ports/185130: [PATCH] www/neon29: use root CA bundle

Anton Yuzhaninov citrin-mail71 at rambler.ru
Mon Dec 23 11:10:01 UTC 2013 

>Number:         185130
>Category:       ports
>Synopsis:       [PATCH] www/neon29: use root CA bundle
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 23 11:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Anton Yuzhaninov
>Release:        FreeBSD 10.0-PRERELEASE amd64
>Organization:
>Environment:
System: FreeBSD hius.citrin.ru 10.0-PRERELEASE FreeBSD 10.0-PRERELEASE #10 r259719: Sun Dec 22 15:28:52 UTC
>Description:
It is important to validate server's certificate using root CA bundle.

Port maintainer (lev at FreeBSD.org) is cc'd.

Generated with FreeBSD Port Tools 0.99_11 (mode: change, diff: ports)
>How-To-Repeat:
>Fix:

--- neon29-0.29.6_4.patch begins here ---
diff -ruN /usr/ports//www/neon29/Makefile ./Makefile
--- /usr/ports//www/neon29/Makefile	2013-11-05 22:40:46.000000000 +0000
+++ ./Makefile	2013-12-23 10:53:01.000000000 +0000
@@ -13,14 +13,15 @@
 
 CONFLICTS=	neon2[^9]-[0-9]*
 
-OPTIONS_DEFINE=		OPENSSL NLS GSSAPI PROXY DOCS
-OPTIONS_DEFAULT=	EXPAT OPENSSL NLS GSSAPI
+OPTIONS_DEFINE=		CA_BUNDLE DOCS GSSAPI NLS OPENSSL PROXY
+OPTIONS_DEFAULT=	CA_BUNDLE EXPAT GSSAPI NLS OPENSSL
 OPTIONS_SINGLE=		XML
 OPTIONS_SINGLE_XML=	EXPAT LIBXML
 
-XML_DESC=		XML parser library
+CA_BUNDLE_DESC=		Install CA bundle for OpenSSL
 LIBXML_DESC=		libxml2 XML parser support
 PROXY_DESC=		libproxy support
+XML_DESC=		XML parser library
 
 USE_AUTOTOOLS=	libtool
 USE_LDCONFIG=	yes
@@ -31,8 +32,16 @@
 CONFIGURE_ARGS=	--enable-shared \
 		--with-libs=${LOCALBASE}:${PREFIX}
 
+CA_BUNDLE_CONFIGURE_ON=	--with-ca-bundle=${LOCALBASE}/share/certs/ca-root-nss.crt
+CA_BUNDLE_RUN_DEPENDS=	${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss
+
 .include <bsd.port.options.mk>
 
+.if ${PORT_OPTIONS:MCA_BUNDLE} && !${PORT_OPTIONS:MOPENSSL}
+WARNING+=	"OpenSSL need for CA bundle support"
+WARNING+=	"Enable the OPENSSL option or disable the CA_BUNDLE option"
+.endif
+
 .if ${PORT_OPTIONS:MEXPAT}
 CONFIGURE_ARGS+=--with-expat
 LIB_DEPENDS+=	expat.6:${PORTSDIR}/textproc/expat2
--- neon29-0.29.6_4.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list