[00:03] <dOxxx> omg it worked
[00:05] <wgz> dOxxx: you clearly have the magic
[00:05] <dOxxx> wgz: clearly. I got the idea from the fedora bug for the same problem. patched the bzr texinfo builder to register itself under a different name so it doesn't clash with the builtin texinfo builder
[00:12] <dOxxx> now I have to figure out how to handle this cacert thing
[00:16] <wgz> so, you don't actually have to now
[00:16] <dOxxx> well I still get that error about the cacerts being wrong
[00:16] <wgz> after 2.5b6 the default got flipped so if the certs aren't there it will just not verify
[00:16] <wgz> ...urk?
[00:17] <dOxxx> oh hmm
[00:17] <dOxxx> I see
[00:17] <dOxxx> I didn't have 2.5b6 installed when I tested it
[00:17] <wgz> it still complains?
[00:17] <dOxxx> I get this like 8 times:  Not checking SSL certificate for bazaar.launchpad.net: 443
[00:17] <dOxxx> and then the normal command output
[00:18] <wgz> https://code.launchpad.net/~vila/bzr/929179-default-ssl-certs/+merge/93177 <- is the mp
[00:19] <wgz> ah, okay, so... it doesn't error, but does print something
[00:19] <dOxxx> yeah I just had an old version installed when I first tried it
[00:19] <wgz> and for whatever reason that https command spams connections
[00:19] <dOxxx> correct
[00:19] <wgz> so, what I did, which is probably not appropriate for osx
[00:20] <wgz> was stick the bundle that the curl guys extract from mozilla and publish on their website in the install directory
[00:21] <wgz> but doing the right thing for osx no doubt means writing extra code
[00:21] <dOxxx> yeah it means writing extra code that I do not know right now :)
[00:21] <dOxxx> I can do the same hack as you
[00:21] <wgz> http://curl.haxx.se/docs/caextract.html
[00:22] <dOxxx> just tried it by downloading the cacert file from that site and then using `bzr -Ossl.cacert=path/to/file`
[00:22] <wgz> will just check what vila left in as the expected location for osx...
[00:22] <wgz> ^and that worked?
[00:23] <dOxxx> errr... it seems that it worked with the older verison of bzr, but now with 2.5.0 it's still giving me the "not checking ssl certificate" spam
[00:23] <wgz> ah, dammit, the code is:
[00:23] <wgz> 'pass'
[00:24] <dOxxx> oh well, it's not like I don't already have 2 patches for bzr code, one more is not going to hurt
[00:24] <wgz> oh, oh dear. it really shouldn't do that with 2.5, the change must have been wrong
[00:25] <wgz> okay, so changes three and four:
[00:25] <wgz> revert the change from the mp I just linked
[00:26] <wgz> change the darwin branch in bzrlib.transport.http._urllib_wrappers.default_ca_certs to the same as the win32 bit above it
[00:27] <dOxxx> I was considering storing it in /usr/local/share/bzr just to be nice about it
[00:27] <wgz> by all means be superior :)
[00:27] <dOxxx> haha
[00:31] <dOxxx> aha, so if I do this: `bzr -Ossl.ca_certs=cacert.pem -Ossl.cert_reqs=required` then I don't get the error or the spam
[00:31] <dOxxx> which is basically what the patch will accomplish in code instead
[00:31] <wgz> right
[00:32] <wgz> it seems none was a bad idea.
[00:32] <dOxxx> I think I grok this now
[00:33] <wgz> what's odd is I'm sure it was vila that explained to me why none was a bad idea
[00:34] <dOxxx> hehe
[00:34] <dOxxx> so default_ca_reqs should always return 'required'?
[00:35] <dOxxx> oh I see, just set the default for ssl.cert_reqs to required in the option definition
[00:35] <wgz> yeah, as you're supplying it
[00:36] <dOxxx> I can never tell when I should be using single quotes or double quotes for a string...
[00:36] <wgz> I change my mind every year or so :)
[00:37] <wgz> `bzr merge -r6474..6473 bzrlib/transport/http/_urllib2_wrappers.py` would do... but you're going from the tarball
[00:38] <dOxxx> yeah, I'm modifying my bzr 2.5 working tree, generating a patch from that and then apply that patch during the build process
[00:38] <dOxxx> the whole process is automated from extracting the source onwards so I have a patching mechanism
[00:39] <wgz> next time you do this I need to look over your shoulder and pick up tips
[00:40] <dOxxx> http://pastebin.com/pRCswJ67
[00:40] <wgz> lgtm.
[00:40] <dOxxx> you're welcome to have a look at lp:bzr-mac-installers to see my build scripts
[00:41] <dOxxx> it's inherited code so it's not quite as nice as I would like it to be but I've been making improvements slowly here and there
[00:41] <wgz> sticking up the first hunk as a merge proposal against 2.5 wouldn't hurt
[00:41] <dOxxx> I guess so...
[00:49] <wgz> okay, bed for me I think
[00:51] <dOxxx> seeya wgz
[00:57] <dOxxx> ssl cacerts hack works :P