cunix wrote:
Ludwig Nussel: [...]
Anyways, as you can see in modules/openssl/stream_peer_openssl.cpp there even is a commented call to SSL_CTX_load_verify_locations() "for testing". Pretty close. Replace that with a call to SSL_CTX_set_default_verify_paths(), reduce the built in bundle to not contain any certs at all and you are done. godot will then rely on openssl to read the system wide cert store. [...] Well, explaion the issue upstream and ask them to help with the actual code :-)
Thank you again very much for holding my hand Ludwig!
After some experiments i implemented your suggestion in one patch and added a second one to wrap a build option around it [1]. The bundled certs are removed in the spec file. Does this reflect your ideas?
Yes. With that you don't need to BuildRequire ca-certificates anymore. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.com/ SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org