git: 9ddf7a912155 - main - devel/uv: Make the selected TLS provider use the system default truststore

Reply: Adam Weinberger : "Re: git: 9ddf7a912155 - main - devel/uv: Make the selected TLS provider use the system default truststore"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Yuri Victorovich <yuri_at_FreeBSD.org>
Date: Mon, 03 Nov 2025 08:28:44 UTC

The branch main has been updated by yuri:

URL: https://cgit.FreeBSD.org/ports/commit/?id=9ddf7a9121551186f4673f756905dae2f58589c3

commit 9ddf7a9121551186f4673f756905dae2f58589c3
Author:     Michael Osipov <michaelo@FreeBSD.org>
AuthorDate: 2025-11-03 08:25:19 +0000
Commit:     Yuri Victorovich <yuri@FreeBSD.org>
CommitDate: 2025-11-03 08:28:36 +0000

    devel/uv: Make the selected TLS provider use the system default truststore
    
    Differential Revision:  https://reviews.freebsd.org/D53490
---
 devel/uv/Makefile                                  |  1 +
 ...tch-cargo-crates_openssl-probe-0.1.6_src_lib.rs | 50 ++++++++++++++++++++++
 2 files changed, 51 insertions(+)

diff --git a/devel/uv/Makefile b/devel/uv/Makefile
index 9d00841e4646..1647f3bc6d14 100644
--- a/devel/uv/Makefile
+++ b/devel/uv/Makefile
@@ -1,5 +1,6 @@
 PORTNAME=	uv
 DISTVERSION=	0.9.6
+PORTREVISION=	1
 CATEGORIES=	devel
 
 MAINTAINER=	yuri@FreeBSD.org
diff --git a/devel/uv/files/patch-cargo-crates_openssl-probe-0.1.6_src_lib.rs b/devel/uv/files/patch-cargo-crates_openssl-probe-0.1.6_src_lib.rs
new file mode 100644
index 000000000000..e51f27bc248a
--- /dev/null
+++ b/devel/uv/files/patch-cargo-crates_openssl-probe-0.1.6_src_lib.rs
@@ -0,0 +1,50 @@
+--- cargo-crates/openssl-probe-0.1.6/src/lib.rs
++++ cargo-crates/openssl-probe-0.1.6/src/lib.rs
+@@ -26,6 +26,7 @@ pub fn find_certs_dirs() -> Vec<PathBuf> {
+ /// found.
+ ///
+ /// This will only search known system locations.
++#[cfg(not(target_os = "freebsd"))]
+ pub fn candidate_cert_dirs() -> impl Iterator<Item = &'static Path> {
+     // see http://gagravarr.org/writing/openssl-certs/others.shtml
+     [
+@@ -52,6 +53,19 @@ pub fn candidate_cert_dirs() -> impl Iterator<Item = &'static Path> {
+     .map(Path::new)
+     .filter(|p| p.exists())
+ }
++#[cfg(target_os = "freebsd")]
++pub fn candidate_cert_dirs() -> impl Iterator<Item = &'static Path> {
++    // see manpage of certctl(8): https://man.freebsd.org/cgi/man.cgi?query=certctl&sektion=8
++    // see security/openssl* ports
++    [
++        "/etc/ssl",
++        "/usr/local/etc/ssl",
++        "/usr/local/openssl",
++    ]
++    .iter()
++    .map(Path::new)
++    .filter(|p| p.exists())
++}
+ 
+ /// Deprecated as this isn't sound, use [`init_openssl_env_vars`] instead.
+ #[doc(hidden)]
+@@ -169,6 +183,7 @@ pub fn probe() -> ProbeResult {
+     for certs_dir in candidate_cert_dirs() {
+         // cert.pem looks to be an openssl 1.0.1 thing, while
+         // certs/ca-certificates.crt appears to be a 0.9.8 thing
++        #[cfg(not(target_os = "freebsd"))]
+         let cert_filenames = [
+             "cert.pem",
+             "certs.pem",
+@@ -181,6 +196,11 @@ pub fn probe() -> ProbeResult {
+             "CARootCertificates.pem",
+             "tls-ca-bundle.pem",
+         ];
++        #[cfg(target_os = "freebsd")]
++        let cert_filenames = [
++            "cert.pem",
++            "ca-root-nss.crt",
++        ];
+         if result.cert_file.is_none() {
+             result.cert_file = cert_filenames
+                 .iter()