Mercurial > pidgin.yaz

changeset 23332:390384053186

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add a configure option, --with-ssl-certificates to allow packagers to specify a system-wide SSL CA certificates directory. On Debian, this would be /etc/ssl/certs. Also, when set, we don't install our SSL CA certs. Refs #6036
author Richard Laager <rlaager@wiktel.com>
date Mon, 09 Jun 2008 02:10:18 +0000
parents d4f12325e599
children 4537fe9b93e7
files configure.ac libpurple/Makefile.am libpurple/certificate.c share/ca-certs/Makefile.am
diffstat 4 files changed, 32 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/configure.ac	Mon Jun 09 00:14:40 2008 +0000
+++ b/configure.ac	Mon Jun 09 02:10:18 2008 +0000
@@ -1561,6 +1561,18 @@
 dnl # Thanks go to Evolution for the checks.
 dnl #######################################################################
 
+AC_ARG_WITH(ssl-certificates, [AC_HELP_STRING([--with-ssl-certificates=<dir>], [directory containing system-wide SSL CA certificates])])
+
+SSL_CERTIFICATES_DIR=""
+if ! test -z "$with_ssl_certificates" ; then
+	if ! test -d "$with_ssl_certificates" ; then
+		AC_MSG_ERROR([$with_ssl_certificates does not exist, if this is the correct location please make sure that it exists.])
+	fi
+	SSL_CERTIFICATES_DIR="$with_ssl_certificates"
+fi
+AC_SUBST(SSL_CERTIFICATES_DIR)
+AM_CONDITIONAL(INSTALL_SSL_CERTIFICATES, test "x$SSL_CERTIFICATES_DIR" = "x")
+
 dnl These two are inverses of each other <-- stolen from evolution!
 
 AC_ARG_ENABLE(gnutls,
@@ -2409,6 +2421,9 @@
 fi
 echo Build with NetworkManager..... : $enable_nm
 echo SSL Library/Libraries......... : $msg_ssl
+if test "x$SSL_CERTIFICATES_DIR" != "x" ; then
+	eval eval echo SSL CA certificates directory. : $SSL_CERTIFICATES_DIR
+fi
 echo Build with Cyrus SASL support. : $enable_cyrus_sasl
 echo Use kerberos 4 with zephyr.... : $kerberos
 echo Use external libzephyr........ : $zephyr
--- a/libpurple/Makefile.am	Mon Jun 09 00:14:40 2008 +0000
+++ b/libpurple/Makefile.am	Mon Jun 09 02:10:18 2008 +0000
@@ -261,3 +261,9 @@
 	$(DBUS_CFLAGS) \
 	$(LIBXML_CFLAGS) \
 	$(NETWORKMANAGER_CFLAGS)
+
+# INSTALL_SSL_CERTIFICATES is true when SSL_CERTIFICATES_DIR is empty.
+# We want to use SSL_CERTIFICATES_DIR when it's not empty.
+if ! INSTALL_SSL_CERTIFICATES
+AM_CPPFLAGS += -DSSL_CERTIFICATES_DIR=\"$(SSL_CERTIFICATES_DIR)\"
+endif
--- a/libpurple/certificate.c	Mon Jun 09 00:14:40 2008 +0000
+++ b/libpurple/certificate.c	Mon Jun 09 02:10:18 2008 +0000
@@ -745,8 +745,12 @@
 		x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR,
 						   "ca-certs", NULL));
 #else
+# ifdef SSL_CERTIFICATES_DIR
+		x509_ca_paths = g_list_append(NULL, SSL_CERTIFICATES_DIR);
+# else
 		x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR,
 						   "purple", "ca-certs", NULL));
+# endif
 #endif
 	}
 
--- a/share/ca-certs/Makefile.am	Mon Jun 09 00:14:40 2008 +0000
+++ b/share/ca-certs/Makefile.am	Mon Jun 09 02:10:18 2008 +0000
@@ -1,5 +1,4 @@
-cacertsdir =	$(datadir)/purple/ca-certs
-cacerts_DATA =	\
+CERTIFICATES = \
 		Equifax_Secure_CA.pem \
 		GTE_CyberTrust_Global_Root.pem \
 		Microsoft_Secure_Server_Authority.pem \
@@ -7,7 +6,12 @@
 		Verisign_RSA_Secure_Server_CA.pem \
 		Verisign_Class3_Primary_CA.pem
 
+if INSTALL_SSL_CERTIFICATES
+cacertsdir =	$(datadir)/purple/ca-certs
+cacerts_DATA =	$(CERTIFICATES)
+endif
+
 EXTRA_DIST =	\
 		Makefile.mingw \
-		$(cacerts_DATA)
+		$(CERTIFICATES)