diff options
| author | David Caldwell <david@porkrind.org> | 2017-04-04 21:29:55 -0700 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-04-06 12:36:22 +0200 |
| commit | c0eb46d3463cd21b3f822ac377ff37f067f66b8d (patch) | |
| tree | a38d08221ed692db5723a2831860b5ef8fd84a10 /configure.ac | |
| parent | 5659d09e3760c8d1986ba9852204c6942bc7d510 (diff) | |
| download | gnutls-c0eb46d3463cd21b3f822ac377ff37f067f66b8d.tar.gz | |
gnutls_x509_trust_list_add_system_trust: Add macOS keychain support
Also don't check for a default_trust_store_file in configure when building on
macOS (unless explicitly asked to with --with-default-trust-store-file=xxx),
because otherwise it finds /etc/ssl/cert.pem: This file is new (since
10.12.2?), which means libraries built on the newest OS version wouldn't work
the same way on an older versions (and vice versa). "/etc/ssl/cert.pem" also
doesn't seem to reflect additions and deletions from the user's or system's
trusted roots keychain (in my limited testing).
Signed-off-by: David Caldwell <david@porkrind.org>
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index 2e94e1693e..84c9500eda 100644 --- a/configure.ac +++ b/configure.ac @@ -780,7 +780,7 @@ dnl auto detect http://lists.gnu.org/archive/html/help-gnutls/2012-05/msg00004.h AC_ARG_WITH([default-trust-store-file], [AS_HELP_STRING([--with-default-trust-store-file=FILE], [use the given file default trust store])], with_default_trust_store_file="$withval", - [if test "$build" = "$host" && test x$with_default_trust_store_pkcs11 = x && test x$with_default_trust_store_dir = x;then + [if test "$build" = "$host" && test x$with_default_trust_store_pkcs11 = x && test x$with_default_trust_store_dir = x && test x$have_macosx = x;then for i in \ /etc/ssl/ca-bundle.pem \ /etc/ssl/certs/ca-certificates.crt \ |