aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBrian Pepple <bpepple@fedoraproject.org>2010-11-07 06:31:32 +0800
committerGuillaume Desmottes <guillaume.desmottes@collabora.co.uk>2010-11-15 22:33:49 +0800
commit24ffd0a12ef01048052c420b73d9b374515cb2f8 (patch)
treea3e4eeb0eab32e2f7260ca9fd7c40efd8d727082
parent750f7705fe5d58f2c13a57d5e3c844aa0f205e10 (diff)
downloadgsoc2013-empathy-24ffd0a12ef01048052c420b73d9b374515cb2f8.tar
gsoc2013-empathy-24ffd0a12ef01048052c420b73d9b374515cb2f8.tar.gz
gsoc2013-empathy-24ffd0a12ef01048052c420b73d9b374515cb2f8.tar.bz2
gsoc2013-empathy-24ffd0a12ef01048052c420b73d9b374515cb2f8.tar.lz
gsoc2013-empathy-24ffd0a12ef01048052c420b73d9b374515cb2f8.tar.xz
gsoc2013-empathy-24ffd0a12ef01048052c420b73d9b374515cb2f8.tar.zst
gsoc2013-empathy-24ffd0a12ef01048052c420b73d9b374515cb2f8.zip
Make ca-certs location configurable (#634197)
-rw-r--r--configure.ac33
-rw-r--r--libempathy/empathy-tls-verifier.c2
2 files changed, 34 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac
index b2336892c..d2f09df1b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -201,6 +201,38 @@ AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE,"$GETTEXT_PACKAGE",[Gettext package name])
AM_GLIB_GNU_GETTEXT
# -----------------------------------------------------------
+# Make CA certificates path configurable
+# Stolen from GIO's TLS
+# -----------------------------------------------------------
+AC_MSG_CHECKING([location of system Certificate Authority list])
+AC_ARG_WITH(ca-file,
+ [AC_HELP_STRING([--with-ca-file=@<:@path@:>@],
+ [path to system Certificate Authority list])])
+if test "$with_ca_file" = "no"; then
+ AC_MSG_RESULT([disabled])
+else
+ if test -z "$with_ca_file"; then
+ for f in /etc/pki/tls/certs/ca-bundle.crt \
+ /etc/ssl/certs/ca-certificates.crt; do
+ if test -f "$f"; then
+ with_ca_file="$f"
+ fi
+ done
+ if test -z "$with_ca_file"; then
+ AC_MSG_ERROR([could not find. Use --with-ca-file=path to set, or --without-ca-file to disable])
+ fi
+ fi
+
+ AC_MSG_RESULT($with_ca_file)
+ if ! test -f "$with_ca_file"; then
+ AC_MSG_ERROR([No such file '$with_ca_file'. Use --with-ca-file=path to set, or --without-ca-file to disable])
+ fi
+ GTLS_SYSTEM_CA_FILE="$with_ca_file"
+
+ AC_DEFINE_UNQUOTED([GTLS_SYSTEM_CA_FILE], ["$GTLS_SYSTEM_CA_FILE"], [path to system Certificate Authority list])
+fi
+
+# -----------------------------------------------------------
# Connectivity integration
# -----------------------------------------------------------
AC_ARG_WITH(connectivity,
@@ -497,6 +529,7 @@ Configure summary:
Compiler Flags..............: ${CFLAGS} ${ERROR_CFLAGS}
Prefix......................: ${prefix}
Coding style checks.........: ${ENABLE_CODING_STYLE_CHECKS}
+ CA Cert Path................: ${GTLS_SYSTEM_CA_FILE}
Features:
Spell checking (enchant)....: ${have_enchant}
diff --git a/libempathy/empathy-tls-verifier.c b/libempathy/empathy-tls-verifier.c
index 13727db17..ca1726144 100644
--- a/libempathy/empathy-tls-verifier.c
+++ b/libempathy/empathy-tls-verifier.c
@@ -44,7 +44,7 @@ enum {
};
static const gchar* system_ca_paths[] = {
- "/etc/ssl/certs/ca-certificates.crt",
+ GTLS_SYSTEM_CA_FILE,
NULL,
};