View | Details | Raw Unified | Return to bug 220511 | Differences between
and this patch

Collapse All | Expand All

(-)Makefile (-2 / +8 lines)
Lines 2-7 Link Here
2
2
3
PORTNAME=	ca_root_nss
3
PORTNAME=	ca_root_nss
4
PORTVERSION=	${VERSION_NSS}
4
PORTVERSION=	${VERSION_NSS}
5
PORTREVISION=   1
5
CATEGORIES=	security
6
CATEGORIES=	security
6
MASTER_SITES=	MOZILLA/security/nss/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src
7
MASTER_SITES=	MOZILLA/security/nss/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src
7
DISTNAME=	nss-${VERSION_NSS}${NSS_SUFFIX}
8
DISTNAME=	nss-${VERSION_NSS}${NSS_SUFFIX}
Lines 11-23 Link Here
11
12
12
LICENSE=	MPL
13
LICENSE=	MPL
13
14
14
OPTIONS_DEFINE=		ETCSYMLINK
15
OPTIONS_DEFINE=		ETCSYMLINK NODUPS
15
OPTIONS_DEFAULT=	ETCSYMLINK
16
OPTIONS_DEFAULT=	ETCSYMLINK
16
17
17
OPTIONS_SUB=		yes
18
OPTIONS_SUB=		yes
18
19
19
ETCSYMLINK_DESC=	Add symlink to /etc/ssl/cert.pem
20
ETCSYMLINK_DESC=	Add symlink to /etc/ssl/cert.pem
20
ETCSYMLINK_CONFLICTS_INSTALL=	ca-roots-[0-9]*
21
ETCSYMLINK_CONFLICTS_INSTALL=	ca-roots-[0-9]*
22
NODUPS_DESC=    No subject duplicate certificates (use highest serial)
21
23
22
USES=		perl5 ssl:build
24
USES=		perl5 ssl:build
23
USE_PERL5=	build
25
USE_PERL5=	build
Lines 42-47 Link Here
42
44
43
.include <bsd.port.options.mk>
45
.include <bsd.port.options.mk>
44
46
47
.if ${PORT_OPTIONS:MNODUPS}
48
NODUPS_CONFIGURE_ON=true
49
.endif
50
45
do-extract:
51
do-extract:
46
	@${MKDIR} ${WRKDIR}
52
	@${MKDIR} ${WRKDIR}
47
	@${TAR} -C ${WRKDIR} -xf ${DISTDIR}/nss-${VERSION_NSS}${NSS_SUFFIX}${EXTRACT_SUFX} \
53
	@${TAR} -C ${WRKDIR} -xf ${DISTDIR}/nss-${VERSION_NSS}${NSS_SUFFIX}${EXTRACT_SUFX} \
Lines 50-56 Link Here
50
	@${RM} -r ${WRKDIR}/nss-${VERSION_NSS}
56
	@${RM} -r ${WRKDIR}/nss-${VERSION_NSS}
51
57
52
do-build:	apply-slist
58
do-build:	apply-slist
53
	@${SETENV} PATH=${LOCALBASE}/bin:$${PATH} \
59
	@${SETENV} PATH=${LOCALBASE}/bin:$${PATH} WITH_NODUPS=${NODUPS_CONFIGURE_ON} \
54
		${PERL} ${WRKDIR}/${BUNDLE_PROCESSOR} \
60
		${PERL} ${WRKDIR}/${BUNDLE_PROCESSOR} \
55
	    < ${WRKDIR}/certdata.txt > \
61
	    < ${WRKDIR}/certdata.txt > \
56
	    ${WRKDIR}/ca-root-nss.crt
62
	    ${WRKDIR}/ca-root-nss.crt
(-)files/MAca-bundle.pl.in (-6 / +21 lines)
Lines 54-59 Link Here
54
$debug++
54
$debug++
55
    if defined $ENV{'WITH_DEBUG'}
55
    if defined $ENV{'WITH_DEBUG'}
56
	and $ENV{'WITH_DEBUG'} !~ m/(?i)^(no|0|false|)$/;
56
	and $ENV{'WITH_DEBUG'} !~ m/(?i)^(no|0|false|)$/;
57
my $dups = 1;
58
$dups = 0
59
    if defined $ENV{'WITH_NODUPS'}
60
	and $ENV{'WITH_NODUPS'} !~ m/(?i)^(no|0|false|)$/;
57
61
58
my %certs;
62
my %certs;
59
my %trusts;
63
my %trusts;
Lines 201-218 Link Here
201
    }
205
    }
202
}
206
}
203
207
204
print		"##  Untrusted certificates omitted from this bundle: $untrusted\n\n";
208
print		"##  Untrusted certificates omitted from this bundle: $untrusted\n";
205
print STDERR	"##  Untrusted certificates omitted from this bundle: $untrusted\n";
209
print STDERR	"##  Untrusted certificates omitted from this bundle: $untrusted\n";
210
print		"##  Ignoring duplicate certificates\n\n" if ( ! $dups );
211
print STDERR	"##  Ignoring duplicate certificates\n\n" if ( ! $dups );
206
212
207
my $certcount = 0;
213
my $certcount = 0;
208
foreach my $it (sort {uc($a) cmp uc($b)} keys %certs) {
214
my (%seensubjects);
215
foreach my $it (sort {
216
    my ($a1,$a2) = split("\0", $a);
217
    my ($b1,$b2) = split("\0", $b);
218
    uc($a1) cmp uc($b1) and $b2 == $a2
219
} keys %certs) {
209
    if (!exists($trusts{$it})) {
220
    if (!exists($trusts{$it})) {
210
	die "Found certificate without trust block,\naborting";
221
	die "Found certificate without trust block,\naborting";
211
    }
222
    }
212
    printcert("", $certs{$it});
223
    my ($subject, $serial) = split("\0", $it);
213
    print "\n\n\n";
224
    if ( $dups == 1 or ! exists $seensubjects{$subject} ) {
214
    $certcount++;
225
        $seensubjects{$subject} = 1;
215
    print STDERR "Trusting $certcount: ".printlabel($it)."\n" if $debug;
226
        printcert("", $certs{$it});
227
        print "\n\n\n";
228
        $certcount++;
229
        print STDERR "Trusting $certcount: ".printlabel($it)."\n" if $debug;
230
    }
216
}
231
}
217
232
218
if ($certcount < 25) {
233
if ($certcount < 25) {

Return to bug 220511