Bug 225357 - [patch] security/ca_root_nss: add a @postexec step to ca_root_nss to also synchronize the root certificates when it updates
Summary: [patch] security/ca_root_nss: add a @postexec step to ca_root_nss to also syn...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Mark Felder
Keywords: patch
Depends on:
Reported: 2018-01-21 14:34 UTC by David Naylor
Modified: 2018-02-13 20:46 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (ports-secteam)

Patch v1.0.0 (846 bytes, patch)
2018-01-21 14:34 UTC, David Naylor
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description David Naylor freebsd_committer 2018-01-21 14:34:32 UTC
Created attachment 189948 [details]
Patch v1.0.0

lang/mono stores certificates in a different format to ca_root_nss and requires cert-sync(1) to be called whenever ca_root_nss gets updated.  

The lang/mono port (in the next update) includes a @postexec step to synchronize the root certificates, but this is only triggered on mono's update.  

The attached patch adds a @postexec step to ca_root_nss to also synchronize the root certificates when it updates.
Comment 1 David Naylor freebsd_committer 2018-02-01 18:23:40 UTC
Ping, maintainer timeout is in 3 days!
Comment 2 David Naylor freebsd_committer 2018-02-08 18:59:51 UTC
Ping, maintainer timeout!
Comment 3 Mark Felder freebsd_committer 2018-02-13 20:45:48 UTC
committed with minor changes
Comment 4 commit-hook freebsd_committer 2018-02-13 20:46:26 UTC
A commit references this bug:

Author: feld
Date: Tue Feb 13 20:45:39 UTC 2018
New revision: 461746
URL: https://svnweb.freebsd.org/changeset/ports/461746

  security/ca_root_nss: Add post-exec script to automatically sync to mono's
  certificate store

  PR:		225357