[Bug 258709] lang/mono6.8: cert-sync doesn't work on iocage style base jails
- In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 258709] lang/mono6.8: cert-sync doesn"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 18 Oct 2021 16:27:56 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258709 --- Comment #5 from Misso Works <missoline@protonmail.com> --- I have identified where the problem is. Basically, certificates are stored in the folder Environment.SpecialFolder.CommonApplicationData/.mono/certs as per [0]. However the path of Environment.SpecialFolder.CommonApplicationData is set to "/usr/share" (linuxism). The mono5.10 port includes the proper patches but for some reason they haven't been carried over to the mono6.8 port. The issue likely didn't appear earlier as the certificates shipped by upstream were still valid. You can fix the issue by adding the below two commands in the post-patch section of the Makefile of the port: post-patch: ${REINPLACE_CMD} -e 's|/usr/share|${PREFIX}|g' \ ${WRKSRC}/mcs/class/corlib/System/Environment.cs \ ${WRKSRC}/external/corefx/src/System.Runtime.Extensions/src/System/Environment.Unix.cs ${REINPLACE_CMD} -e 's|/usr/share/.mono|${PREFIX}/share/mono|g' \ ${WRKSRC}/man/mono-configuration-crypto.1 \ ${WRKSRC}/man/mono.1 \ ${WRKSRC}/man/mozroots.1 I am not sure why these changes have been implemented as post-patches instead of regular patch files, the maintainer may simply have run out of time at the time. The first command replaces "/usr/share" with /usr/local/ in the source files mcs/class/corlib/System.Environment.cs and external/corefx/src/System.Runtime.Extensions/src/System.Environment.Unix. The second command replaces /usr/share/.mono with /usr/local/share/mono for a couple of man files. With regards to replacing "/usr/share/.mono" with "/usr/local/mono" there is also a need to copy over the following patch files from the 5.10 ports: - patch-mcs_class_Mono.Security_Mono.Security.Cryptography_KeyPairPersistence.cs - patch-mcs_class_Mono.Security_Mono.Security.X509_X509StoreManager.cs - patch-mcs_tools_mono-configuration-crypto_lib_Mono.Configuration.Crypto_KeyContainerCollection.cs These files directly relate to the certificate manager so applying these patches is important. Then build from source and cert-sync should work as expected. At do not have access to a proper FreeBSD lab at the minute to implement it and propose clean files, but wanted to throw this here in the meantime in case this helps someone being stuck. -- You are receiving this mail because: You are the assignee for the bug.