28a72db5a4
It operates the mozilla-rootcerts installer script in order to allow managing the resulting output openssl certs with the package tools. Since openssl does not support more than one directory of certificates (sheesh) this is an abusive package - it installs directly into the openssl certs directory even though this is a sysconfig directory that should normally only be touched using the config files infrastructure. And, for native openssl, it's in the root /etc outside of $PREFIX. Nonetheless, having this package is better than not having it. Probably at some point this and the mozilla-rootcerts package should be folded together in some fashion; but I didn't want to do that up front, and in particular I didn't want to muck with the installer script in mozilla-rootcerts any more than necessary to make this package possible. This in particular prevented e.g. installing the certs in share/ and symlinking them into the certs directory. As things are, if you already have the certs installed manually you can install this package over them cleanly, and thenceforth not have to update them by hand.
59 lines
1.5 KiB
Makefile
59 lines
1.5 KiB
Makefile
# $NetBSD: Makefile,v 1.1 2015/04/18 20:21:25 dholland Exp $
|
|
|
|
PKGNAME= mozilla-rootcerts-openssl-1
|
|
CATEGORIES= security
|
|
MASTER_SITES= # empty
|
|
DISTFILES= # empty
|
|
|
|
MAINTAINER= dholland@NetBSD.org
|
|
#HOMEPAGE= none
|
|
COMMENT= Wedge for installing and managing mozilla-rootcerts
|
|
LICENSE= modified-bsd
|
|
|
|
USE_TOOLS+= openssl
|
|
WRKSRC= ${WRKDIR}
|
|
BUILD_DIRS= # empty
|
|
|
|
BUILD_DEPENDS+= mozilla-rootcerts>=1.0.20141117nb1:../../security/mozilla-rootcerts
|
|
SCRIPT= ${LOCALBASE}/sbin/mozilla-rootcerts
|
|
|
|
CHECK_BUILTIN.openssl= yes
|
|
.include "../../security/openssl/builtin.mk"
|
|
CHECK_BUILTIN.openssl= no
|
|
|
|
#
|
|
# This package needs to install directly into openssl's certs directory
|
|
# because openssl is dumb and doesn't support multiple cert directories.
|
|
# (Otherwise we'd install under ${PREFIX}/share.)
|
|
#
|
|
# For native openssl this is in /etc outside of ${PREFIX}. Beware.
|
|
#
|
|
.if !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
|
|
PLACE= /etc
|
|
SET_PREFIX= yes
|
|
PLIST_SUBST+= MYETCDIR=etc
|
|
CHECK_FILES_SUPPORTED= no
|
|
NOT_FOR_UNPRIVILEGED= yes
|
|
|
|
.else
|
|
PLACE= ${PKG_SYSCONFDIR}
|
|
SET_PREFIX= no
|
|
PLIST_SUBST+= ${PKG_SYSCONFDIR:S/^${PREFIX}//}
|
|
.endif
|
|
|
|
OPENSSLDIR= ${PLACE}/openssl/certs
|
|
SSLDIR= ${PLACE}/ssl/certs
|
|
|
|
do-install:
|
|
${INSTALL_DATA_DIR} ${DESTDIR}${OPENSSLDIR}
|
|
#${INSTALL_DATA_DIR} ${DESTDIR}${SSLDIR} # must *not* exist
|
|
cd ${WRKSRC} && ${SCRIPT} -d ${DESTDIR} install
|
|
${CHMOD} go+r ${DESTDIR}${OPENSSLDIR}/*.pem
|
|
${CHMOD} go+r ${DESTDIR}${SSLDIR}/*.crt
|
|
|
|
.include "../../mk/bsd.pkg.mk"
|
|
|
|
# This must be after bsd.pkg.mk is included to work.
|
|
.if ${SET_PREFIX} == "yes"
|
|
PREFIX= /
|
|
.endif
|