CVS commit: pkgsrc/security/mozilla-rootcerts

["Greg Troxel" <gdt%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   gdt
Date:           Mon Jun 19 00:37:48 UTC 2017

Modified Files:
        pkgsrc/security/mozilla-rootcerts: Makefile
        pkgsrc/security/mozilla-rootcerts/files: mozilla-rootcerts.sh

Log Message:
Revert touching of openssl config file

Earlier, code was added to "touch $conffile" to work around openssl
issuing a warning if openssl.conf was not present.  This is
problematic because if the warning is appropriate, 1) we have no way
of knowing that an empty config file is correct and 2) we should not
silence it.  If the warning is buggy, then openssl and/or the base
system should be fixed.  Further, this code changes the modification
date of the config file on every run, even when there is a valid
config file.

(There was no discussion prior, three objections and no concurrences,
and no response, so reverting seems ok.)


To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 pkgsrc/security/mozilla-rootcerts/Makefile
cvs rdiff -u -r1.16 -r1.17 \
    pkgsrc/security/mozilla-rootcerts/files/mozilla-rootcerts.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/mozilla-rootcerts/Makefile
diff -u pkgsrc/security/mozilla-rootcerts/Makefile:1.28 pkgsrc/security/mozilla-rootcerts/Makefile:1.29
--- pkgsrc/security/mozilla-rootcerts/Makefile:1.28     Mon Jun 19 00:32:37 2017
+++ pkgsrc/security/mozilla-rootcerts/Makefile  Mon Jun 19 00:37:48 2017
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.28 2017/06/19 00:32:37 gdt Exp $
+# $NetBSD: Makefile,v 1.29 2017/06/19 00:37:48 gdt Exp $
 
 DISTNAME=      mozilla-rootcerts-1.0.${CERTDATA_DATE}
-PKGREVISION=   4
+PKGREVISION=   5
 CATEGORIES=    security
 MASTER_SITES=  -https://hg.mozilla.org/mozilla-central/raw-file/052b90b5414f/security/nss/lib/ckfw/builtins/certdata.txt
 DISTFILES=     ${CERTDATA}

Index: pkgsrc/security/mozilla-rootcerts/files/mozilla-rootcerts.sh
diff -u pkgsrc/security/mozilla-rootcerts/files/mozilla-rootcerts.sh:1.16 pkgsrc/security/mozilla-rootcerts/files/mozilla-rootcerts.sh:1.17
--- pkgsrc/security/mozilla-rootcerts/files/mozilla-rootcerts.sh:1.16   Mon Jun 19 00:32:37 2017
+++ pkgsrc/security/mozilla-rootcerts/files/mozilla-rootcerts.sh        Mon Jun 19 00:37:48 2017
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: mozilla-rootcerts.sh,v 1.16 2017/06/19 00:32:37 gdt Exp $
+# $NetBSD: mozilla-rootcerts.sh,v 1.17 2017/06/19 00:37:48 gdt Exp $
 #
 # This script is meant to be used as follows:
 #
@@ -23,7 +23,6 @@ self="@LOCALBASE@/sbin/mozilla-rootcerts
 certfile="@DATADIR@/certdata.txt"
 certdir=${SSLDIR}/certs
 destdir=
-conffile="@SSLDIR@/openssl.cnf"
 
 usage()
 {
@@ -188,19 +187,6 @@ extract)
        }'
        ;;
 install)
-       # \todo This is attempting to work around a warning from
-       # openssl being run without a config file.  Hoever, that's
-       # behavior in openssl and/or the base system, which if it
-       # needs fixing should be fixed there.  Touching the config
-       # file is problematic because it is a further violation of the
-       # notion that packages install files under PREFIX and only
-       # touch their own config files.  It is further problematic
-       # because it changes the modification date on config files
-       # which exist.
-       if [ `uname -s` = "NetBSD" ]; then
-               # quell warnings for a missing config file
-               touch $destdir$conffile
-       fi
        # Insist on e.g. /etc/openssl/certs existing.
        if [ ! -d $destdir$certdir ]; then
                ${ECHO} 1>&2 "ERROR: $destdir$certdir does not exist, aborting."