curl-library
Packaging the certificate bundle (was Re: Two Requests of Mine)
Date: Wed, 13 Oct 2004 14:49:36 -0700
On Mon, Sep 20, 2004 at 03:13:04PM +0200, Daniel Stenberg wrote:
> I would *REALLY* like to see separate packages provided for libcurl. Then
> people that use program ZZZ can download and get only the lib, and not be
> forced to deal with the concept that curl uses libcurl and that getting a
> combined packages is the only way to go (especially when this user only
> wants to get ZZZ running and doesn't care for curl).
>
> curl would then be a stand-alone package that depends on the libcurl (or
> even libcurl3) package.
I'm rearranging my RPMs to split libcurl into its own package, but I haven't
decided what the best place is for the curl-ca-bundle.crt file. It's
hard-coded in libcurl so it makes sense for it to be in that package (this
is what Mandrake does). However, you can't install two different libcurl
packages without RPM complaining about a duplicate file in that case.
You could also include it in the curl package, since there will only be
one of those installed in a system (this is what Debian does). But
then applications on systems without curl installed won't be able to
authenticate certificates.
I see two solutions: create a third package containing just the curl-ca-bundle
file, or modify the hard-coded path in libcurl to include a version number
(e.g. /usr/share/curl/7.12.1/curl-ca-bundle.crt). The latter makes life
easier for the user (one less package dependency), while the former is cleaner
since (theoretically, anyway) the certificate bundle could be used by non-
libcurl applications as well and could be installed without libcurl. Also,
putting it into a separate package means that a user need not install it if
he's going to supply his own certificate bundle.
What are people's thoughts on this problem?
>>> Dan
-- http://www.MoveAnnouncer.com The web change of address service Let webmasters know that your web site has movedReceived on 2004-10-13