diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2023-10-06 17:45:21 +0200 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2023-10-06 17:48:57 +0200 |
commit | 483e74f44b82f20bddd5608beef74b2a5ab38a88 (patch) | |
tree | d0012e305278b2658ec1e03670e05997788643ed /security/ca_root_nss | |
parent | security/acme.sh: Update to 3.0.7 (diff) |
security/ca_root_nss: Use certctl instead of a symlink.
MFH: 2023Q4
Reviewed by: fluffy, sunpoet
Differential Revision: https://reviews.freebsd.org/D42045
Diffstat (limited to 'security/ca_root_nss')
-rw-r--r-- | security/ca_root_nss/Makefile | 12 | ||||
-rw-r--r-- | security/ca_root_nss/files/pkg-message.in | 14 | ||||
-rw-r--r-- | security/ca_root_nss/pkg-plist | 6 |
3 files changed, 3 insertions, 29 deletions
diff --git a/security/ca_root_nss/Makefile b/security/ca_root_nss/Makefile index db98535229c1..3abe00856c78 100644 --- a/security/ca_root_nss/Makefile +++ b/security/ca_root_nss/Makefile @@ -1,6 +1,6 @@ PORTNAME= ca_root_nss PORTVERSION= ${VERSION_NSS} -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= MOZILLA/security/nss/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src DISTNAME= nss-${VERSION_NSS}${NSS_SUFFIX} @@ -17,14 +17,8 @@ USE_PERL5= build NO_ARCH= yes WRKSRC_SUBDIR= nss -OPTIONS_DEFINE= ETCSYMLINK -OPTIONS_DEFAULT= ETCSYMLINK - OPTIONS_SUB= yes -ETCSYMLINK_DESC= Add symlink to /etc/ssl/cert.pem -ETCSYMLINK_CONFLICTS_INSTALL= ca-roots-[0-9]* - CERTDIR?= share/certs PLIST_SUB+= CERTDIR=${CERTDIR} @@ -49,8 +43,4 @@ do-install: ${MKDIR} ${STAGEDIR}${PREFIX}/openssl ${LN} -sf ../${CERTDIR}/ca-root-nss.crt ${STAGEDIR}${PREFIX}/openssl/cert.pem.sample -do-install-ETCSYMLINK-on: - ${MKDIR} ${STAGEDIR}/etc/ssl - ${LN} -sf ../..${PREFIX}/${CERTDIR}/ca-root-nss.crt ${STAGEDIR}/etc/ssl/cert.pem - .include <bsd.port.mk> diff --git a/security/ca_root_nss/files/pkg-message.in b/security/ca_root_nss/files/pkg-message.in index d937df3a0922..a28b233e6599 100644 --- a/security/ca_root_nss/files/pkg-message.in +++ b/security/ca_root_nss/files/pkg-message.in @@ -7,20 +7,6 @@ audited for trustworthiness or RFC 3647 compliance. Assessment and verification of trust is the complete responsibility of the system administrator. - - -This package installs symlinks to support root certificates discovery by -default for software that uses OpenSSL. - -This enables SSL Certificate Verification by client software without manual -intervention. - -If you prefer to do this manually, replace the following symlinks with -either an empty file or your site-local certificate bundle. - - * /etc/ssl/cert.pem - * %%PREFIX%%/etc/ssl/cert.pem - * %%PREFIX%%/openssl/cert.pem EOM } ] diff --git a/security/ca_root_nss/pkg-plist b/security/ca_root_nss/pkg-plist index e8111772d308..ef04e1ffd140 100644 --- a/security/ca_root_nss/pkg-plist +++ b/security/ca_root_nss/pkg-plist @@ -1,6 +1,4 @@ %%CERTDIR%%/ca-root-nss.crt -@sample etc/ssl/cert.pem.sample -@sample openssl/cert.pem.sample -%%ETCSYMLINK%%/etc/ssl/cert.pem -%%ETCSYMLINK%%@dir /etc/ssl +@postexec certctl rehash +@postunexec certctl rehash @postexec [ ! -e %%LOCALBASE%%/bin/cert-sync ] || %%LOCALBASE%%/bin/cert-sync --quiet %%PREFIX%%/share/certs/ca-root-nss.crt |