Hi,

With the curl-ca-bundle dropped, I'm trying to make libcurl work out of
the box on openSUSE. Here, the best option seems to be /etc/ssl/certs,
which is an openSSL "CApath", not "CAfile". I changed the configure
script to try such path as a last resort if no bundle is found. I also
added a --with-ca-path=DIRECTORY option to set it manually. The lib will
then use the capath by default instead of the ca bundle.

It's now:
if --with-ca-bundle is given
  set CURL_CA_BUNDLE to given value
else
  if --with-ca-path is given
    set CURL_CA_PATH to given value
  else
    if a bundle is found on the system
      set CURL_CA_BUNDLE to point to it
    else
      if openSSL is used and a capath is found on the system
        set CURL_CA_PATH to point to it
plus --without-ca-bundle/path overrides the autodetection.

So setups that worked before shouldn't be affected. But nevertheless, as
this is a more involved change, I'm posting it here for review/comments.

On a related note: what's the reason for the generated lib/ca-bundle.h,
isn't AC_DEFINE good enough?

thanks,
Michal
Received on 2008-03-18