pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/openssl
Module Name: pkgsrc
Committed By: gdt
Date: Mon Mar 1 23:28:55 UTC 2021
Modified Files:
pkgsrc/security/openssl: builtin.mk
Log Message:
seurity/openssl: Accomodate non-standard paths and cert bundles
Some systems choose unusual paths fro certs, and some use bundles.
Try to accomodate that, in particular by defining SSLCERTBUNDLE.
Patch concept from Thomas Orgis on tech-pkg, with no objections.
To generate a diff of this commit:
cvs rdiff -u -r1.46 -r1.47 pkgsrc/security/openssl/builtin.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/openssl/builtin.mk
diff -u pkgsrc/security/openssl/builtin.mk:1.46 pkgsrc/security/openssl/builtin.mk:1.47
--- pkgsrc/security/openssl/builtin.mk:1.46 Tue Jan 28 07:34:57 2020
+++ pkgsrc/security/openssl/builtin.mk Mon Mar 1 23:28:54 2021
@@ -1,4 +1,4 @@
-# $NetBSD: builtin.mk,v 1.46 2020/01/28 07:34:57 triaxx Exp $
+# $NetBSD: builtin.mk,v 1.47 2021/03/01 23:28:54 gdt Exp $
BUILTIN_PKG:= openssl
@@ -138,6 +138,14 @@ SSLDIR= ${PKG_SYSCONFDIR.openssl}
. elif !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
. if ${OPSYS} == "NetBSD"
SSLDIR= /etc/openssl
+. elif ${OPSYS} == "Linux"
+. if exists(/etc/pki/tls)
+# Some distributions have moved to /etc/pki/tls, with incomplete
+# symlinks from /etc/ssl. Prefer the new location if it exists
+SSLDIR= /etc/pki/tls
+. else
+SSLDIR= /etc/ssl # standard location
+. endif
. elif ${OPSYS} == "Haiku"
. if exists(/boot/system/data/ssl)
SSLDIR= /boot/system/data/ssl
@@ -152,9 +160,16 @@ SSLDIR= ${PKG_SYSCONFBASEDIR}/openssl
. endif
SSLCERTS= ${SSLDIR}/certs
+# Some systems use CA bundles instead of files and hashed symlinks.
+# Continue to define SSLCERTS because it's unclear if that's the
+# directory that has one file per cert, or the directory that contains
+# trust anchor config in some fortm.
+. if exists(${SSLDIR}/certs/ca-bundle.crt)
+SSLCERTBUNDLE= ${SSLDIR}/certs/ca-bundle.crt
+. endif
SSLKEYS= ${SSLDIR}/private
-BUILD_DEFS+= SSLDIR SSLCERTS SSLKEYS
+BUILD_DEFS+= SSLDIR SSLCERTS SSLCERTBUNDLE SSLKEYS
# create pc files for builtin version; other versions assumed to contain them
# If we are using the builtin version, check whether it has a *.pc
Home |
Main Index |
Thread Index |
Old Index