<pre style='margin:0'>
Christopher Nielsen (mascguy) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/ebd7d20d5b58e2e0445cc8c6f1729f9d5d59ed77">https://github.com/macports/macports-ports/commit/ebd7d20d5b58e2e0445cc8c6f1729f9d5d59ed77</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new ebd7d20d5b5 privoxy: Add updated CAs from apple-pki-bundle, use its utility scripts
</span>ebd7d20d5b5 is described below
<span style='display:block; white-space:pre;color:#808000;'>commit ebd7d20d5b58e2e0445cc8c6f1729f9d5d59ed77
</span>Author: Steven Thomas Smith <s.t.smith@ieee.org>
AuthorDate: Mon Nov 1 21:48:37 2021 -0400
<span style='display:block; white-space:pre;color:#404040;'> privoxy: Add updated CAs from apple-pki-bundle, use its utility scripts
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> * Add updated CAs from apple-pki-bundle
</span><span style='display:block; white-space:pre;color:#404040;'> * Use apple-pki-bundle utility scripts to uniquify trustedCAs.pem
</span><span style='display:block; white-space:pre;color:#404040;'> * Depends on #12757
</span>---
www/privoxy/Portfile | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/www/privoxy/Portfile b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index dc19187f414..8c851310de8 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -6,7 +6,7 @@ PortGroup perl5 1.0
</span>
name privoxy
version 3.0.32
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 2
</span> categories www security net
platforms darwin
license GPL-2
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -248,16 +248,22 @@ variant https_inspection \
</span> xinstall -m 0644 \
${filespath}/openssl.cnf \
${destroot}${tls_ca_dir}
<span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> # cat all trusted PKI bundles to a single file
<span style='display:block; white-space:pre;background:#ffe0e0;'>- set outfile [open ${destroot}${tls_ca_dir}/trustedCAs.pem w]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- foreach f [list \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${prefix}/share/curl/curl-ca-bundle.crt \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${prefix}/share/apple-pki-bundle/apple-pki-bundle.pem] {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- set sourcefile [open ${f} r]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- chan copy ${sourcefile} ${outfile}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- close ${sourcefile}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set outfile [open ${destroot}${tls_ca_dir}/trustedCAs.pem-temp w]
</span> close ${outfile}
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ system -W ${destroot}${tls_ca_dir} \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "${prefix}/share/apple-pki-bundle/bin/pems_that_wont_expire_soon.sh \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${prefix}/share/apple-pki-bundle/apple-pki-bundle.pem \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ >> trustedCAs.pem-temp"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ copy ${destroot}${tls_ca_dir}/trustedCAs.pem-temp \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${tls_ca_dir}/trustedCAs.pem
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ system -W ${destroot}${tls_ca_dir} \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "${prefix}/share/apple-pki-bundle/bin/pems_not_in_pemfile.sh \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${prefix}/share/curl/curl-ca-bundle.crt \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ trustedCAs.pem-temp \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ >> trustedCAs.pem"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ delete ${destroot}${tls_ca_dir}/trustedCAs.pem-temp
</span> }
pre-activate {
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -369,7 +375,7 @@ certificate authority (CA). As sudo:
</span> sf-pwgen --algorithm memorable --count 2 --length 24 2>/dev/null \\
| paste -s -d -- '-' 1> private/passphrase.txt
chmod go-rwx private/passphrase.txt
<span style='display:block; white-space:pre;background:#ffe0e0;'>- # avoid passphrases with '#' as the passhrpase is set in config
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # avoid passphrases with '#' as the passphrase is set in config
</span>
# private key (EC)
openssl genpkey -out private/ca.key.pem -algorithm EC \\
</pre><pre style='margin:0'>
</pre>