On 02/11/11 10:08, Patrick Ohly wrote:
[...]
> Can you run ldd on /usr/lib/libcurl* and check whether it uses gnutls or
> libssl? On Debian, I get:
>
> $ ldd /usr/lib/libcurl.so.3 | grep -e tls -e ssl
> libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x00007f6733f55000)
> libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0x00007f6732cf0000)
> $ ldd /usr/lib/libcurl-gnutls.so.3 | grep -e tls -e ssl
> libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0x00007f0704d07000)
On the N900, I get:
Nokia-N900-51-1:~# ldd /usr/lib/libcurl.so.3 | grep -e tls -e ssl
libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x4000e000)
>
> Interesting, the "non-gnutls" variant actually links against both. But
> gnutls is only pulled in indirectly:
>
> $ readelf -a /usr/lib/libcurl.so.3 | grep NEEDED
> 0x0000000000000001 (NEEDED) Shared library: [libidn.so.11]
> 0x0000000000000001 (NEEDED) Shared library: [libssh2.so.1]
> 0x0000000000000001 (NEEDED) Shared library: [liblber-2.4.so.2]
> 0x0000000000000001 (NEEDED) Shared library: [libldap_r-2.4.so.2]
> 0x0000000000000001 (NEEDED) Shared library: [librt.so.1]
> 0x0000000000000001 (NEEDED) Shared library: [libgssapi_krb5.so.2]
> 0x0000000000000001 (NEEDED) Shared library: [libssl.so.0.9.8]
> 0x0000000000000001 (NEEDED) Shared library: [libcrypto.so.0.9.8]
> 0x0000000000000001 (NEEDED) Shared library: [libz.so.1]
> 0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
>
Nokia-N900-51-1:~# readelf -a /usr/lib/libcurl.so.3 | grep NEEDED
0x00000001 (NEEDED) Shared library: [libssl.so.0.9.8]
0x00000001 (NEEDED) Shared library: [libcrypto.so.0.9.8]
0x00000001 (NEEDED) Shared library: [libz.so.1]
0x00000001 (NEEDED) Shared library: [librt.so.1]
0x00000001 (NEEDED) Shared library: [libgcc_s.so.1]
0x00000001 (NEEDED) Shared library: [libc.so.6]
> $ LD_DEBUG=files ldd /usr/lib/libcurl.so.3 2>&1 | grep gnutls
> 24198: file=libgnutls.so.26 [0]; needed by
> /usr/lib/libldap_r-2.4.so.2 [0]
Nokia-N900-51-1:~# LD_DEBUG=files ldd /usr/lib/libcurl.so.3 2>&1 | grep gnutls
nothing
>
>>> So it would be the right thing to do on some platform/configuration (I'm
>>> not even sure where), but wouldn't help on the N900, would it?
>>>
>>
>> As far as I understand this distinction between CURLPOPT_CAINFO and
>> CURLPOPT_CAPATH is platform independent.
>
> The distinction is, but support for CAPATH isn't. With "platform" I mean
> both the hardware and the OS on top of it, which includes whether
> libcurl uses OpenSSL or GnuTLS.
>
ok. So what happens with GnuTLS if you pass a directory with CURLPOPT_CAINFO?
Does GnuTLS interpret this as a directory which contains files with CA
certificates?
Regards,
Alain
_______________________________________________
SyncEvolution mailing list
[email protected]
http://lists.syncevolution.org/listinfo/syncevolution
