ports/149368: [patch] ftp/curl: Make Run Dependency on security/ca_root_nss Optional

Gabor PALI pgj at FreeBSD.org
Fri Aug 6 16:00:12 UTC 2010


>Number:         149368
>Category:       ports
>Synopsis:       [patch] ftp/curl: Make Run Dependency on security/ca_root_nss Optional
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Aug 06 16:00:08 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Gabor PALI
>Release:        N/A
>Organization:
The FreeBSD Project
>Environment:
N/A
>Description:
Mandatory run dependency on security/ca_root_nss is not required, since it is used only when OpenSSL support is present.  Based on the configure script of curl, CA bundle might be optional even when OpenSSL is supported.  Adding this further optionality helps to avoid spamming of user's security certificates installed already on the system.

>How-To-Repeat:
N/A
>Fix:
Apply the attached patch.

Patch attached with submission follows:

diff --git a/ftp/curl/Makefile b/ftp/curl/Makefile
index 20f54ac..9e32c26 100644
--- a/ftp/curl/Makefile
+++ b/ftp/curl/Makefile
@@ -17,8 +17,6 @@ MASTER_SITE_SUBDIR=	curl
 MAINTAINER=	roam at FreeBSD.org
 COMMENT=	Non-interactive tool to get files from FTP, GOPHER, HTTP(S) servers
 
-RUN_DEPENDS=	${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss
-
 LICENSE=	MIT
 
 PATCH_STRIP=	-p1
@@ -69,6 +67,7 @@ OPTIONS=	CARES "Asynchronous DNS resolution via c-ares" off \
 		LIBSSH2 "SCP/SFTP support via libssh2" off \
 		NTLM "NTLM authentication" off \
 		OPENSSL "OpenSSL support" on \
+		CA_BUNDLE "Install CA bundle for OpenSSL" on \
 		PROXY "Proxy support" on \
 		TRACKMEMORY "Enable curl memory diagnostic output" off
 
@@ -98,10 +97,16 @@ IGNORE=			only supports LDAPS with SSL (OpenSSL or GNUTLS)
 
 .if !defined(WITHOUT_OPENSSL)
 .include "${PORTSDIR}/Mk/bsd.openssl.mk"
-CONFIGURE_ARGS+=	--with-ssl=${OPENSSLBASE} \
-			--with-ca-bundle=${LOCALBASE}/share/certs/ca-root-nss.crt
+CONFIGURE_ARGS+=	--with-ssl=${OPENSSLBASE}
+.if !defined(WITHOUT_CA_BUNDLE)
+RUN_DEPENDS+=	${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss
+CONFIGURE_ARGS+=	--with-ca-bundle=${LOCALBASE}/share/certs/ca-root-nss.crt
+.endif
 .else
 CONFIGURE_ARGS+=	--without-ssl
+.if defined(WITH_CA_BUNDLE)
+IGNORE=			only supports CA bundle with OpenSSL
+.endif
 .endif
 
 .if defined(WITH_CARES)


>Release-Note:
>Audit-Trail:
>Unformatted:



More information about the freebsd-ports-bugs mailing list