Den 26. juni 2011 16:59, skrev Patrick Ohly: >> So, anyway, I've built that syncevolution snapshot. I've noted that now, >> --disable-ssl-certificate-check doesn't do anything anymore. > > True. It used to insert SSLVerifyServer=0 into the configuration > templates. When these templates were moved out of the source code (where > a simple ifdef was enough) into files (where a more complicated patching > during "make install" would be needed), I dropped support for the > configure option. I didn't know that the Maemo 5 port depends on it.
The certs are stored in a non-standard place (and I think the user-installed ones are stored in a different place), and I never got around to figuring it out before. >> but it also seems to me that webdav/NeonCXX.cpp >> probably wouldn't honor those paths if I did. > > ne_ssl_trust_default_ca() is called by SyncEvolution. If libeon itself > was compiled correctly, then it should find and use the default > certificates. I guess it depends on what you mean by "correctly". I think the Neon version I'm using is compiled with the standard Debian OpenSSL CA path. Unfortunately, that's not where Maemo stores its stuff. Since it's a community package I could probably get it changed, but switching a configure option wouldn't be enough (I think neon's --with-ca-bundle only takes a filename, but Maemo seems to use two *directories* filled with PEM files for server CAs, plus a third for client certs - also, there's some trusted platform root cert I'm not sure how works, but I can probably ignore that one). Besides, the ability to override these paths from SyncEvolution would be nice anyway. > Overriding the path is indeed not supported. Disabling SSL > verification is, so that would be the low road that you could take. Yeah, well, I was thinking maybe I should fix it properly this time... oh well. > Can you send me the logs of downloading an event and updating it? Run > with loglevel=4 and send the "source-config" logs, those are the ones > showing the communication with the CalDAV server. Done. _______________________________________________ SyncEvolution mailing list [email protected] http://lists.syncevolution.org/listinfo/syncevolution
