FreeBSD Bugzilla – Attachment 240059 Details for
Bug 269473
security/openssl, security/libressl: Use base system CA certificates
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
OpenSSL patch
0001-security-openssl-Use-base-system-CA-certificates.patch (text/plain), 5.63 KB, created by
Tijl Coosemans
on 2023-02-10 21:34:35 UTC
(
hide
)
Description:
OpenSSL patch
Filename:
MIME Type:
Creator:
Tijl Coosemans
Created:
2023-02-10 21:34:35 UTC
Size:
5.63 KB
patch
obsolete
>From 4485695b6c3dbc0d62b310eb1be6bd21090a0774 Mon Sep 17 00:00:00 2001 >From: Tijl Coosemans <tijl@FreeBSD.org> >Date: Fri, 3 Feb 2023 13:21:39 +0100 >Subject: [PATCH 1/2] security/openssl: Use base system CA certificates > >Link ${OPENSSLDIR}/certs to /etc/ssl/certs so certificates can be >verified out of the box. > >PR: 269473 >--- > security/openssl-devel/Makefile | 3 +++ > security/openssl-devel/pkg-plist | 2 +- > security/openssl-quictls/Makefile | 3 +++ > security/openssl-quictls/pkg-plist | 2 +- > security/openssl-unsafe/Makefile | 2 ++ > security/openssl-unsafe/pkg-plist | 2 +- > security/openssl/Makefile | 3 +++ > security/openssl/pkg-plist | 2 +- > 8 files changed, 15 insertions(+), 4 deletions(-) > >diff --git a/security/openssl-devel/Makefile b/security/openssl-devel/Makefile >index 745ac9470caf..10193042f3ec 100644 >--- a/security/openssl-devel/Makefile >+++ b/security/openssl-devel/Makefile >@@ -1,5 +1,6 @@ > PORTNAME= openssl > DISTVERSION= 3.0.8 >+PORTREVISION= 1 > CATEGORIES= security devel > MASTER_SITES= https://www.openssl.org/source/ \ > ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/ >@@ -185,6 +186,8 @@ post-install-SHARED-off: > > post-install: > ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl >+ ${RMDIR} ${STAGEDIR}${OPENSSLDIR}/certs >+ ${LN} -s /etc/ssl/certs ${STAGEDIR}${OPENSSLDIR}/certs > > post-install-MAN3-on: > ( cd ${STAGEDIR}/${PREFIX} ; find man/man3 -not -type d ; \ >diff --git a/security/openssl-devel/pkg-plist b/security/openssl-devel/pkg-plist >index a64414068f16..c79028d853c1 100644 >--- a/security/openssl-devel/pkg-plist >+++ b/security/openssl-devel/pkg-plist >@@ -264,6 +264,7 @@ man/man1/x509.1ossl.gz > man/man5/config.5ossl.gz > man/man5/fips_config.5ossl.gz > man/man5/x509v3_config.5ossl.gz >+%%OPENSSLDIR%%/certs > %%OPENSSLDIR%%/misc/CA.pl > @comment %%OPENSSLDIR%%/misc/tsget.pl > %%OPENSSLDIR%%/misc/tsget >@@ -271,4 +272,3 @@ man/man5/x509v3_config.5ossl.gz > %%OPENSSLDIR%%/fipsmodule.cnf > @sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf > @dir %%OPENSSLDIR%%/private >-@dir %%OPENSSLDIR%%/certs >diff --git a/security/openssl-quictls/Makefile b/security/openssl-quictls/Makefile >index 3dacd7fc6f77..f069d7760bfe 100644 >--- a/security/openssl-quictls/Makefile >+++ b/security/openssl-quictls/Makefile >@@ -1,5 +1,6 @@ > PORTNAME= openssl > PORTVERSION= 3.0.8 >+PORTREVISION= 1 > CATEGORIES= security devel > PKGNAMESUFFIX= -quictls > >@@ -179,6 +180,8 @@ post-install-SHARED-off: > > post-install: > ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl >+ ${RMDIR} ${STAGEDIR}${OPENSSLDIR}/certs >+ ${LN} -s /etc/ssl/certs ${STAGEDIR}${OPENSSLDIR}/certs > > post-install-MAN3-on: > ( cd ${STAGEDIR}/${PREFIX} ; find man/man3 -not -type d ; \ >diff --git a/security/openssl-quictls/pkg-plist b/security/openssl-quictls/pkg-plist >index 80c51ba76672..7a0bb135e0fa 100644 >--- a/security/openssl-quictls/pkg-plist >+++ b/security/openssl-quictls/pkg-plist >@@ -265,6 +265,7 @@ man/man1/x509.1ossl.gz > man/man5/config.5ossl.gz > man/man5/fips_config.5ossl.gz > man/man5/x509v3_config.5ossl.gz >+%%OPENSSLDIR%%/certs > %%OPENSSLDIR%%/misc/CA.pl > @comment %%OPENSSLDIR%%/misc/tsget.pl > %%OPENSSLDIR%%/misc/tsget >@@ -273,4 +274,3 @@ man/man5/x509v3_config.5ossl.gz > @sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf > @dir lib/ossl-modules > @dir %%OPENSSLDIR%%/private >-@dir %%OPENSSLDIR%%/certs >diff --git a/security/openssl-unsafe/Makefile b/security/openssl-unsafe/Makefile >index cd8e06d2a35d..6200b6725cb9 100644 >--- a/security/openssl-unsafe/Makefile >+++ b/security/openssl-unsafe/Makefile >@@ -72,6 +72,8 @@ post-install: > .for i in ubsec gost capi gmp atalla sureware nuron cswift 4758cca padlock aep chil > ${STRIP_CMD} ${STAGEDIR}${PREFIX}/openssl-unsafe/lib/engines/lib${i}.so > .endfor >+ ${RMDIR} ${STAGEDIR}${OPENSSLDIR}/certs >+ ${LN} -s /etc/ssl/certs ${STAGEDIR}${OPENSSLDIR}/certs > > test: build > cd ${WRKSRC} && ${MAKE} test >diff --git a/security/openssl-unsafe/pkg-plist b/security/openssl-unsafe/pkg-plist >index 305b397560bf..894da58e3112 100644 >--- a/security/openssl-unsafe/pkg-plist >+++ b/security/openssl-unsafe/pkg-plist >@@ -101,9 +101,9 @@ openssl-unsafe/lib/libssl.so.%%SHLIBVER%% > openssl-unsafe/libdata/pkgconfig/libcrypto.pc > openssl-unsafe/libdata/pkgconfig/libssl.pc > openssl-unsafe/libdata/pkgconfig/openssl.pc >+%%OPENSSLDIR%%/certs > %%OPENSSLDIR%%/misc/CA.pl > %%OPENSSLDIR%%/misc/CA.sh > %%OPENSSLDIR%%/misc/tsget > @sample %%OPENSSLDIR%%/openssl.cnf.sample > @dir %%OPENSSLDIR%%/private >-@dir %%OPENSSLDIR%%/certs >diff --git a/security/openssl/Makefile b/security/openssl/Makefile >index 3c48f10211bb..492116ee8477 100644 >--- a/security/openssl/Makefile >+++ b/security/openssl/Makefile >@@ -1,5 +1,6 @@ > PORTNAME= openssl > PORTVERSION= 1.1.1t >+PORTREVISION= 1 > PORTEPOCH= 1 > CATEGORIES= security devel > MASTER_SITES= https://www.openssl.org/source/ \ >@@ -161,6 +162,8 @@ post-install-SHARED-on: > > post-install: > ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl >+ ${RMDIR} ${STAGEDIR}${OPENSSLDIR}/certs >+ ${LN} -s /etc/ssl/certs ${STAGEDIR}${OPENSSLDIR}/certs > > post-install-MAN3-on: > ( cd ${STAGEDIR}/${PREFIX} ; ${FIND} man/man3 man/man7 -not -type d ) | \ >diff --git a/security/openssl/pkg-plist b/security/openssl/pkg-plist >index 6d59f6e06c71..25b7033cf5fc 100644 >--- a/security/openssl/pkg-plist >+++ b/security/openssl/pkg-plist >@@ -217,10 +217,10 @@ man/man1/version.1.gz > man/man1/x509.1.gz > man/man5/config.5.gz > man/man5/x509v3_config.5.gz >+%%OPENSSLDIR%%/certs > %%OPENSSLDIR%%/misc/CA.pl > %%OPENSSLDIR%%/misc/tsget > @comment %%OPENSSLDIR%%/misc/tsget.pl > @sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf > @sample %%OPENSSLDIR%%/ct_log_list.cnf.dist %%OPENSSLDIR%%/ct_log_list.cnf > @dir %%OPENSSLDIR%%/private >-@dir %%OPENSSLDIR%%/certs >-- >2.39.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=240059">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 269473
:
240059
|
240060
|
245112