net/measurement-kit: Drop ca_root_nss dependency.

Since this piece of software is no longer maintained, we don't strive
for elegance but simply hack the configure script to stop requiring a
trust bundle and the code to use the system trust store instead.

MFH:		2023Q4
Reviewed by:	egypcio
Differential Revision:	https://reviews.freebsd.org/D42040

net/measurement-kit/Makefile

@@ -1,6 +1,7 @@
 PORTNAME=		measurement-kit
 DISTVERSIONPREFIX=	v
 DISTVERSION=		0.10.14
+PORTREVISION=		1
 CATEGORIES=		net devel
 
 MAINTAINER=	egypcio@FreeBSD.org
@@ -13,7 +14,6 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 LIB_DEPENDS=	libcurl.so:ftp/curl \
 		libevent.so:devel/libevent \
 		libmaxminddb.so:net/libmaxminddb
-RUN_DEPENDS=	ca_root_nss>=0:security/ca_root_nss
 
 USES=		autoreconf:build compiler:c++14-lang libtool ssl
 USE_GITHUB=	yes

net/measurement-kit/files/patch-m4_mk.m4

@@ -1,6 +1,6 @@
---- m4/mk.m4.orig	2019-05-16 20:09:11 UTC
+--- m4/mk.m4.orig	2021-03-04 14:14:57 UTC
 +++ m4/mk.m4
-@@ -90,8 +90,10 @@ AC_DEFUN([MK_AM_OPENSSL], [
+@@ -99,8 +99,10 @@ AC_DEFUN([MK_AM_OPENSSL], [
                  [SSL toolkit @<:@default=check@:>@])
                ],
                [
@@ -12,4 +12,50 @@
 +		fi
                ],
                [
- 	        if test -d /usr/local/Cellar/openssl; then
+                 if test -d /usr/local/Cellar/openssl@1.1; then
+@@ -252,43 +254,8 @@ dnl
+ dnl Except as contained in this notice, the name of a copyright holder shall not be
+ dnl used in advertising or otherwise to promote the sale, use or other dealings in
+ dnl this Software without prior written authorization of the copyright holder.
+-AC_DEFUN([MK_MAYBE_CA_BUNDLE], [
+-  AC_MSG_CHECKING([CA bundle path])
+-  AC_ARG_WITH([ca-bundle], AC_HELP_STRING([--with-ca-bundle=FILE],
+-               [Path to CA bundle]), [want_ca="$withval"], [want_ca="unset"])
+-  if test "x$want_ca" != "xunset"; then
+-    ca="$want_ca"
+-  else
+-    ca="no"
+-    if test "x$cross_compiling" != "xyes"; then
+-        for a in /etc/ssl/certs/ca-certificates.crt                            \
+-                 /etc/pki/tls/certs/ca-bundle.crt                              \
+-                 /usr/share/ssl/certs/ca-bundle.crt                            \
+-                 /usr/local/share/certs/ca-root.crt                            \
+-                 /etc/ssl/cert.pem                                             \
+-                 /usr/local/etc/openssl/cert.pem; do
+-          if test -f "$a"; then
+-            ca="$a"
+-            break
+-          fi
+-        done
+-    fi
+-  fi
+-  if test "x$ca" != "xno"; then
+-    MK_CA_BUNDLE="$ca"
+-    AC_DEFINE_UNQUOTED(MK_CA_BUNDLE, "$ca", [Location of default ca bundle])
+-    AC_SUBST(MK_CA_BUNDLE)
+-    AC_MSG_RESULT([$ca])
+-  elif test "x$cross_compiling" == "xyes"; then
+-    AC_MSG_RESULT([skipped (cross compiling)])
+-    AC_MSG_WARN([skipped the ca-bundle detection when cross-compiling])
+-    AC_DEFINE_UNQUOTED(MK_CA_BUNDLE, "", [Location of default ca bundle])
+-    AC_SUBST(MK_CA_BUNDLE)
+-  else
+-    AC_MSG_RESULT([no])
+-    AC_MSG_ERROR([you should give a ca-bundle location])
+-  fi
+-])
++AC_DEFINE_UNQUOTED(MK_CA_BUNDLE, "", [Location of default ca bundle])
++AC_SUBST(MK_CA_BUNDLE)
+ 
+ AC_DEFUN([MK_PTHREAD], [
+   AX_PTHREAD

net/measurement-kit/files/patch-src_libmeasurement__kit_net_libssl.hpp

@@ -0,0 +1,11 @@
+--- src/libmeasurement_kit/net/libssl.hpp.orig	2021-03-04 14:14:57 UTC
++++ src/libmeasurement_kit/net/libssl.hpp
+@@ -156,7 +156,7 @@ class Context : public NonCopyable, public NonMovable 
+                 SSL_CTX_free(ctx);
+                 return {SslCtxLoadVerifyLocationsError(), {}};
+             }
+-        } else {
++        } else if (!SSL_CTX_set_default_verify_paths(ctx)) {
+             SSL_CTX_free(ctx);
+             return {MissingCaBundlePathError(), {}};
+         }