Date: Thu, 6 Feb 2020 18:37:38 +0000 (UTC) From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357633 - in stable: 11/secure/caroot/blacklisted 12/secure/caroot/blacklisted Message-ID: <202002061837.016Ibcti011987@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kevans Date: Thu Feb 6 18:37:38 2020 New Revision: 357633 URL: https://svnweb.freebsd.org/changeset/base/357633 Log: MFC r357193: caroot: blacklisted: automatically pick up *.pem in the tree This kind of automagica got picked up in trusted/ prior to the initial commit, but never got applied over in blacklisted. Ideally no one will be using blacklisted/ to store arbitrary certs that they don't intend to blacklist, so we should just install anything that's in here rather than force consumer to first copy cert into place and then modify the file listing in the Makefile. Wise man once say: "it is better to restrict too much, than not enough. sometimes." Modified: stable/11/secure/caroot/blacklisted/Makefile Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/secure/caroot/blacklisted/Makefile Directory Properties: stable/12/ (props changed) Modified: stable/11/secure/caroot/blacklisted/Makefile ============================================================================== --- stable/11/secure/caroot/blacklisted/Makefile Thu Feb 6 18:04:45 2020 (r357632) +++ stable/11/secure/caroot/blacklisted/Makefile Thu Feb 6 18:37:38 2020 (r357633) @@ -2,6 +2,8 @@ BINDIR= /usr/share/certs/blacklisted -FILES= +BLACKLISTED_CERTS!= ls ${.CURDIR}/*.pem 2> /dev/null || true + +FILES+= ${BLACKLISTED_CERTS} .include <bsd.prog.mk>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202002061837.016Ibcti011987>