Re: [SyncEvolution] Syncevolution on N900 unable to locate CA certificates (libcurl problem?)
On 02/11/11 11:14, Patrick Ohly wrote:
On Wed, 2011-11-02 at 10:50 +0100, Alain Knaff wrote:
> On 02/11/11 10:08, Patrick Ohly wrote:
>>> As far as I understand this distinction between CURLPOPT_CAINFO and
>>> CURLPOPT_CAPATH is platform independent.
>>
>> The distinction is, but support for CAPATH isn't. With "platform" I
mean
>> both the hardware and the OS on top of it, which includes whether
>> libcurl uses OpenSSL or GnuTLS.
>>
>
> ok. So what happens with GnuTLS if you pass a directory with CURLPOPT_CAINFO?
> Does GnuTLS interpret this as a directory which contains files with CA
> certificates?
My guess is that it simply won't work because GnuTLS expects (and only
supports) a single file. I've never tried it, so I don't know what the
resulting error message is.
Well in that case, what harm could be done by putting the test for file
or directory into the app?
- If curl is linked against OpenSSL, this will be the appropriate thing
to do
- If on the other hand, curl is linked against GnuTLS, it won't work,
but as GnuTLS doesn't support CA directories at all (if I understand you
correctly), then nothing is lost compared to the current situation
(which always calls CAINFO)
Regards,
Alain