ports/166561: [patch] ports-mgmt/portaudit should be able to use ports openssl(1)

Eugene Grosbein eugen at grosbein.pp.ru
Sun Apr 1 18:40:13 UTC 2012 

>Number:         166561
>Category:       ports
>Synopsis:       [patch] ports-mgmt/portaudit should be able to use ports openssl(1)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 01 18:40:12 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Eugene Grosbein
>Release:        FreeBSD 8.3-PRERELEASE amd64
>Organization:
RDTC JSC 
>Environment:
System: FreeBSD grosbein.pp.ru 8.3-PRERELEASE FreeBSD 8.3-PRERELEASE #19: Tue Mar 20 03:24:04 NOVT 2012 root at grosbein.pp.ru:/usr/local/obj/usr/local/src/sys/DADV amd64

>Description:
	Sometimes, one may install openssl from ports without overwriting
	base system stock openssl.

	portaudit should have an option to make it use /usr/local/bin/openssl
	instead of /usr/bin/openssl. Let it recognise new option named
	"portaudit_openssl" in its /usr/local/etc/portaudit.conf
	and use provided openssl(1) path.

>How-To-Repeat:

	N/A
>Fix:

diff -urN portaudit.orig/files/portaudit-cmd.sh portaudit/files/portaudit-cmd.sh
--- portaudit.orig/files/portaudit-cmd.sh	2012-04-02 00:09:31.000000000 +0700
+++ portaudit/files/portaudit-cmd.sh	2012-04-02 01:25:56.000000000 +0700
@@ -52,6 +52,7 @@
 	: ${portaudit_pubkey:="%%PREFIX%%/etc/portaudit.pubkey"}
 
 	: ${portaudit_fixed=""}
+	: ${portaudit_openssl:="/usr/bin/openssl"}
 }
 
 extract_auditfile_raw()
@@ -78,10 +79,10 @@
 	local TMPFILE=`mktemp -t portaudit`
 
 	extract_auditfile_raw | egrep "^#SIGNATURE: " | sed "s/^#SIGNATURE: //g" \
-		| openssl enc -d -a >$TMPFILE
+		| $portaudit_openssl enc -d -a >$TMPFILE
 	signatureresult=`extract_auditfile_raw | egrep -v "^#SIGNATURE: " \
 	    | egrep -v "^#CHECKSUM: " \
-	    | openssl dgst -sha256 -verify ${portaudit_pubkey} -signature $TMPFILE`
+	    | $portaudit_openssl dgst -sha256 -verify ${portaudit_pubkey} -signature $TMPFILE`
 	if [ -n "$TMPFILE" ]; then
 		rm "$TMPFILE"
 	fi


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list