Attachment #151146 for bug #195876




# $FreeBSD$

PORTNAME=	mpop
DISTVERSION=	1.2.0
PORTREVISION=	2
CATEGORIES=	mail
MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}/${DISTVERSION}

MAINTAINER=	ports@FreeBSD.org
COMMENT=	Small and fast POP3 client


LICENSE=	GPLv3 # (or later)

USES=		gmake pkgconfig tar:xz
GNU_CONFIGURE=	yes
CONFIGURE_ARGS=	--disable-silent-rules

INFO=		mpop

OPTIONS_DEFINE=		GSASL IDN LIBSECRET NLS
OPTIONS_RADIO=		SSL
OPTIONS_RADIO_SSL=	GNUTLS OPENSSL
OPTIONS_DEFAULT=	IDN OPENSSL
OPTIONS_SUB=		yes

GNOMEKEYRING_LIB_DEPENDS=	libgnome-keyring.so:${PORTSDIR}/security/libgnome-keyring
GNOMEKEYRING_CONFIGURE_WITH=	gnome-keyring
GNUTLS_LIB_DEPENDS=	libgnutls.so:${PORTSDIR}/security/gnutls
GNUTLS_CONFIGURE_ON=	--with-ssl=gnutls
GSASL_DESC=		SASL authentication support via GNU SASL

GSASL_CONFIGURE_OFF=	--without-libgsasl
IDN_LIB_DEPENDS=	libidn.so:${PORTSDIR}/dns/libidn
IDN_CONFIGURE_WITH=	libidn
LIBSECRET_DESC=		GNOME password management
LIBSECRET_LIB_DEPENDS=	libsecret-1.so:${PORTSDIR}/security/libsecret
LIBSECRET_CONFIGURE_WITH=	libsecret
NLS_USES=		gettext
NLS_CONFIGURE_ENABLE=	nls
OPENSSL_USE=		openssl=yes

Lines 1-2 Link Here

(-)mail/mpop/distinfo (-2 / +2 lines)
1	SHA256 (mpop-1.0.29.tar.bz2) = bd7409741629669969b176ed664e0adec449bf434b9f333e74fed534b28690b8	1	SHA256 (mpop-1.2.0.tar.xz) = 9d28817a6950f64aadf10bf5841400701917102181ebf96c136fbd4707c17ba7
2	SIZE (mpop-1.0.29.tar.bz2) = 292369	2	SIZE (mpop-1.2.0.tar.xz) = 264560




--- doc/mpop.1.orig     2009-10-05 16:47:15.000000000 -0300
+++ doc/mpop.1  2009-10-24 12:18:19.000000000 -0200
@@ -305,8 +305,8 @@ intermediate CAs.)
 .br
 The list of trusted CAs is specified using the \fBtls_trust_file\fP command.
 Usually there is some system-wide default file available, e.g.
-/etc/ssl/certs/ca\-certificates.crt on Debian-based systems, but you can
-also choose to select the trusted CAs yourself.
+/usr/local/share/certs/ca\-root\-nss.crt on FreeBSD and DragonFly systems,
+but you can also choose to select the trusted CAs yourself.
++the \fBsecurity/ca_root_nss\fP port will be installed automaticly.
 .br
 One practical problem with this approach is that the client program should also
 check if the server certificate has been revoked for some reason, using a
@@ -350,8 +350,8 @@ or tunnel the session through TLS (\fIof
 .IP "tls_trust_file \fIfile\fP"
 Activate server certificate verification using a list of truted Certification
 Authorities (CAs). The file must be in PEM format. Some systems provide a
-system-wide default file, e.g. /etc/ssl/certs/ca\-certificates.crt on
-Debian-based systems with the ca\-certificates package.
+system-wide default file, e.g. /usr/local/share/certs/ca\-root\-nss.crt on
+FreeBSD and DragonFly with ca_root_nss package or security/ca_root_nss port.
 An empty argument disables this. You should also use \fBtls_crl_file\fP.
 .IP "tls_crl_file [\fIfile\fP]"
 Set a certificate revocation list (CRL) file for TLS, to check for revoked
@@ -542,7 +542,7 @@ tls on
 .br
 # as in this example, or download the root certificate of your CA and use that.
 .br
-tls_trust_file /etc/ssl/certs/ca\-certificates.crt
+tls_trust_file /usr/local/share/certs/ca\-root\-nss.crt
 .br
 
 .br

Return to bug 195876

Lines 2-11 Link Here

(-)mail/mpop/Makefile (-7 / +7 lines)
2	# $FreeBSD$	2	# $FreeBSD$
3		3
4	PORTNAME= mpop	4	PORTNAME= mpop
5	PORTVERSION= 1.0.29	5	DISTVERSION= 1.2.0
6	PORTREVISION= 2
7	CATEGORIES= mail	6	CATEGORIES= mail
8	MASTER_SITES= SF	7	MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/${DISTVERSION}
9		8
10	MAINTAINER= ports@FreeBSD.org	9	MAINTAINER= ports@FreeBSD.org
11	COMMENT= Small and fast POP3 client	10	COMMENT= Small and fast POP3 client
Lines 12-31 COMMENT= Small and fast POP3 client Link Here
12		11
13	LICENSE= GPLv3 # (or later)	12	LICENSE= GPLv3 # (or later)
14		13
15	USES= pkgconfig tar:bzip2	14	USES= gmake pkgconfig tar:xz
16	GNU_CONFIGURE= yes	15	GNU_CONFIGURE= yes
17	CONFIGURE_ARGS= --disable-silent-rules	16	CONFIGURE_ARGS= --disable-silent-rules
18		17
19	INFO= mpop	18	INFO= mpop
20		19
21	OPTIONS_DEFINE= GNOMEKEYRING GSASL IDN NLS	20	OPTIONS_DEFINE= GSASL IDN LIBSECRET NLS
22	OPTIONS_RADIO= SSL	21	OPTIONS_RADIO= SSL
23	OPTIONS_RADIO_SSL= GNUTLS OPENSSL	22	OPTIONS_RADIO_SSL= GNUTLS OPENSSL
24	OPTIONS_DEFAULT= IDN OPENSSL	23	OPTIONS_DEFAULT= IDN OPENSSL
25	OPTIONS_SUB= yes	24	OPTIONS_SUB= yes
26		25
27	GNOMEKEYRING_LIB_DEPENDS= libgnome-keyring.so:${PORTSDIR}/security/libgnome-keyring
28	GNOMEKEYRING_CONFIGURE_WITH= gnome-keyring
29	GNUTLS_LIB_DEPENDS= libgnutls.so:${PORTSDIR}/security/gnutls	26	GNUTLS_LIB_DEPENDS= libgnutls.so:${PORTSDIR}/security/gnutls
30	GNUTLS_CONFIGURE_ON= --with-ssl=gnutls	27	GNUTLS_CONFIGURE_ON= --with-ssl=gnutls
31	GSASL_DESC= SASL authentication support via GNU SASL	28	GSASL_DESC= SASL authentication support via GNU SASL
Lines 33-38 GSASL_LIB_DEPENDS= libgsasl.so:${PORTSDIR}/securit Link Here
33	GSASL_CONFIGURE_OFF= --without-libgsasl	30	GSASL_CONFIGURE_OFF= --without-libgsasl
34	IDN_LIB_DEPENDS= libidn.so:${PORTSDIR}/dns/libidn	31	IDN_LIB_DEPENDS= libidn.so:${PORTSDIR}/dns/libidn
35	IDN_CONFIGURE_WITH= libidn	32	IDN_CONFIGURE_WITH= libidn
		33	LIBSECRET_DESC= GNOME password management
		34	LIBSECRET_LIB_DEPENDS= libsecret-1.so:${PORTSDIR}/security/libsecret
		35	LIBSECRET_CONFIGURE_WITH= libsecret
36	NLS_USES= gettext	36	NLS_USES= gettext
37	NLS_CONFIGURE_ENABLE= nls	37	NLS_CONFIGURE_ENABLE= nls
38	OPENSSL_USE= openssl=yes	38	OPENSSL_USE= openssl=yes

Lines 1-23 Link Here

(-)mail/mpop/files/patch-doc-mpop.1 (-13 / +23 lines)
1	--- doc/mpop.1.orig 2009-10-05 16:47:15.000000000 -0300	1	--- doc/mpop.1.orig 2009-10-05 16:47:15.000000000 -0300
2	+++ doc/mpop.1 2009-10-24 12:18:19.000000000 -0200	2	+++ doc/mpop.1 2009-10-24 12:18:19.000000000 -0200
3	@@ -333,6 +333,11 @@	3	@@ -305,8 +305,8 @@ intermediate CAs.)
4	.br	4	.br
5	On Debian based systems, you can install the \fBca\-certificates\fP package and	5	The list of trusted CAs is specified using the \fBtls_trust_file\fP command.
6	use the file \fB/etc/ssl/certs/ca\-certificates.crt\fP.	6	Usually there is some system-wide default file available, e.g.
7	++.br	7	-/etc/ssl/certs/ca\-certificates.crt on Debian-based systems, but you can
8	+On FreeBSD based systems, you can install the \fBsecurity/ca_root_nss\fP port and	8	-also choose to select the trusted CAs yourself.
9	++use the file \fB/usr/local/share/certs/ca-root-nss.crt\fP. Please note that if	9	+/usr/local/share/certs/ca\-root\-nss.crt on FreeBSD and DragonFly systems,
10	++you are installing mpop from ports with OpenSSL or gnutls support,	10	+but you can also choose to select the trusted CAs yourself.
11	++the \fBsecurity/ca_root_nss\fP port will be installed automaticly.
12	.br	11	.br
13	An empty argument disables this feature.	12	One practical problem with this approach is that the client program should also
		13	check if the server certificate has been revoked for some reason, using a
		14	@@ -350,8 +350,8 @@ or tunnel the session through TLS (\fIof
		15	.IP "tls_trust_file \fIfile\fP"
		16	Activate server certificate verification using a list of truted Certification
		17	Authorities (CAs). The file must be in PEM format. Some systems provide a
		18	-system-wide default file, e.g. /etc/ssl/certs/ca\-certificates.crt on
		19	-Debian-based systems with the ca\-certificates package.
		20	+system-wide default file, e.g. /usr/local/share/certs/ca\-root\-nss.crt on
		21	+FreeBSD and DragonFly with ca_root_nss package or security/ca_root_nss port.
		22	An empty argument disables this. You should also use \fBtls_crl_file\fP.
14	.IP "tls_crl_file [\fIfile\fP]"	23	.IP "tls_crl_file [\fIfile\fP]"
15	@@ -457,7 +462,7 @@	24	Set a certificate revocation list (CRL) file for TLS, to check for revoked
		25	@@ -542,7 +542,7 @@ tls on
16	.br	26	.br
17	# Enable full TLS certificate checks.	27	# as in this example, or download the root certificate of your CA and use that.
18	.br	28	.br
19	-tls_trust_file /etc/ssl/certs/ca\-certificates.crt	29	-tls_trust_file /etc/ssl/certs/ca\-certificates.crt
20	+tls_trust_file /usr/local/share/certs/ca-root-nss.crt	30	+tls_trust_file /usr/local/share/certs/ca\-root\-nss.crt
21	.br	31	.br
22	# Use the POP3-over-TLS variant instead of the STARTTLS variant.	32
23	.br	33	.br