Page MenuHomeFreeBSD
Files F109845762

D42120.diff
No OneTemporary
Actions

D42120.diff
View Options

diff --git a/security/ca_root_nss/Makefile b/security/ca_root_nss/Makefile
--- a/security/ca_root_nss/Makefile
+++ b/security/ca_root_nss/Makefile
@@ -1,6 +1,6 @@
PORTNAME= ca_root_nss
PORTVERSION= ${VERSION_NSS}
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= MOZILLA/security/nss/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src
DISTNAME= nss-${VERSION_NSS}${NSS_SUFFIX}
@@ -17,8 +17,14 @@
NO_ARCH= yes
WRKSRC_SUBDIR= nss
+OPTIONS_DEFINE= ETCSYMLINK
+OPTIONS_DEFAULT= ETCSYMLINK
+
OPTIONS_SUB= yes
+ETCSYMLINK_DESC= Add symlink to /etc/ssl/cert.pem
+ETCSYMLINK_CONFLICTS_INSTALL= ca-roots-[0-9]*
+
CERTDIR?= share/certs
PLIST_SUB+= CERTDIR=${CERTDIR}
@@ -43,4 +49,8 @@
${MKDIR} ${STAGEDIR}${PREFIX}/openssl
${LN} -sf ../${CERTDIR}/ca-root-nss.crt ${STAGEDIR}${PREFIX}/openssl/cert.pem.sample
+do-install-ETCSYMLINK-on:
+ ${MKDIR} ${STAGEDIR}/etc/ssl
+ ${LN} -sf ../..${PREFIX}/${CERTDIR}/ca-root-nss.crt ${STAGEDIR}/etc/ssl/cert.pem
+
.include <bsd.port.mk>
diff --git a/security/ca_root_nss/files/pkg-message.in b/security/ca_root_nss/files/pkg-message.in
--- a/security/ca_root_nss/files/pkg-message.in
+++ b/security/ca_root_nss/files/pkg-message.in
@@ -5,8 +5,19 @@
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.
-Assessment and verification of trust is the complete responsibility of the
-system administrator.
+Assessment and verification of trust is the complete responsibility of
+the system administrator.
+
+This package installs symlinks to support root certificate discovery
+for software that either uses other cryptographic libraries than
+OpenSSL, or use OpenSSL but do not follow recommended practice.
+
+If you prefer to do this manually, replace the following symlinks with
+either an empty file or your site-local certificate bundle.
+
+ * /etc/ssl/cert.pem
+ * %%PREFIX%%/etc/ssl/cert.pem
+ * %%PREFIX%%/openssl/cert.pem
EOM
}
]
diff --git a/security/ca_root_nss/pkg-plist b/security/ca_root_nss/pkg-plist
--- a/security/ca_root_nss/pkg-plist
+++ b/security/ca_root_nss/pkg-plist
@@ -1,4 +1,7 @@
%%CERTDIR%%/ca-root-nss.crt
+@sample etc/ssl/cert.pem.sample
+@sample openssl/cert.pem.sample
+%%ETCSYMLINK%%/etc/ssl/cert.pem
@postexec certctl rehash
@postunexec certctl rehash
@postexec [ ! -e %%LOCALBASE%%/bin/cert-sync ] || %%LOCALBASE%%/bin/cert-sync --quiet %%PREFIX%%/share/certs/ca-root-nss.crt

File Metadata

Mime Type
text/plain
Expires
Tue, Feb 11, 6:59 AM (10 h, 28 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
16590529
Default Alt Text
D42120.diff (2 KB)

Event Timeline