Date: Thu, 21 Mar 2013 21:46:40 +0800 (CST) From: Lung-Pin Chang <changlp@cs.nctu.edu.tw> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/177196: [MAINTAINER] www/gist: obsolete bundled certificate Message-ID: <20130321134640.E32369C643@Archon.iamben.csie.net> Resent-Message-ID: <201303211400.r2LE02m0086684@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 177196 >Category: ports >Synopsis: [MAINTAINER] www/gist: obsolete bundled certificate >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Mar 21 14:00:01 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Lung-Pin Chang >Release: FreeBSD 9.1-RELEASE amd64 >Organization: >Environment: System: FreeBSD Archon.iamben.csie.net 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 >Description: The certificate bundled within gist-3.1.0 is out-of-date, but the new certificate is only available in HEAD. Since this also happened during gist-2.x, it seems that depending on the certificate bundled is much more error-prone. This patch instead depends on certificate provided by security/ca_root_nss. Note that this patch also includes changes made in ports/171705 Added file(s): - files/patch-gist Generated with FreeBSD Port Tools 0.99 >How-To-Repeat: % gist < files reports: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed >Fix: --- gist-3.1.0_3.patch begins here --- diff -ruN --exclude=CVS /usr/ports/www/gist/Makefile /home/iamben/tmp/ports/www/gist/Makefile --- /usr/ports/www/gist/Makefile 2012-11-17 14:02:34.000000000 +0800 +++ /home/iamben/tmp/ports/www/gist/Makefile 2013-03-21 21:30:08.958539518 +0800 @@ -7,12 +7,14 @@ PORTNAME= gist PORTVERSION= 3.1.0 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= www net MAINTAINER= changlp@cs.nctu.edu.tw COMMENT= A gist pastebin posting command +RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss + CONFLICTS= p5-App-gist-[0-9]* USE_GITHUB= yes @@ -26,8 +28,18 @@ NO_BUILD= YES PLIST_FILES= bin/gist +.include <bsd.port.pre.mk> + +.if ${RUBY_VER} < 1.9 +RUN_DEPENDS+= ${DEPEND_RUBY_ICONV} +.endif + +post-patch: + @${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \ + ${WRKSRC}/gist + do-install: ${INSTALL_SCRIPT} ${WRKSRC}/gist ${PREFIX}/bin/gist ${INSTALL_MAN} ${WRKSRC}/man/gist.1 ${MAN1PREFIX}/man/man1 -.include <bsd.port.mk> +.include <bsd.port.post.mk> diff -ruN --exclude=CVS /usr/ports/www/gist/files/patch-gist /home/iamben/tmp/ports/www/gist/files/patch-gist --- /usr/ports/www/gist/files/patch-gist 1970-01-01 08:00:00.000000000 +0800 +++ /home/iamben/tmp/ports/www/gist/files/patch-gist 2013-03-21 21:27:59.525535658 +0800 @@ -0,0 +1,11 @@ +--- gist.orig 2013-03-21 21:19:12.580541283 +0800 ++++ gist 2013-03-21 21:18:07.352536038 +0800 +@@ -1224,7 +1224,7 @@ + + http.use_ssl = true + http.verify_mode = OpenSSL::SSL::VERIFY_PEER +- http.ca_file = ca_cert ++ http.ca_file = "%%LOCALBASE%%/share/certs/ca-root-nss.crt" + + req = Net::HTTP::Post.new(url.path) + req.body = JSON.generate(data(files, private_gist, description)) --- gist-3.1.0_3.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130321134640.E32369C643>