Bug 225357

Summary:

[patch] security/ca_root_nss: add a @postexec step to ca_root_nss to also synchronize the root certificates when it updates

Product:

Ports & Packages

Reporter:

David Naylor <dbn>

Component:

Individual Port(s)

Assignee:

Mark Felder <feld>

Status:

Closed FIXED

Severity:

Affects Only Me

CC:

feld

Priority:

---

Keywords:

patch

Version:

Latest

Flags:

bugzilla: maintainer-feedback? (ports-secteam)

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
Patch v1.0.0	none

Description David Naylor freebsd_committer

2018-01-21 14:34:32 UTC

Created attachment 189948 [details]
Patch v1.0.0

lang/mono stores certificates in a different format to ca_root_nss and requires cert-sync(1) to be called whenever ca_root_nss gets updated.  

The lang/mono port (in the next update) includes a @postexec step to synchronize the root certificates, but this is only triggered on mono's update.  

The attached patch adds a @postexec step to ca_root_nss to also synchronize the root certificates when it updates.

Comment 1 David Naylor freebsd_committer

2018-02-01 18:23:40 UTC

Ping, maintainer timeout is in 3 days!

Comment 2 David Naylor freebsd_committer

2018-02-08 18:59:51 UTC

Ping, maintainer timeout!

Comment 3 Mark Felder freebsd_committer

2018-02-13 20:45:48 UTC

committed with minor changes

Comment 4 commit-hook freebsd_committer

2018-02-13 20:46:26 UTC

A commit references this bug:

Author: feld
Date: Tue Feb 13 20:45:39 UTC 2018
New revision: 461746
URL: https://svnweb.freebsd.org/changeset/ports/461746

Log:
  security/ca_root_nss: Add post-exec script to automatically sync to mono's
  certificate store

  PR:		225357

Changes:
  head/security/ca_root_nss/Makefile
  head/security/ca_root_nss/pkg-plist