diff options
| -rw-r--r-- | security/Makefile | 1 | ||||
| -rw-r--r-- | security/ca_root_nss/Makefile | 58 | ||||
| -rw-r--r-- | security/ca_root_nss/distinfo | 6 | ||||
| -rw-r--r-- | security/ca_root_nss/files/patch-ca-bundle.pl | 39 | ||||
| -rw-r--r-- | security/ca_root_nss/pkg-descr | 2 |
5 files changed, 106 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile index 2fb745f6342a..a7b376ef7d95 100644 --- a/security/Makefile +++ b/security/Makefile @@ -53,6 +53,7 @@ SUBDIR += bubblegum SUBDIR += bugs SUBDIR += ca-roots + SUBDIR += ca_root_nss SUBDIR += calife SUBDIR += calife-devel SUBDIR += ccrypt diff --git a/security/ca_root_nss/Makefile b/security/ca_root_nss/Makefile new file mode 100644 index 000000000000..bc427aaff2a3 --- /dev/null +++ b/security/ca_root_nss/Makefile @@ -0,0 +1,58 @@ +# New ports collection makefile for: ca-root-nss +# Date created: Thu Jan 25 13:02:14 CST 2007 +# Whom: Brooks Davis <brooks@FreeBSD.org> +# +# $FreeBSD$ +# + +PORTNAME= ca_root_nss +PORTVERSION= ${VERSION_NSS} +CATEGORIES= security +MASTER_SITES= ${MASTER_SITE_MOZILLA} \ + ${MASTER_SITES_MODSSL:S/$/:mod_ssl/} +MASTER_SITE_SUBDIR= security/nss/releases/NSS_${PORTVERSION:S/./_/g}_RTM/src +DISTFILES= ${NSS_FILE} ${MODSSL_FILE}:mod_ssl + +MAINTAINER= brooks@FreeBSD.org +COMMENT= The root certificate bundle from the Mozilla Project + +USE_PERL5_BUILD= yes +NO_WRKSUBDIR= yes + +CERTDIR?= share/certs +PLIST_DIRS= ${CERTDIR} +PLIST_FILES= ${CERTDIR}/ca-root-nss.crt + +VERSION_NSS= 3.11.5 +VERSION_APACHE= 1.3.37 +VERSION_MODSSL= 2.8.28 +MASTER_SITES_MODSSL= http://www.modssl.org/source/ \ + ftp://ftp.modssl.org/source/ \ + ftp://ftp.blatzheim.com/pub/mod_ssl/ \ + ftp://ftp.fu-berlin.de/unix/security/mod_ssl/ \ + ${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/mod_ssl/source,} +MODSSL_FILE= mod_ssl-${VERSION_MODSSL}-${VERSION_APACHE}${EXTRACT_SUFX} +NSS_FILE= nss-${VERSION_NSS}${EXTRACT_SUFX} +CERTDATA_TXT_PATH= nss-${VERSION_NSS}/mozilla/security/nss/lib/ckfw/builtins/certdata.txt +CA_BUNDLE_PL_PATH= mod_ssl-${VERSION_MODSSL}-${VERSION_APACHE}/pkg.sslcfg/ca-bundle.pl + +do-extract: + @${MKDIR} ${WRKDIR} + @${TAR} -C ${WRKDIR} -xf ${DISTDIR}/${MODSSL_FILE} \ + ${CA_BUNDLE_PL_PATH} + @${TAR} -C ${WRKDIR} -xf ${DISTDIR}/nss-${VERSION_NSS}${EXTRACT_SUFX} \ + ${CERTDATA_TXT_PATH} + @${CP} ${WRKDIR}/${CA_BUNDLE_PL_PATH} ${WRKDIR} + @${CP} ${WRKDIR}/${CERTDATA_TXT_PATH} ${WRKDIR} + @${RM} -rf ${WRKDIR}/mod_ssl-${VERSION_MODSSL}-${VERSION_APACHE} \ + ${WRKDIR}/nss-${VERSION_NSS} + +do-build: + @${PERL} ${WRKDIR}/ca-bundle.pl < ${WRKDIR}/certdata.txt > \ + ${WRKDIR}/ca-root-nss.crt + +do-install: + ${MKDIR} ${PREFIX}/${CERTDIR} + ${INSTALL_DATA} ${WRKDIR}/ca-root-nss.crt ${PREFIX}/${CERTDIR} + +.include <bsd.port.mk> diff --git a/security/ca_root_nss/distinfo b/security/ca_root_nss/distinfo new file mode 100644 index 000000000000..5cbeee224bdf --- /dev/null +++ b/security/ca_root_nss/distinfo @@ -0,0 +1,6 @@ +MD5 (nss-3.11.5.tar.gz) = 1add44e6a41dbf5091cfd000f19ad6b9 +SHA256 (nss-3.11.5.tar.gz) = ea3876f5aea92231228130b451479a7fda94436d7c328f0fe1c07ea6f8fc9a40 +SIZE (nss-3.11.5.tar.gz) = 3696893 +MD5 (mod_ssl-2.8.28-1.3.37.tar.gz) = 5e9486a86fcd4efef395f58fd795aaea +SHA256 (mod_ssl-2.8.28-1.3.37.tar.gz) = 76437105b5b5593a7dbd8ee45af417233897dcaf910cbc337a68b0db24e35489 +SIZE (mod_ssl-2.8.28-1.3.37.tar.gz) = 820417 diff --git a/security/ca_root_nss/files/patch-ca-bundle.pl b/security/ca_root_nss/files/patch-ca-bundle.pl new file mode 100644 index 000000000000..b1341d874de9 --- /dev/null +++ b/security/ca_root_nss/files/patch-ca-bundle.pl @@ -0,0 +1,39 @@ + +$FreeBSD$ + +--- ca-bundle.pl.orig ++++ ca-bundle.pl +@@ -3,30 +3,18 @@ + ## + + # configuration +-my $cvsroot = ':pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot'; +-my $certdata = 'mozilla/security/nss/lib/ckfw/builtins/certdata.txt'; +- +-my $date = `date`; +-$date =~ s/\n$//s; + print <<EOH; + ## + ## ca-bundle.crt -- Bundle of CA Root Certificates + ## + ## This is a bundle of X.509 certificates of public Certificate + ## Authorities (CA). These were automatically extracted from Mozilla's +-## root CA list (the file `certdata.txt'). It contains the certificates +-## in both plain text and PEM format and therefore can be directly used +-## with an Apache/mod_ssl webserver for SSL client authentication. Just +-## configure this file as the SSLCACertificateFile. +-## +-## (SKIPME) ++## root CA list (the file `certdata.txt'). + ## +-## Last Modified: $date ++## Extracted from nss-%%VERSION_NSS%% + EOH +-open(IN, "cvs -d $cvsroot co -p $certdata|") +- || die "could not check out certdata.txt"; + my $incert = 0; +-while (<IN>) { ++while (<STDIN>) { + if (/^CKA_VALUE MULTILINE_OCTAL/) { + $incert = 1; + open(OUT, "|openssl x509 -text -inform DER -fingerprint") diff --git a/security/ca_root_nss/pkg-descr b/security/ca_root_nss/pkg-descr new file mode 100644 index 000000000000..b835104f5911 --- /dev/null +++ b/security/ca_root_nss/pkg-descr @@ -0,0 +1,2 @@ +Root certificates from certificate authorities included in the Mozilla +NSS library and thus in Firefox and Thunderbird. |