Re: Again on security/gnutls certificate store
- Reply: Tijl Coosemans : "Re: Again on security/gnutls certificate store"
- In reply to: Tijl Coosemans : "Re: Again on security/gnutls certificate store"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 14 Aug 2022 23:18:36 UTC
Hello. Tijl Coosemans wrote on 2022/08/13 18:51: > Try this patch for p11-kit. If it works you can file a bug against > p11-kit, because I believe ports are supposed to move away from > ca_root_nss. > > --- a/security/p11-kit/Makefile > +++ b/security/p11-kit/Makefile > @@ -25,7 +25,7 @@ MESON_ARGS= -Dbash_completion=enabled \ > -Dlibffi=enabled \ > -Dnls=false \ > -Dtrust_module=enabled \ > - -Dtrust_paths=${LOCALBASE}/share/certs/ca-root-nss.crt > + -Dtrust_paths=/etc/ssl/certs > > OPTIONS_DEFINE= DOCS MANPAGES TEST > OPTIONS_SUB= yes When ./configure --with-trust-paths=/usr/local/share/certs/ca-root-nss.crt:/etc/ssl/certs is used, TRUST_PATHS is defined as "/usr/local/share/certs/ca-root-nss.crt:/etc/ssl/certs" in ${WRKSRC}/config.h. When meson, TRUST_PATHS is defined in ${WRKSRC}/_build/config.h as defined by MESON_ARGS=-Dtrust_paths=${LOCALBASE}/share/certs/ca-root-nss.crt:/etc/ssl/certs. Since these would be the same value, why not just specify multiple paths in meson, separated by a colon? Also, is there something wrong with omitting ca-root-nss.crt filename, since the directories seem to be handled properly? Regards.