diff options
| author | V <v@anomalous.eu> | 2023-07-28 21:33:44 +0200 |
|---|---|---|
| committer | V <v@anomalous.eu> | 2023-07-29 02:38:12 +0200 |
| commit | 0f80873aa4d67417c3ea2657d273d358d85712ca (patch) | |
| tree | 4bced7b7a2c5128ddfe3044cd496ae152771a2e6 /pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch | |
| parent | c3462e2da38fd920c29aa11cbfbd4a592c6a4b5b (diff) | |
lftp: use openssl instead of gnutls
fixes lftp failing to verify sites secured with letsencrypt.
- more specifically, lftp doesn't validate the cross-signed ISRG Root X1 correctly[1][2].
- this issue is not present when built against openssl.
- a fix for the gnutls codepath has been merged[3], but the project has not seen a release since 2020.
- given this, and the questionable quality of gnutls, it seems reasonable to build with openssl instead.
reproducing this bug yields the following:
> Fatal error: Certificate verification: Not trusted (93:3C:6D:DE:E9:5C:9C:41:A4:0F:9F:50:49:3D:82:BE:03:AD:87:BF)
[1]: https://askubuntu.com/questions/1366456/lftp-certificate-suddenly-not-trusted#comment2395548_1366818
[2]: https://github.com/lavv17/lftp/issues/641
[3]: https://github.com/lavv17/lftp/pull/642
Change-Id: Ib161d8741f6d6debde8a65d94a6c1965b23f82ff
Diffstat (limited to 'pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch')
0 files changed, 0 insertions, 0 deletions