Date: Fri, 6 Aug 2010 15:51:53 GMT From: Gabor PALI <pgj@FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/149368: [patch] ftp/curl: Make Run Dependency on security/ca_root_nss Optional Message-ID: <201008061551.o76FprXw076507@www.freebsd.org> Resent-Message-ID: <201008061600.o76G0806083321@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 149368
>Category: ports
>Synopsis: [patch] ftp/curl: Make Run Dependency on security/ca_root_nss Optional
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Aug 06 16:00:08 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Gabor PALI
>Release: N/A
>Organization:
The FreeBSD Project
>Environment:
N/A
>Description:
Mandatory run dependency on security/ca_root_nss is not required, since it is used only when OpenSSL support is present. Based on the configure script of curl, CA bundle might be optional even when OpenSSL is supported. Adding this further optionality helps to avoid spamming of user's security certificates installed already on the system.
>How-To-Repeat:
N/A
>Fix:
Apply the attached patch.
Patch attached with submission follows:
diff --git a/ftp/curl/Makefile b/ftp/curl/Makefile
index 20f54ac..9e32c26 100644
--- a/ftp/curl/Makefile
+++ b/ftp/curl/Makefile
@@ -17,8 +17,6 @@ MASTER_SITE_SUBDIR= curl
MAINTAINER= roam@FreeBSD.org
COMMENT= Non-interactive tool to get files from FTP, GOPHER, HTTP(S) servers
-RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss
-
LICENSE= MIT
PATCH_STRIP= -p1
@@ -69,6 +67,7 @@ OPTIONS= CARES "Asynchronous DNS resolution via c-ares" off \
LIBSSH2 "SCP/SFTP support via libssh2" off \
NTLM "NTLM authentication" off \
OPENSSL "OpenSSL support" on \
+ CA_BUNDLE "Install CA bundle for OpenSSL" on \
PROXY "Proxy support" on \
TRACKMEMORY "Enable curl memory diagnostic output" off
@@ -98,10 +97,16 @@ IGNORE= only supports LDAPS with SSL (OpenSSL or GNUTLS)
.if !defined(WITHOUT_OPENSSL)
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
-CONFIGURE_ARGS+= --with-ssl=${OPENSSLBASE} \
- --with-ca-bundle=${LOCALBASE}/share/certs/ca-root-nss.crt
+CONFIGURE_ARGS+= --with-ssl=${OPENSSLBASE}
+.if !defined(WITHOUT_CA_BUNDLE)
+RUN_DEPENDS+= ${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss
+CONFIGURE_ARGS+= --with-ca-bundle=${LOCALBASE}/share/certs/ca-root-nss.crt
+.endif
.else
CONFIGURE_ARGS+= --without-ssl
+.if defined(WITH_CA_BUNDLE)
+IGNORE= only supports CA bundle with OpenSSL
+.endif
.endif
.if defined(WITH_CARES)
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008061551.o76FprXw076507>