Site Navigation

Date:      Tue, 3 Oct 2023 15:11:01 GMT
From:      Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= <des@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 5b543262eae9 - main - net/measurement-kit: Drop ca_root_nss dependency.
Message-ID:  <202310031511.393FB1kn063730@gitrepo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

The branch main has been updated by des:

URL: https://cgit.FreeBSD.org/ports/commit/?id=5b543262eae9ef8330757da6f467b9ff79d61c26

commit 5b543262eae9ef8330757da6f467b9ff79d61c26
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2023-10-03 15:08:55 +0000
Commit:     Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2023-10-03 15:09:30 +0000

    net/measurement-kit: Drop ca_root_nss dependency.
    
    Since this piece of software is no longer maintained, we don't strive
    for elegance but simply hack the configure script to stop requiring a
    trust bundle and the code to use the system trust store instead.
    
    MFH:            2023Q4
    Reviewed by:    egypcio
    Differential Revision:  https://reviews.freebsd.org/D42040
---
 net/measurement-kit/Makefile                       |  2 +-
 net/measurement-kit/files/patch-m4_mk.m4           | 52 ++++++++++++++++++++--
 .../patch-src_libmeasurement__kit_net_libssl.hpp   | 11 +++++
 3 files changed, 61 insertions(+), 4 deletions(-)

diff --git a/net/measurement-kit/Makefile b/net/measurement-kit/Makefile
index a6c31a530242..808f883934eb 100644
--- a/net/measurement-kit/Makefile
+++ b/net/measurement-kit/Makefile
@@ -1,6 +1,7 @@
 PORTNAME=		measurement-kit
 DISTVERSIONPREFIX=	v
 DISTVERSION=		0.10.14
+PORTREVISION=		1
 CATEGORIES=		net devel
 
 MAINTAINER=	egypcio@FreeBSD.org
@@ -13,7 +14,6 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 LIB_DEPENDS=	libcurl.so:ftp/curl \
 		libevent.so:devel/libevent \
 		libmaxminddb.so:net/libmaxminddb
-RUN_DEPENDS=	ca_root_nss>=0:security/ca_root_nss
 
 USES=		autoreconf:build compiler:c++14-lang libtool ssl
 USE_GITHUB=	yes
diff --git a/net/measurement-kit/files/patch-m4_mk.m4 b/net/measurement-kit/files/patch-m4_mk.m4
index 3374b546c2b5..03b408235adc 100644
--- a/net/measurement-kit/files/patch-m4_mk.m4
+++ b/net/measurement-kit/files/patch-m4_mk.m4
@@ -1,6 +1,6 @@
---- m4/mk.m4.orig	2019-05-16 20:09:11 UTC
+--- m4/mk.m4.orig	2021-03-04 14:14:57 UTC
 +++ m4/mk.m4
-@@ -90,8 +90,10 @@ AC_DEFUN([MK_AM_OPENSSL], [
+@@ -99,8 +99,10 @@ AC_DEFUN([MK_AM_OPENSSL], [
                  [SSL toolkit @<:@default=check@:>@])
                ],
                [
@@ -12,4 +12,50 @@
 +		fi
                ],
                [
- 	        if test -d /usr/local/Cellar/openssl; then
+                 if test -d /usr/local/Cellar/openssl@1.1; then
+@@ -252,43 +254,8 @@ dnl
+ dnl Except as contained in this notice, the name of a copyright holder shall not be
+ dnl used in advertising or otherwise to promote the sale, use or other dealings in
+ dnl this Software without prior written authorization of the copyright holder.
+-AC_DEFUN([MK_MAYBE_CA_BUNDLE], [
+-  AC_MSG_CHECKING([CA bundle path])
+-  AC_ARG_WITH([ca-bundle], AC_HELP_STRING([--with-ca-bundle=FILE],
+-               [Path to CA bundle]), [want_ca="$withval"], [want_ca="unset"])
+-  if test "x$want_ca" != "xunset"; then
+-    ca="$want_ca"
+-  else
+-    ca="no"
+-    if test "x$cross_compiling" != "xyes"; then
+-        for a in /etc/ssl/certs/ca-certificates.crt                            \
+-                 /etc/pki/tls/certs/ca-bundle.crt                              \
+-                 /usr/share/ssl/certs/ca-bundle.crt                            \
+-                 /usr/local/share/certs/ca-root.crt                            \
+-                 /etc/ssl/cert.pem                                             \
+-                 /usr/local/etc/openssl/cert.pem; do
+-          if test -f "$a"; then
+-            ca="$a"
+-            break
+-          fi
+-        done
+-    fi
+-  fi
+-  if test "x$ca" != "xno"; then
+-    MK_CA_BUNDLE="$ca"
+-    AC_DEFINE_UNQUOTED(MK_CA_BUNDLE, "$ca", [Location of default ca bundle])
+-    AC_SUBST(MK_CA_BUNDLE)
+-    AC_MSG_RESULT([$ca])
+-  elif test "x$cross_compiling" == "xyes"; then
+-    AC_MSG_RESULT([skipped (cross compiling)])
+-    AC_MSG_WARN([skipped the ca-bundle detection when cross-compiling])
+-    AC_DEFINE_UNQUOTED(MK_CA_BUNDLE, "", [Location of default ca bundle])
+-    AC_SUBST(MK_CA_BUNDLE)
+-  else
+-    AC_MSG_RESULT([no])
+-    AC_MSG_ERROR([you should give a ca-bundle location])
+-  fi
+-])
++AC_DEFINE_UNQUOTED(MK_CA_BUNDLE, "", [Location of default ca bundle])
++AC_SUBST(MK_CA_BUNDLE)
+ 
+ AC_DEFUN([MK_PTHREAD], [
+   AX_PTHREAD
diff --git a/net/measurement-kit/files/patch-src_libmeasurement__kit_net_libssl.hpp b/net/measurement-kit/files/patch-src_libmeasurement__kit_net_libssl.hpp
new file mode 100644
index 000000000000..4e4f47992d35
--- /dev/null
+++ b/net/measurement-kit/files/patch-src_libmeasurement__kit_net_libssl.hpp
@@ -0,0 +1,11 @@
+--- src/libmeasurement_kit/net/libssl.hpp.orig	2021-03-04 14:14:57 UTC
++++ src/libmeasurement_kit/net/libssl.hpp
+@@ -156,7 +156,7 @@ class Context : public NonCopyable, public NonMovable 
+                 SSL_CTX_free(ctx);
+                 return {SslCtxLoadVerifyLocationsError(), {}};
+             }
+-        } else {
++        } else if (!SSL_CTX_set_default_verify_paths(ctx)) {
+             SSL_CTX_free(ctx);
+             return {MissingCaBundlePathError(), {}};
+         }

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202310031511.393FB1kn063730>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact