Subject: pkg/28477: openssl package should provide SSLKEYS location
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <thorpej@shagadelic.org>
List: pkgsrc-bugs
Date: 11/30/2004 15:24:00
>Number: 28477
>Category: pkg
>Synopsis: openssl package should provide SSLKEYS location
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Nov 30 15:24:00 +0000 2004
>Originator: Jason R Thorpe
>Release: NetBSD 2.99.10
>Organization:
-- Jason R. Thorpe <thorpej@shagadelic.org>
>Environment:
System: NetBSD yeah-baby.shagadelic.org 2.99.10 NetBSD 2.99.10 (YEAH-BABY-XP) #32: Wed Nov 3 16:00:40 PST 2004 thorpej@yeah-baby.shagadelic.org:/u1/netbsd/src/sys/arch/i386/compile/YEAH-BABY-XP i386
Architecture: i386
Machine: i386
>Description:
The OpenSSL package "builtin.mk" in pkgsrc provides an SSLCERTS
variable which points to the system location of the certificates
directory. But it does not provide a corresponding SSLKEYS variable
that points to the system private key directory.
>How-To-Repeat:
I noticed this when trying to fix the imap-uw package to read
the private key from a separate file.
>Fix:
The following patch adds the SSLKEYS variable to the OpenSSL
package "builtin.mk".
Index: builtin.mk
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssl/builtin.mk,v
retrieving revision 1.5
diff -u -p -r1.5 builtin.mk
--- builtin.mk 2 Apr 2004 23:41:50 -0000 1.5
+++ builtin.mk 30 Nov 2004 15:16:38 -0000
@@ -133,13 +133,17 @@ PKG_SKIP_REASON= \
.if defined(PKG_SYSCONFDIR.openssl)
SSLCERTS= ${PKG_SYSCONFDIR.openssl}/certs
+SSLKEYS= ${PKG_SYSCONFDIR.openssl}/private
.elif ${OPSYS} == "NetBSD"
SSLCERTS= /etc/openssl/certs
+SSLKEYS= /etc/openssl/private
.elif !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
SSLCERTS= /etc/ssl/certs # likely place where certs live
+SSLKEYS= /etc/ssl/private # likely place where private keys live
.else
SSLCERTS= ${PKG_SYSCONFBASEDIR}/openssl/certs
+SSLKEYS= ${PKG_SYSCONFBASEDIR}/openssl/private
.endif
-BUILD_DEFS+= SSLCERTS
+BUILD_DEFS+= SSLCERTS SSLKEYS
.endif # CHECK_BUILTIN.openssl
>Unformatted: