aboutsummaryrefslogtreecommitdiffstats
path: root/net-im
diff options
context:
space:
mode:
authormarcus <marcus@FreeBSD.org>2010-04-18 04:01:27 +0800
committermarcus <marcus@FreeBSD.org>2010-04-18 04:01:27 +0800
commit1b2a608dc61ae3da7d82ebb254698e9722f26459 (patch)
treebd2dc5b2c7228d7659dc1970a973e87fad790505 /net-im
parent36d65bcf685953755c80a08f3858dbf1d48e6ece (diff)
downloadfreebsd-ports-gnome-1b2a608dc61ae3da7d82ebb254698e9722f26459.tar.gz
freebsd-ports-gnome-1b2a608dc61ae3da7d82ebb254698e9722f26459.tar.zst
freebsd-ports-gnome-1b2a608dc61ae3da7d82ebb254698e9722f26459.zip
Add a proper cipher suite, and point to a valid root cert file. This allows
empathy to connect to encrypted jabber streams.
Diffstat (limited to 'net-im')
-rw-r--r--net-im/loudmouth/Makefile7
-rw-r--r--net-im/loudmouth/files/patch-loudmouth_lm-ssl-gnutls.c28
2 files changed, 34 insertions, 1 deletions
diff --git a/net-im/loudmouth/Makefile b/net-im/loudmouth/Makefile
index 9537c420717f..6d1f6ee0a817 100644
--- a/net-im/loudmouth/Makefile
+++ b/net-im/loudmouth/Makefile
@@ -7,7 +7,7 @@
PORTNAME= loudmouth
PORTVERSION= 1.4.3
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= net-im gnome
MASTER_SITES= http://ftp.imendio.com/pub/imendio/loudmouth/src/ \
GNOME
@@ -32,8 +32,13 @@ OPTIONS= GNUTLS "Enable SSL (via GnuTLS) support" on
.if !defined(WITHOUT_GNUTLS)
LIB_DEPENDS+= gnutls.40:${PORTSDIR}/security/gnutls
+RUN_DEPENDS+= ${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss
.else
CONFIGURE_ARGS+= --without-ssl
.endif
+post-patch:
+ @${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|' \
+ ${WRKSRC}/loudmouth/lm-ssl-gnutls.c
+
.include <bsd.port.post.mk>
diff --git a/net-im/loudmouth/files/patch-loudmouth_lm-ssl-gnutls.c b/net-im/loudmouth/files/patch-loudmouth_lm-ssl-gnutls.c
new file mode 100644
index 000000000000..5a202430c684
--- /dev/null
+++ b/net-im/loudmouth/files/patch-loudmouth_lm-ssl-gnutls.c
@@ -0,0 +1,28 @@
+--- loudmouth/lm-ssl-gnutls.c.orig 2010-04-17 15:56:39.000000000 -0400
++++ loudmouth/lm-ssl-gnutls.c 2010-04-17 15:56:43.000000000 -0400
+@@ -32,7 +32,7 @@
+
+ #include <gnutls/x509.h>
+
+-#define CA_PEM_FILE "/etc/ssl/certs/ca-certificates.crt"
++#define CA_PEM_FILE "%%LOCALBASE%%/share/certs/ca-root-nss.crt"
+
+ struct _LmSSL {
+ LmSSLBase base;
+@@ -200,6 +200,7 @@ _lm_ssl_begin (LmSSL *ssl, gint fd, cons
+ { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
+ const int compression_priority[] =
+ { GNUTLS_COMP_DEFLATE, GNUTLS_COMP_NULL, 0 };
++ gnutls_priority_t priorities_cache;
+
+ gnutls_init (&ssl->gnutls_session, GNUTLS_CLIENT);
+ gnutls_set_default_priority (ssl->gnutls_session);
+@@ -213,6 +214,8 @@ _lm_ssl_begin (LmSSL *ssl, gint fd, cons
+
+ gnutls_transport_set_ptr (ssl->gnutls_session,
+ (gnutls_transport_ptr_t)(glong) fd);
++ gnutls_priority_init (&priorities_cache, "NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:NORMAL:%COMPAT", NULL);
++ gnutls_priority_set (ssl->gnutls_session, priorities_cache);
+
+ ret = gnutls_handshake (ssl->gnutls_session);
+