Date: Tue, 28 Jan 2020 03:02:18 +0000 (UTC) From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r357193 - head/secure/caroot/blacklisted Message-ID: <202001280302.00S32IdW059564@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kevans Date: Tue Jan 28 03:02:18 2020 New Revision: 357193 URL: https://svnweb.freebsd.org/changeset/base/357193 Log: caroot: blacklisted: automatically pick up *.pem in the tree This kind of automagica got picked up in trusted/ prior to the initial commit, but never got applied over in blacklisted. Ideally no one will be using blacklisted/ to store arbitrary certs that they don't intend to blacklist, so we should just install anything that's in here rather than force consumer to first copy cert into place and then modify the file listing in the Makefile. Wise man once say: "it is better to restrict too much, than not enough. sometimes." Modified: head/secure/caroot/blacklisted/Makefile Modified: head/secure/caroot/blacklisted/Makefile ============================================================================== --- head/secure/caroot/blacklisted/Makefile Tue Jan 28 02:58:39 2020 (r357192) +++ head/secure/caroot/blacklisted/Makefile Tue Jan 28 03:02:18 2020 (r357193) @@ -2,6 +2,8 @@ BINDIR= /usr/share/certs/blacklisted -FILES= +BLACKLISTED_CERTS!= ls ${.CURDIR}/*.pem 2> /dev/null || true + +FILES+= ${BLACKLISTED_CERTS} .include <bsd.prog.mk>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202001280302.00S32IdW059564>