Subject: pkg/28477: openssl package should provide SSLKEYS location
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <thorpej@shagadelic.org>
List: pkgsrc-bugs
Date: 11/30/2004 15:24:00
>Number:         28477
>Category:       pkg
>Synopsis:       openssl package should provide SSLKEYS location
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 30 15:24:00 +0000 2004
>Originator:     Jason R Thorpe
>Release:        NetBSD 2.99.10
>Organization:
        -- Jason R. Thorpe <thorpej@shagadelic.org>
>Environment:
	
	
System: NetBSD yeah-baby.shagadelic.org 2.99.10 NetBSD 2.99.10 (YEAH-BABY-XP) #32: Wed Nov 3 16:00:40 PST 2004 thorpej@yeah-baby.shagadelic.org:/u1/netbsd/src/sys/arch/i386/compile/YEAH-BABY-XP i386
Architecture: i386
Machine: i386
>Description:
	The OpenSSL package "builtin.mk" in pkgsrc provides an SSLCERTS
	variable which points to the system location of the certificates
	directory.  But it does not provide a corresponding SSLKEYS variable
	that points to the system private key directory.

>How-To-Repeat:
	I noticed this when trying to fix the imap-uw package to read
	the private key from a separate file.

>Fix:
	The following patch adds the SSLKEYS variable to the OpenSSL
	package "builtin.mk".

Index: builtin.mk
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssl/builtin.mk,v
retrieving revision 1.5
diff -u -p -r1.5 builtin.mk
--- builtin.mk	2 Apr 2004 23:41:50 -0000	1.5
+++ builtin.mk	30 Nov 2004 15:16:38 -0000
@@ -133,13 +133,17 @@ PKG_SKIP_REASON=	\
 
 .if defined(PKG_SYSCONFDIR.openssl)
 SSLCERTS=	${PKG_SYSCONFDIR.openssl}/certs
+SSLKEYS=	${PKG_SYSCONFDIR.openssl}/private
 .elif ${OPSYS} == "NetBSD"
 SSLCERTS=	/etc/openssl/certs
+SSLKEYS=	/etc/openssl/private
 .elif !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
 SSLCERTS=	/etc/ssl/certs		# likely place where certs live
+SSLKEYS=	/etc/ssl/private	# likely place where private keys live
 .else
 SSLCERTS=	${PKG_SYSCONFBASEDIR}/openssl/certs
+SSLKEYS=	${PKG_SYSCONFBASEDIR}/openssl/private
 .endif
-BUILD_DEFS+=	SSLCERTS
+BUILD_DEFS+=	SSLCERTS SSLKEYS
 
 .endif	# CHECK_BUILTIN.openssl

>Unformatted: