This patch is needed to allow gnutls to find the system-wide trust store
(trusted CA certificates).
Mark
>From 51fdea28198bd284949c98bc423e5fcef6169068 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <m...@netris.org>
Date: Tue, 18 Feb 2014 21:30:53 -0500
Subject: [PATCH] gnu: gnutls: Configure location of system-wide trust store.
* gnu/packages/gnutls.scm (gnutls): Configure the location of the system-wide
trust store.
---
gnu/packages/gnutls.scm | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/gnu/packages/gnutls.scm b/gnu/packages/gnutls.scm
index 915f6f8..dde4416 100644
--- a/gnu/packages/gnutls.scm
+++ b/gnu/packages/gnutls.scm
@@ -87,6 +87,17 @@ specifications.")
`(("libtasn1" ,libtasn1)
("nettle" ,nettle)
("which" ,which)))
+ (arguments
+ `(#:configure-flags
+ '(;; GnuTLS doesn't consult any environment variables to specify the
+ ;; location of the system-wide trust store. Instead it has a
+ ;; configure-time option. Unless specified, its configure script
+ ;; attempts to auto-detect the location by looking for common places
+ ;; in the filesystem, none of which are present in our chroot build
+ ;; environment. If not found, then no default trust store is used,
+ ;; so each program has to provide its own fallback, and users have to
+ ;; configure each program independently. This seems suboptimal.
+ "--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt")))
(home-page "http://www.gnu.org/software/gnutls/";)
(synopsis "Transport layer security library")
(description
--
1.8.4
