[Bug 661577] New: curl: fails to load certificates from default path
https://bugzilla.novell.com/show_bug.cgi?id=661577 https://bugzilla.novell.com/show_bug.cgi?id=661577#c0 Summary: curl: fails to load certificates from default path Classification: openSUSE Product: openSUSE 11.4 Version: Factory Platform: All OS/Version: Linux Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jengelh@medozas.de QAContact: qa@suse.de Found By: Beta-Customer Blocker: --- The command curl https://secure.quantumgateway.com/cgi/authnet_aim.php fails to verify the remote peer. Explicitly giving the CA path fixes this: curl --capath /etc/ssl/certs https://secure.quantumgateway.com/cgi/authnet_aim.php Running strace on both invocations shows that in the first, /etc/ssl is never ever touched. This I find strange given curl.spec runs configure --with-ca-path=/etc/ssl/certs and should thus normally provide the proper default already, but it does not. Subsequently, this leads to errors in php5-curl because it can't find them either implicitly. This also affects both curl 7.21; and curl 7.20 from openSUSE 11.3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=661577
https://bugzilla.novell.com/show_bug.cgi?id=661577#c
wei wang
https://bugzilla.novell.com/show_bug.cgi?id=661577
https://bugzilla.novell.com/show_bug.cgi?id=661577#c1
Michal Marek
GET /cgi/authnet_aim.php HTTP/1.1 User-Agent: curl/7.21.2 (x86_64-unknown-linux-gnu) libcurl/7.21.2 OpenSSL/1.0.0c zlib/1.2.5 libidn/1.15 libssh2/1.2.7 Host: secure.quantumgateway.com Accept: */*
< HTTP/1.1 200 OK < Date: Wed, 29 Dec 2010 08:54:59 GMT < Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8o PHP/5.2.14 < X-Powered-By: PHP/5.2.14 < Set-Cookie: PHPSESSID=cb09ad5d882075655e8e206df460010d; path=/ < Expires: Thu, 19 Nov 1981 08:52:00 GMT < Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 < Pragma: no-cache < Content-Length: 26 < Content-Type: text/html < * Connection #0 to host secure.quantumgateway.com left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): 3Invalid Gateway LoginXXXX $ curl --version curl 7.21.2 (x86_64-unknown-linux-gnu) libcurl/7.21.2 OpenSSL/1.0.0c zlib/1.2.5 libidn/1.15 libssh2/1.2.7 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=661577
https://bugzilla.novell.com/show_bug.cgi?id=661577#c2
Jan Engelhardt
participants (1)
-
bugzilla_noreply@novell.com