Skip to content

Commit

Permalink
ftp/curl: Always use the default trust store instead of ca_root_nss.
Browse files Browse the repository at this point in the history 
MFH:		2023Q4
Reviewed by:	sunpoet
Differential Revision:	https://reviews.freebsd.org/D42039
  • Loading branch information
@dag-erling
dag-erling committed Oct 8, 2023
1 parent aff9c1b commit 4881ece
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions ftp/curl/Makefile
View file
@@ -1,5 +1,6 @@
PORTNAME= curl
PORTVERSION= 8.3.0
PORTREVISION= 1
CATEGORIES= ftp net www
MASTER_SITES= https://curl.se/download/ \
https://github.com/curl/curl/releases/download/curl-${PORTVERSION:S|.|_|g}/
Expand All @@ -25,6 +26,8 @@ CONFIGURE_ARGS= --disable-werror \
--enable-netrc \
--enable-openssl-auto-load-config \
--enable-progress-meter \
--without-ca-bundle \
--without-ca-path \
--with-fish-functions-dir=${LOCALBASE}/share/fish/completions \
--with-zsh-functions-dir=${LOCALBASE}/share/zsh/site-functions
CONFIGURE_ENV= LOCALBASE=${LOCALBASE} \
Expand All @@ -38,18 +41,17 @@ CPE_VENDOR= haxx

SHEBANG_FILES= */*.pl

OPTIONS_DEFINE= ALTSVC BROTLI CA_BUNDLE COOKIES CURL_DEBUG DEBUG DOCS EXAMPLES IDN IPV6 NTLM PROXY PSL STATIC TLS_SRP ZSTD
OPTIONS_DEFINE= ALTSVC BROTLI COOKIES CURL_DEBUG DEBUG DOCS EXAMPLES IDN IPV6 NTLM PROXY PSL STATIC TLS_SRP ZSTD
OPTIONS_GROUP= PROTOCOL
OPTIONS_RADIO= SSL
OPTIONS_SINGLE= GSSAPI RESOLV
OPTIONS_GROUP_PROTOCOL= DICT FTP GOPHER HTTP HTTP2 IMAP LDAP LDAPS LIBSSH LIBSSH2 MQTT POP3 RTMP RTSP SMB SMTP TELNET TFTP WEBSOCKET
OPTIONS_RADIO_SSL= GNUTLS OPENSSL WOLFSSL
OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
OPTIONS_SINGLE_RESOLV= CARES THREADED_RESOLVER
OPTIONS_DEFAULT=ALTSVC CA_BUNDLE COOKIES GSSAPI_${${SSL_DEFAULT} == base :?BASE :NONE} DICT FTP GOPHER HTTP HTTP2 IMAP LIBSSH2 NTLM OPENSSL POP3 PROXY PSL RTSP SMTP STATIC TELNET TFTP THREADED_RESOLVER TLS_SRP
OPTIONS_DEFAULT=ALTSVC COOKIES GSSAPI_${${SSL_DEFAULT} == base :?BASE :NONE} DICT FTP GOPHER HTTP HTTP2 IMAP LIBSSH2 NTLM OPENSSL POP3 PROXY PSL RTSP SMTP STATIC TELNET TFTP THREADED_RESOLVER TLS_SRP
OPTIONS_SUB= yes
ALTSVC_DESC= HTTP Alternative Services support
CA_BUNDLE_DESC= Enable CA bundle for OpenSSL/GnuTLS
COOKIES_DESC= Cookies support
CURL_DEBUG_DESC=cURL debug memory tracking
DICT_DESC= DICT (RFC 2229) support
Expand All @@ -76,8 +78,6 @@ WEBSOCKET_DESC= WebSocket support (experimental)
ALTSVC_CONFIGURE_ENABLE=alt-svc
BROTLI_CONFIGURE_WITH= brotli
BROTLI_LIB_DEPENDS= libbrotlidec.so:archivers/brotli
CA_BUNDLE_CONFIGURE_WITH= ca-bundle=${LOCALBASE}/share/certs/ca-root-nss.crt
CA_BUNDLE_RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
CARES_CONFIGURE_ENABLE= ares
CARES_LIB_DEPENDS= libcares.so:dns/c-ares
CARES_USES= pkgconfig
Expand Down Expand Up @@ -150,7 +150,7 @@ ZSTD_LIB_DEPENDS= libzstd.so:archivers/zstd

.include <bsd.port.pre.mk>

.if !${PORT_OPTIONS:MCA_BUNDLE} && (${PORT_OPTIONS:MGNUTLS} || ${PORT_OPTIONS:MOPENSSL})
.if ${PORT_OPTIONS:MGNUTLS} || ${PORT_OPTIONS:MOPENSSL}
CONFIGURE_ARGS+=--with-ca-fallback
.endif

Expand Down

0 comments on commit 4881ece

Please sign in to comment.