[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#32530: [PATCH] gnu: octave: Fix CA certificate use.
|
From: |
Kei Kebreau |
|
Subject: |
bug#32530: [PATCH] gnu: octave: Fix CA certificate use. |
|
Date: |
Mon, 24 Sep 2018 21:43:16 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
address@hidden (Ludovic Courtès) writes:
> Hello Kei,
>
> Kei Kebreau <address@hidden> skribis:
>
>> address@hidden (Ludovic Courtès) writes:
>>
>>> Marius Bakke <address@hidden> skribis:
>>>
>>>> address@hidden (Ludovic Courtès) writes:
>>>
>>> [...]
>>>
>>>>>> Adding this native-search-path to the "octave" package should be
>>>>>> sufficient.
>>>>>
>>>>> I think we should avoid doing this though, because conceptually
>>>>> CURLOPT_CAPATH “belongs” to cURL, not to Octave.
>>>>
>>>> Conceptually maybe, but to my knowledge libcurl itself does not support
>>>> run-time search paths (due to thread safety concerns IIRC).
>>>>
>>>> This search path does seem to be Octave specific. From the ChangeLog:
>>>>
>>>> 2018-04-18 John W. Eaton <address@hidden>
>>>>
>>>> allow users to set path to CA certificates for cURL
>>>>
>>>> * url-transfer.cc (curl_transfer::curl_transfer): Check for
>>>> CURLOPT_CAINFO and CURLOPT_CAPATH environment variables.
>>>> If set, use
>>>> them to set the corresponding options for the cURL library.
>>>>
>>>> Files: liboctave/util/url-transfer.cc
>>>
>>> Oh, I stand corrected! Then the patch LGTM, maybe with a comment saying
>>> that those variables are actually Octave-specific. :-)
>>>
>>> Thank you!
>>>
>>> Ludo’.
>>
>> Is it really Octave-specific? It's defined in the libcurl API [0], so
>> other software could make use of the variable.
>>
>> [0]: https://curl.haxx.se/libcurl/c/CURLOPT_CAPATH.html
>
> I think you’re both right. :-)
>
> The ‘url-transfer.cc’ file in Octave mentioned above does this:
>
> std::string cainfo = sys::env::getenv ("CURLOPT_CAINFO");
> if (! cainfo.empty ())
> SETOPT (CURLOPT_CAINFO, cainfo.c_str ());
>
> std::string capath = sys::env::getenv ("CURLOPT_CAPATH");
> if (! capath.empty ())
> SETOPT (CURLOPT_CAPATH, capath.c_str ());
>
> Based on that, I think it’s perfectly fine to add these two variables in
> the ‘native-search-paths’ of Octave itself, probably with a comment
> explaining that Octave really honors these variables by itself.
>
> Feel free to push such a change!
>
> Thank you,
> Ludo’.
Finally pushed to master! Thanks to both of you for reviewing this.
- [bug#32530] [PATCH] gnu: octave: Fix CA certificate use., (continued)
- [bug#32530] [PATCH] gnu: octave: Fix CA certificate use., Kei Kebreau, 2018/09/15
- [bug#32530] [PATCH] gnu: octave: Fix CA certificate use., Ludovic Courtès, 2018/09/19
- [bug#32530] [PATCH] gnu: octave: Fix CA certificate use., Marius Bakke, 2018/09/19
- [bug#32530] [PATCH] gnu: octave: Fix CA certificate use., Ludovic Courtès, 2018/09/19
- [bug#32530] [PATCH] gnu: octave: Fix CA certificate use., Kei Kebreau, 2018/09/20
- [bug#32530] [PATCH] gnu: octave: Fix CA certificate use., Ludovic Courtès, 2018/09/24
- bug#32530: [PATCH] gnu: octave: Fix CA certificate use.,
Kei Kebreau <=