Though www/xxxterm depends on security/ca_root_nss, it does not by default use the SSL certificate file provided by security/ca_root_nss. This means www/xxxterm could be misconfigured out of the box and consequently never checks HTTPS websites' certificates for authenticity. Cleaned up the Makefile by removing a distracting comment and removing a parenthesis pair that isn't necessary. Added 'PORTREVISION= 1' to the Makefile since this is a revision to the port, not an update. Fix: echo 'ssl_ca_file = /usr/local/share/certs/ca-root-nss.crt' >> $HOME/.xxxterm.conf Patch attached with submission follows: How-To-Repeat: Load a HTTPS website; get red bar (indicates possibly insecure connection) on known verified site.
Oops! I jumped the gun! Attached is a patch that sets ssl_ca_file in xxxterm.c instead of incorrectly in settings.c. The previous patch causes xxxterm to exit with "Bus error (core dumped)" if ssl_ca_file is set in ~/.xxxterm.conf. Sorry about the mix up!
Maintainer of www/xxxterm, Please note that PR ports/164181 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/164181 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Responsible Changed From-To: freebsd-ports-bugs->eadler I'll take it.
State Changed From-To: feedback->open feedback timeout
State Changed From-To: open->feedback sorry for the delay, the patch you supplied didn't apply cleanly and I didn't have a chance to look into it now: the patch to xxxterm doesn't apply at all. Can you resubmit?
State Changed From-To: feedback->closed feedback timeout - if this is still an issue please correct the error and email me