 AM, John Crispin <j...@phrozen.org> wrote: > > > On 25/01/18 04:29, Rosen Penev wrote: >> >> On Wed, Jan 24, 2018 at 1:56 PM, Hauke Mehrtens <ha...@hauke-m.de> wrote: >>> >>> On 01/24/2018 05:28 AM, Rosen Penev wrote: >>>> >>>> At least one application (transmission) depends on CURL_CA_BUNDLE being >>>> set in order to operate properly (Could not connect to tracker errors). >>>> As far as I can tell, there's no real drawback to doing this for all >>>> TLS libraries supported by curl. >>> >>> Do all of these libraries support --with-ca-bundle ? >>> >> OpenSSL I know does. GnuTLS most likely does as it seems to be geared >> towards desktop systems. > > > Hi, > > "most likely" is not good enough. please compile/runtime test your patches > for all possible combos before posting them. > I've fixed the transmission issue by setting the env parameter to the proper value. Meaning this patch doesn't help in this case. It probably does in others.
A quick Google search shows that it does indeed work with GnuTLS. Maybe it didn't with some previous version. > John > >>>> Signed-off-by: Rosen Penev <ros...@gmail.com> >>>> --- >>>> package/network/utils/curl/Makefile | 10 ++++++---- >>>> 1 file changed, 6 insertions(+), 4 deletions(-) >>>> >>>> diff --git a/package/network/utils/curl/Makefile >>>> b/package/network/utils/curl/Makefile >>>> index 17fcf70..930bd10 100644 >>>> --- a/package/network/utils/curl/Makefile >>>> +++ b/package/network/utils/curl/Makefile >>>> @@ -111,13 +111,15 @@ CONFIGURE_ARGS += \ >>>> --without-nss \ >>>> --without-libmetalink \ >>>> --without-librtmp \ >>>> + --without-ca-path \ >>>> + --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \ >>>> \ >>>> $(call autoconf_bool,CONFIG_IPV6,ipv6) \ >>>> \ >>>> - $(if $(CONFIG_LIBCURL_WOLFSSL),--with-cyassl="$(STAGING_DIR)/usr" >>>> --without-ca-path >>>> --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt,--without-cyassl) \ >>>> - $(if $(CONFIG_LIBCURL_GNUTLS),--with-gnutls="$(STAGING_DIR)/usr" >>>> --without-ca-bundle --with-ca-path=/etc/ssl/certs,--without-gnutls) \ >>>> - $(if $(CONFIG_LIBCURL_OPENSSL),--with-ssl="$(STAGING_DIR)/usr" >>>> --without-ca-bundle --with-ca-path=/etc/ssl/certs,--without-ssl) \ >>>> - $(if $(CONFIG_LIBCURL_MBEDTLS),--with-mbedtls="$(STAGING_DIR)/usr" >>>> --without-ca-path >>>> --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt,--without-mbedtls) \ >>>> + $(if >>>> $(CONFIG_LIBCURL_WOLFSSL),--with-cyassl="$(STAGING_DIR)/usr",--without-cyassl) >>>> \ >>>> + $(if >>>> $(CONFIG_LIBCURL_GNUTLS),--with-gnutls="$(STAGING_DIR)/usr",--without-gnutls) >>>> \ >>>> + $(if >>>> $(CONFIG_LIBCURL_OPENSSL),--with-ssl="$(STAGING_DIR)/usr",--without-ssl) \ >>>> + $(if >>>> $(CONFIG_LIBCURL_MBEDTLS),--with-mbedtls="$(STAGING_DIR)/usr",--without-mbedtls) >>>> \ >>>> \ >>>> $(if >>>> $(CONFIG_LIBCURL_LIBIDN),--with-libidn="$(STAGING_DIR)/usr",--without-libidn) >>>> \ >>>> $(if >>>> $(CONFIG_LIBCURL_SSH2),--with-libssh2="$(STAGING_DIR)/usr",--without-libssh2) >>>> \ >>>> >> _______________________________________________ >> Lede-dev mailing list >> Lede-dev@lists.infradead.org >> http://lists.infradead.org/mailman/listinfo/lede-dev > > _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
