diff options
author | Daniel Stenberg <daniel@haxx.se> | 2008-02-18 11:35:12 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2008-02-18 11:35:12 +0000 |
commit | fb23b85770b72b25448a99108f80fc4d6b8e10ac (patch) | |
tree | cb4593e86c20291f790fdf8784061facb8542422 /acinclude.m4 | |
parent | 3458ce9ae55779f7409dabd82ce2efb73b03eea3 (diff) | |
download | curl-fb23b85770b72b25448a99108f80fc4d6b8e10ac.tar.gz |
- We're no longer providing a very old ca-bundle in the curl tarball. You can
get a fresh one downloaded and created with 'make ca-bundle' or you can get
one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
new one extracted from Mozilla's recent list of ca certs.
The configure option --with-ca-bundle now lets you specify what file to use
as default ca bundle for your build. If not specified, the configure script
will check a few known standard places for a global ca cert to use.
Diffstat (limited to 'acinclude.m4')
-rw-r--r-- | acinclude.m4 | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/acinclude.m4 b/acinclude.m4 index 1c4557c7e..5b6a98e0a 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. +# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -2491,3 +2491,50 @@ AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [ esac ]) + +dnl CURL_CHECK_CA_BUNDLE +dnl ------------------------------------------------- +dnl Check if a default ca-bundle should be used +dnl +dnl regarding the paths this will scan: +dnl /etc/ssl/certs/ca-certificates.crt Debian systems +dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva +dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat + +AC_DEFUN([CURL_CHECK_CA_BUNDLE], [ + + AC_MSG_CHECKING([default CA cert bundle]) + + AC_ARG_WITH(ca-bundle, +AC_HELP_STRING([--with-ca-bundle=FILE], [File name to use as CA bundle]) +AC_HELP_STRING([--without-ca-bundle], [Don't use a default CA bundle]), + [ ca="$withval" ], + [ + dnl the path we previously would have installed the curl ca bundle + dnl to, and thus we now check for an already existing cert in that place + dnl in case we find no other + if test "x$prefix" != xNONE; then + cac="\${prefix}/share/curl/curl-ca-bundle.crt" + else + cac="$ac_default_prefix/share/curl/curl-ca-bundle.crt" + fi + + for a in /etc/ssl/certs/ca-certificates.crt \ + /etc/pki/tls/certs/ca-bundle.crt \ + /usr/share/ssl/certs/ca-bundle.crt \ + "$cac"; do + if test -f $a; then + ca="$a" + break + fi + done + ] + ) + + if test "x$ca" != "xno"; then + CURL_CA_BUNDLE='"'$ca'"' + AC_SUBST(CURL_CA_BUNDLE) + fi + AC_MSG_RESULT([$ca]) +]) + |