Re: [SyncEvolution] Syncevolution on N900 unable to locate CA certificates (libcurl problem?)
On 2011-11-01 20:24, Patrick Ohly wrote:
On Tue, 2011-11-01 at 17:46 +0100, Alain Knaff wrote:
[...]
> ltrace also shows that the only environment variable accessed by
> syncevolution is SYNCEVOLUTION_DEBUG
That's a bit surprising. The 1.2 binaries from syncevolution.org (with
^^^^^^^^^^^^^
That's probably the reason, I've only got 1.1.99.6-1 on my N900.
I checked syncevolution.org to see whether there are any newer N900
binaries on there, but I'm having trouble setting up the correct
repositories:
http://syncevolution.org/documentation/installation points to
http://maemo.org/packages/view/syncevolution-frontend/ for N900
installation, but the versions listed on that page are even older (0.12
and 0.9)...
[...]
> What call does does it use to pass that variable?
That depends on the transport.
libsoup: g_object_set SOUP_SESSION_SSL_CA_FILE
libcurl: curl_easy_setopt CURLOPT_CAINFO
libneon (WebDAV backend): ne_ssl_trust_default_ca for system
certificates, ignores SSLCACertificates setting
In all cases SyncEvolution never deals with the content of the setting
itself. Instead it relies on the library that it calls to do something
sensible with it.
Unfortunately, according to
http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTCAINFO ,
libcurl does not "do something sensible" with it. Instead it always
takes the parameter to be a CAfile, even if it is a directory.
So, apparently, the app is supposed to do this check itself, and use
CURLOPT_CAPATH if it passes a directory.
I agree that the naming is indeed misleading. Calling it CURLOPT_CAFILE
would have made more sense, but they probably have their reasons...
Regards,
Alain