Summary: | ftp/curl: curl is unusable when CA_BUNDLE is off | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Michael Osipov <michael.osipov> | ||||
Component: | Individual Port(s) | Assignee: | Po-Chuan Hsieh <sunpoet> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Some People | CC: | kevans, michael.osipov, sunpoet, swills | ||||
Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(sunpoet) |
||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Michael Osipov
2020-07-17 15:47:12 UTC
@kevans Can you help here? Created attachment 217836 [details]
svn(1) diff against the ports tree
This should do the trick -- test builds OK with CA_BUNDLE off and:
- both ssl=base and ssl=libressl w/ OPENSSL
- GNUTLS
I only confirmed for !GNUTLS/OPENSSL options that it wasn't adding the config arg.
(In reply to Kyle Evans from comment #2) Works for me with ssl=base against a internal server with corporate CA from /etc/ssl/certs. > fstatat(AT_FDCWD,"/etc/ssl/certs//d4555404.0",{ mode=-rw-r--r-- ,inode=1043597,size=3988,blksize=32768 },0x0) = 0 (0x0) > open("/etc/ssl/certs//d4555404.0",O_RDONLY,0666) = 6 (0x6) A commit references this bug: Author: sunpoet Date: Sat Sep 12 12:11:07 UTC 2020 New revision: 548355 URL: https://svnweb.freebsd.org/changeset/ports/548355 Log: Use built-in CA store of OpenSSL/GnuTLS when CA_BUNDLE is disabled PR: 248047 Reported by: Michael Osipov <michael.osipov@siemens.com> Submitted by: kevans Changes: head/ftp/curl/Makefile Committed. Thanks! |