Package: dgit
Depends: perl, libwww-perl, libdpkg-perl, git-core, devscripts, dpkg-dev,
${misc:Depends}, realpath, libdigest-sha-perl, dput, curl,
- libjson-perl
+ libjson-perl, ca-certificates
Recommends: ssh-client
Suggests: sbuild
Architecture: all
'dgit-distro.debian.git-path' => '/dgit/debian/repos',
'dgit-distro.debian.git-check' => 'ssh-cmd',
'dgit-distro.debian.archive-query-url', 'https://api.ftp-master.debian.org/',
- 'dgit-distro.debian.archive-query-tls-key',
- '/etc/ssl/certs/%HOST%.pem:/etc/dgit/%HOST%.pem',
+# 'dgit-distro.debian.archive-query-tls-key',
+# '/etc/ssl/certs/%HOST%.pem:/etc/dgit/%HOST%.pem',
+# ^ this does not work because curl is broken nowadays
+# Fixing #790093 properly will involve providing providing the key
+# in some pacagke and maybe updating these paths.
#
# 'dgit-distro.debian.archive-query-tls-curl-args',
# '--ca-path=/etc/ssl/ca-debian',
fail "for $url: stat $key: $!" unless $!==ENOENT;
next;
}
- push @cmd, "--cacert", $key, "--capath", "/dev/enoent";
+ fail "config requested specific TLS key but do not know".
+ " how to get curl to use exactly that EE key ($key)";
+# push @cmd, "--cacert", $key, "--capath", "/dev/enoent";
+# # Sadly the above line does not work because of changes
+# # to gnutls. The real fix for #790093 may involve
+# # new curl options.
last;
}
# Fixing #790093 properly will involve providing a value