[MacPorts] #56404: Inconsistent ca-bundle options among net/curl variants
MacPorts
noreply at macports.org
Wed May 2 12:55:55 UTC 2018
#56404: Inconsistent ca-bundle options among net/curl variants
----------------------+------------------------
Reporter: eabalea | Owner: ryandesign
Type: defect | Status: assigned
Priority: Normal | Milestone:
Component: ports | Version:
Resolution: | Keywords:
Port: curl |
----------------------+------------------------
Description changed by mf2k:
Old description:
> Package net/curl
>
> The default variant (ssl) benefits from the Macports curl-ca-bundle while
> wolfssl and gnutls variants don't and rely on the system ca-bundle
> detected by the curl configure script (/etc/ssl/cert.pem).
>
> The darwinssl variant gets the system ca-bundle enabled, and thus the
> root CA MUST be present in that file (instead of being verified against
> the Keychain settings). This default ca-bundle can't be disabled from
> command line.
>
> On darwinssl variant, add
> configure.args-append --without-ca-bundle
> to the PortFile.
>
> On wolfssl and gnutls variants, add
> configure.args-append --with-ca-bundle=${prefix}/share/curl/curl-ca-
> bundle.crt
> to the PortFile.
New description:
Package net/curl
The default variant (ssl) benefits from the Macports curl-ca-bundle while
wolfssl and gnutls variants don't and rely on the system ca-bundle
detected by the curl configure script (/etc/ssl/cert.pem).
The darwinssl variant gets the system ca-bundle enabled, and thus the root
CA MUST be present in that file (instead of being verified against the
Keychain settings). This default ca-bundle can't be disabled from command
line.
On darwinssl variant, add
{{{
configure.args-append --without-ca-bundle
}}}
to the PortFile.
On wolfssl and gnutls variants, add
{{{
configure.args-append --with-ca-bundle=${prefix}/share/curl/curl-ca-
bundle.crt
}}}
to the PortFile.
--
--
Ticket URL: <https://trac.macports.org/ticket/56404#comment:2>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list