Hi, on my Ubuntu 18.04.1 system (and probably most others), libcurl is linked against OpenSSL 1.1.0, which defaults to /usr/lib/ssl (see OPENSSLDIR):
sturmflut:~$ openssl version -a OpenSSL 1.1.0g 2 Nov 2017 built on: reproducible build, date unspecified platform: debian-amd64 compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/lib/ssl\"" -DENGINESDIR="\"/usr/lib/x86_64-linux-gnu/engines-1.1\"" OPENSSLDIR: "/usr/lib/ssl" ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-1.1" Debian/Ubuntu then set the necessary symlinks to default to /etc/ssl/ , which most distributions are using as the system-wide certificate store: mr2515@scc-scs-sr-lt:~$ ls -la /usr/lib/ssl/ insgesamt 20 drwxr-xr-x 3 root root 4096 Dez 13 11:19 . drwxr-xr-x 151 root root 12288 Jan 30 17:22 .. lrwxrwxrwx 1 root root 14 Dez 13 11:30 certs -> /etc/ssl/certs drwxr-xr-x 2 root root 4096 Dez 13 11:19 misc lrwxrwxrwx 1 root root 20 Dez 5 16:59 openssl.cnf -> /etc/ssl/openssl.cnf lrwxrwxrwx 1 root root 16 Dez 13 11:30 private -> /etc/ssl/private There doesn't seem to be such a simple, system-wide solution for Windows, which is why the cURL author offers a CA bundle for easy use [1] or you can extract the Windows certificate store data manually. MinGW should probably ship and set up all of this correctly, just like it works on Linux, but I don't know anything about MinGW (or more recent Windows versions, for that matter). cheers, Simon [1] https://curl.haxx.se/docs/caextract.html Am 01.02.19 um 08:17 schrieb philippe.weyl...@libertysurf.fr: > On Linux, how libcurl does find the CA bundle ? > Is the path given when the library is generated ? > Is there any other mechanism ? default location ? > Thanks > Philippe > > ----- Mail original ----- > De: "philippe weyland" <philippe.weyl...@libertysurf.fr> > À: darktable-dev@lists.darktable.org > Envoyé: Mercredi 30 Janvier 2019 15:17:28 > Objet: Map find location issue for windows > > Tweaking location.c file I've found two ways to make it work under windows. > > 1. curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); > Without checking the certificate that works ... but that is not what we want > really. > > 2. curl_easy_setopt(curl, CURLOPT_CAINFO, > "C:\\msys64\\mingw64\\ssl\\certs\\ca-bundle.crt"); > When the path for CA bundle is given that works too. But the path will > different from an OS to the other. > ... could be set to dartable\bin\ca-bundle.crt... > > I haven't found if libcurl had a default location on windows. I've made some > checks without success. > > I've found on https://github.com/curl/curl/issues/1538: > "it will still be possible to do getenv("CURL_CA_BUNDLE") yourself and pass > that to CURLOPT_CAINFO" > > To set CURL_CA_BUNDLE path is not enough alone (for what I've tried). > > Any suggestion ? > > Philippe > > ___________________________________________________________________________ > darktable developer mailing list > to unsubscribe send a mail to darktable-dev+unsubscr...@lists.darktable.org > ___________________________________________________________________________ darktable developer mailing list to unsubscribe send a mail to darktable-dev+unsubscr...@lists.darktable.org
