diff --git a/srcpkgs/libtls/patches/fix-cert-perm.patch b/srcpkgs/libtls/patches/fix-cert-perm.patch new file mode 100644 index 00000000000..338d2586371 --- /dev/null +++ b/srcpkgs/libtls/patches/fix-cert-perm.patch @@ -0,0 +1,29 @@ +Index: libressl-3.2.4/apps/nc/nc.1 +=================================================================== +--- libressl-3.2.4.orig/apps/nc/nc.1 ++++ libressl-3.2.4/apps/nc/nc.1 +@@ -219,7 +219,7 @@ Cannot be used together with + Load the root CA bundle for TLS certificate verification from + .Ar CAfile , + in PEM format, instead of +-.Pa /etc/ssl/cert.pem . ++.Pa /etc/ssl/certs.pem . + Requires + .Fl c . + .It Fl r +Index: libressl-3.2.4/tls/Makefile.am +=================================================================== +--- libressl-3.2.4.orig/tls/Makefile.am ++++ libressl-3.2.4/tls/Makefile.am +@@ -18,9 +18,9 @@ libtls_la_LIBADD += $(PLATFORM_LDADD) + + libtls_la_CPPFLAGS = $(AM_CPPFLAGS) + if OPENSSLDIR_DEFINED +-libtls_la_CPPFLAGS += -DTLS_DEFAULT_CA_FILE=\"@OPENSSLDIR@/cert.pem\" ++libtls_la_CPPFLAGS += -DTLS_DEFAULT_CA_FILE=\"@OPENSSLDIR@/certs.pem\" + else +-libtls_la_CPPFLAGS += -DTLS_DEFAULT_CA_FILE=\"$(sysconfdir)/ssl/cert.pem\" ++libtls_la_CPPFLAGS += -DTLS_DEFAULT_CA_FILE=\"$(sysconfdir)/ssl/certs.pem\" + endif + + libtls_la_SOURCES = tls.c diff --git a/srcpkgs/libtls/template b/srcpkgs/libtls/template index cd46d748bb0..a163b69eee9 100644 --- a/srcpkgs/libtls/template +++ b/srcpkgs/libtls/template @@ -1,7 +1,7 @@ # Template file for 'libtls' pkgname=libtls version=3.2.5 -revision=1 +revision=2 wrksrc="libressl-${version}" build_style=gnu-configure configure_args="$(vopt_enable asm)" @@ -21,6 +21,7 @@ build_options="asm" desc_option_asm="Use platform assembly for faster crypto" build_options_default="asm" +patch_args=-Np1 if [ "$build_option_asm" ]; then distfiles+=" https://github.com/q66/libressl-portable-asm/archive/v${_lssl_asm_ver}.tar.gz" @@ -49,11 +50,6 @@ pre_configure() { do_install() { make -C tls install DESTDIR="$DESTDIR" make -C apps/nc install DESTDIR="$DESTDIR" - # libtls expects certs linked to /etc/ssl/cert.pem - # instead of OpenSSL's /etc/ssl/certs.pem - # Create a symlink for now while awaiting discussion. - vmkdir etc/ssl - ln -s certs.pem ${DESTDIR}/etc/ssl/cert.pem vlicense COPYING if [ "$build_option_asm" ]; then vlicense libressl-portable-asm-${_lssl_asm_ver}/LICENSE.cryptogams