bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS ce

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS ce

From:	Ludovic Courtès
Subject:	bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS certificates
Date:	Wed, 20 Nov 2024 11:45:15 +0100
User-agent:	Gnus/5.13 (Gnus v5.13)

Hello,

Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:

> I guess we could rename NIX_SSL_CERT_FILE to just SSL_CERT_FILE in the
> above patch and add the $SSL_CERT_FILE search path to bring us closer to
> what OpenSSL supports?

As a rule of thumb, I would avoid diverging from upstream, especially
for touchy points like this one: it quickly gets problematic when a
same-named package behaves differently across distros.

In this case, because GnuTLS does not honor any environment variables,
applications/libraries linked against it have to provide their own
mechanism for users to specify the certificate search path.  Normally,
they already do that.

WDYT?

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS certificates, Maxim Cournoyer, 2024/11/10
- bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS certificates, Ludovic Courtès <=

Prev by Date: bug#74015: 'guix shell --export-manifest' fails for some transformations
Next by Date: bug#73903: [shepherd]: Guix Home's shepherd masks shutdown/reboot on foreign distribution
Previous by thread: bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS certificates
Next by thread: bug#73799: guix shell: error: symlink: File exists: "/bin/cc"
Index(es):
- Date
- Thread