Bug 246944 - mail/claws-mail: dont install Win certs bundle, depend on security/ca_root_nss
Summary: mail/claws-mail: dont install Win certs bundle, depend on security/ca_root_nss
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Fernando Apesteguía
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2020-06-02 20:38 UTC by Piotr Smyrak
Modified: 2020-06-04 05:52 UTC (History)
2 users (show)

See Also:
portmaster: maintainer-feedback+

Attachments
ports patch with additional upstream patch (1.85 KB, patch)
2020-06-02 20:38 UTC, Piotr Smyrak 		no flags Details | Diff
additional improvements on top of submitter's patch (3.47 KB, patch)
2020-06-03 16:41 UTC, Fernando Apesteguía 		portmaster: maintainer-approval+
Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Piotr Smyrak 2020-06-02 20:38:39 UTC 
Created attachment 215179 [details]
ports patch with additional upstream patch

claws port installs a %%DATADIR%%/ca-certificates.crt bundle, yet according 
to the application code (src/common/ssl.c:196), it is used only by Windows 
builds. 

Instead of doing so, make the port run depend on security/ca_root_nss and add 
a tiny patch that handles a situation, where operator have decided to install 
security/ca_root_nss without its knob ETCSYMLINK turned on, letting claws 
search the CA bundle both in /etc/ssl/cert.pem as if the symlink was enabled, 
and it ${LOCALBASE}/share/certs/ca-root-nss.crt
Comment 1 Chris Hutchinson 2020-06-03 01:54:19 UTC 
Comment on attachment 215179 [details]
ports patch with additional upstream patch

Looks good.
Good catch, and thank you,  Piotr! :-)

Approved.

--Chris
Comment 2 Fernando Apesteguía freebsd_committer freebsd_triage 2020-06-03 16:41:32 UTC 
Created attachment 215201 [details]
additional improvements on top of submitter's patch

I reworked the original patch (good work!) so this applies whatever LOCALBASE the user is using.

Let me know if it looks good.
Comment 3 Chris Hutchinson 2020-06-03 16:54:07 UTC 
Comment on attachment 215201 [details]
additional improvements on top of submitter's patch

Yes. This will work well.
Thanks for doing this, Fernando! :-)

Approved.

--Chris
Comment 4 Piotr Smyrak 2020-06-03 21:08:17 UTC 
Oh, yes, I did consider hardcoding of /usr/local as kind of ugly. 

I wonder if it would make sense to consolidates the 2 steps into just post-patch and eliminate the additional patch file completely this way:

post-patch:
	# Also search for certs in LOCALBASE dir to workaround
	# potential lack of /etc symlink in security/ca_root_nss
	@${REINPLACE_CMD} -e 's|"/etc/ssl/cert.pem",|& "'${LOCALBASE}'/share/certs/ca-root-nss.crt",|' \
	${WRKSRC}/src/common/ssl.c

I am fine with any option.
Comment 5 commit-hook freebsd_committer freebsd_triage 2020-06-04 05:48:41 UTC 
A commit references this bug:

Author: fernape
Date: Thu Jun  4 05:48:35 UTC 2020
New revision: 537868
URL: https://svnweb.freebsd.org/changeset/ports/537868

Log:
  mail/claws-mail: make it depend on security/ca_root_nss

  Instead of installing the Win certs bundle.

  A new patch is needed so it looks for certs by default in out LOCALBASE

  PR:	246944
  Submitted by:	ps.ports@smyrak.com
  Reviewed by:	portmaster@bsdforge.com (maintainer)

Changes:
  head/mail/claws-mail/Makefile
  head/mail/claws-mail/files/patch-configure.ac
  head/mail/claws-mail/files/patch-src_common_ssl.c
  head/mail/claws-mail/pkg-plist
Comment 6 Fernando Apesteguía freebsd_committer freebsd_triage 2020-06-04 05:52:05 UTC 
Committed,

Thanks both for your work!