Date: Fri, 5 Feb 2010 16:43:15 GMT From: Kevin Kobb <kkobb@skylinecorp.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/143584: [PATCH] security/ca_root_nss: Incorrect file name / version info. Message-ID: <201002051643.o15GhF1B026233@www.freebsd.org> Resent-Message-ID: <201002051650.o15Go1fU007591@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 143584
>Category: ports
>Synopsis: [PATCH] security/ca_root_nss: Incorrect file name / version info.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Fri Feb 05 16:50:01 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Kevin Kobb
>Release: FreeBSD 7.2-RELEASE-p6 i386
>Organization:
>Environment:
FreeBSD mail.skylinecorp.com 7.2-RELEASE-p6 FreeBSD 7.2-RELEASE-p6 #0: Thu Feb 4 12:46:40 EST 2010 root@mail.skylinecorp.com:/usr/obj/usr/src/sys/VBOX i386
>Description:
When you build the port the created cert bundle text indicates the name ca-bundle.crt when it is actually called ca-root-nss.crt. The cert bundle also does not contain the correct version info as the text %%VERSION_NSS%% never gets replaced.
>How-To-Repeat:
Install port and check the ca-root-nss.crt file that is created.
>Fix:
Patch attached.
Patch attached with submission follows:
--- Makefile.orig 2009-12-29 14:26:52.000000000 -0500
+++ Makefile 2010-02-05 11:25:04.000000000 -0500
@@ -7,6 +7,7 @@
PORTNAME= ca_root_nss
PORTVERSION= ${VERSION_NSS}
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_MOZILLA} \
${MASTER_SITES_MODSSL:S/$/:mod_ssl/}
@@ -58,6 +59,10 @@
@${RM} -rf ${WRKDIR}/mod_ssl-${VERSION_MODSSL}-${VERSION_APACHE} \
${WRKDIR}/nss-${VERSION_NSS}
+post-patch:
+ @${PERL} -pi -e 's,%%VERSION_NSS%%,${VERSION_NSS},g;' \
+ ${WRKDIR}/ca-bundle.pl
+
do-build:
@${PERL} ${WRKDIR}/ca-bundle.pl < ${WRKDIR}/certdata.txt > \
${WRKDIR}/ca-root-nss.crt
--- files/patch-ca-bundle.pl.orig 2007-07-06 17:37:35.000000000 -0400
+++ files/patch-ca-bundle.pl 2010-02-05 11:26:08.000000000 -0500
@@ -1,9 +1,9 @@
-
-$FreeBSD: ports/security/ca_root_nss/files/patch-ca-bundle.pl,v 1.1 2007/07/06 21:37:35 brooks Exp $
-
---- ca-bundle.pl.orig
-+++ ca-bundle.pl
-@@ -3,30 +3,18 @@
+--- ca-bundle.pl.orig 2010-02-05 10:08:58.000000000 -0500
++++ ca-bundle.pl 2010-02-05 10:13:35.000000000 -0500
+@@ -1,32 +1,20 @@
+ ##
+-## ca-bundle.pl -- Regenerate ca-bundle.crt from the Mozilla certdata.txt
++## ca-bundle.pl -- Regenerate ca-root-nss.crt from the Mozilla certdata.txt
##
# configuration
@@ -14,7 +14,8 @@
-$date =~ s/\n$//s;
print <<EOH;
##
- ## ca-bundle.crt -- Bundle of CA Root Certificates
+-## ca-bundle.crt -- Bundle of CA Root Certificates
++## ca-root-nss.crt -- Bundle of CA Root Certificates
##
## This is a bundle of X.509 certificates of public Certificate
## Authorities (CA). These were automatically extracted from Mozilla's
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201002051643.o15GhF1B026233>