summaryrefslogtreecommitdiff
path: root/security/mozilla-rootcerts/files
AgeCommit message (Collapse)AuthorFilesLines
2020-11-27mozilla-rootcerts: Move MESSAGE content into documentationgdt1-0/+11
Drop MESSAGE content pointing out mozilla-rootcerts-openssl that is duplicative with DESCR. Move MESSAGE content about installation for gnupg2 into a documentation file; this is simply normal documentation about how to use an installed package. Mention this documentation in DESCR, so that prospective users get the right sense of what the package can do.
2020-06-02mozilla-rootcerts: Ensure script uses correct SH.jperkin1-2/+2
2020-03-30mozilla-rootcerts: Cope with missing certs dirgdt1-4/+5
While the certs dir should exist, pkg_delete of mozilla-rootcerts-openssl currently removes it, despite it not having been created by the corresponding pkg_add. Instead of failing if the directory does not exist, simply emit a warning and create it.
2017-07-06Regularize path subsitution and use PREFIXgdt1-3/+5
Use PREFIX rather than LOCALBASE. What matters is where this packages prefix is, not anything else. Substitute all paths the same way, assigning to sh variables in one place, alphabetically, and then using them. Sort list of substituted variables alphabetically also, so it's easier to review the code. No functional change for any reasonable configuration. Based on a suggestion by J. Lewis Muir on pkgsrc-users.
2017-06-19Adjust comments around ca-certificates.crtgdt1-4/+5
(Ride earlier PKGREVISION.)
2017-06-19Revert touching of openssl config filegdt1-15/+1
Earlier, code was added to "touch $conffile" to work around openssl issuing a warning if openssl.conf was not present. This is problematic because if the warning is appropriate, 1) we have no way of knowing that an empty config file is correct and 2) we should not silence it. If the warning is buggy, then openssl and/or the base system should be fixed. Further, this code changes the modification date of the config file on every run, even when there is a valid config file. (There was no discussion prior, three objections and no concurrences, and no response, so reverting seems ok.)
2017-06-19Rationalize directory handling around ca-certificates.crtgdt1-8/+8
Now, ca-certificates.crt is always in the main certs dir, because we have been careful about builtin vs pkgsrc paths. So the directory must exist (because it was checked earlier). Instead, check for the ca-certificates.crt file existing. Add more questioning comments. Based on a patch by J. Lewis Muir.
2017-06-19Add comments questioning many thingsgdt1-1/+20
Describe issues with touching the config file and the spurious directory check surrounding ca-certificates.crt.
2017-06-19Substitute path to openssl more thoroughlygdt1-8/+8
This package can depend on builtin openssl or pkgsrc openssl. However, it had paths from the base system hardcoded. Be more thorough about using builtin vs pkgsrc paths. This is a minimal change to use builtin/pkgsrc paths; future commits will note latent issues uncovered in the process. Based on a report to pkgsrc-users by J. Lewis Muir.
2017-03-15Limit broken openssl.cnf handling to NetBSD only after no response fromjperkin1-4/+5
bsiegert@. There's no reason to pollute other operating systems. Bump PKGREVISION.
2017-03-03Create /etc/openssl/openssl.cnf if it does not exist.bsiegert1-1/+5
Otherwise, there is one nonsensical warning on every openssl invocation. I have seen dozens of recipes for NetBSD setups, and each one cargo-cults a "touch openssl.cnf" against that noise. Bump package revision.
2017-02-01Set LC_ALL=C to avoid gawk's output data corruptionyyamano1-3/+4
Fixed PR pkg/51802.
2016-03-03gawk will corrupt the output data stream in multibyte locales,dsainty1-2/+5
so force the locale to "C". Fixes mozilla-rootcerts under Linux.
2015-04-18Add support for -d destdir to the mozilla-rootcerts installer script.dholland1-10/+12
2015-01-27Fix typo in previous.jperkin1-2/+2
2015-01-27Ensure we call the full path to the script. Bump PKGREVISION.jperkin1-2/+2
2014-09-06Improve detection of untrusted certificates. From John D. Bakerwiz1-6/+10
in PR 49176. Bump PKGREVISION.
2013-03-15Add a new subcommand "mozilla-rootcerts install" that unpacks and installsbsiegert1-2/+26
the certificates with a single command. ok gdt, wiz
2011-09-08mozilla has switched to a scheme of explicitly distrusting certificatesdrochner1-1/+15
in its stable branch (ie firefox-6.0.2) too, so deal with this in the mozilla-rootcerts script (this is not great - it depends on syntactic details of the file where it should better use checksums, but the perl script which is distributed with "curl" works the same way), and switch back to the certificate list in CVS HEAD
2010-10-22Update to 20100827. Set LICENSE.wiz1-2/+2
Fix bug reported by Makoto Yamakura in PR 43992.
2009-11-03Simplify awk usage to make it work with nawk, from Matthias Pfaller inwiz1-11/+2
PR 42238. While here, update to latest certificates from mozilla.
2007-09-20Import security/mozilla-rootcerts:jlam1-0/+171
This package provides a script which can be used to extract the root CA certificates distributed by the Mozilla Project into the current working directory and to rehash the existing certificates. The directory can be used by most SSL-aware programs that expect a "CA certificate path".