<pre style='margin:0'>
Christopher Nielsen (mascguy) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/10a6e0a3f40b398778889504f05432d884283529">https://github.com/macports/macports-ports/commit/10a6e0a3f40b398778889504f05432d884283529</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new 10a6e0a3f40 privoxy: Add user_pki_bundle variant
</span>10a6e0a3f40 is described below
<span style='display:block; white-space:pre;color:#808000;'>commit 10a6e0a3f40b398778889504f05432d884283529
</span>Author: Steven Thomas Smith <s.t.smith@ieee.org>
AuthorDate: Wed Mar 23 20:59:33 2022 -0400
<span style='display:block; white-space:pre;color:#404040;'> privoxy: Add user_pki_bundle variant
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> * Add user_pki_bundle variant
</span><span style='display:block; white-space:pre;color:#404040;'> * Add `CA/trustedCAs.pem` to install
</span>---
www/privoxy/Portfile | 66 ++++++++++++++++++++++++++++++++++++----------------
1 file changed, 46 insertions(+), 20 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/www/privoxy/Portfile b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 6c50c5ed64e..42d3837e77d 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -6,7 +6,7 @@ PortGroup perl5 1.0
</span>
name privoxy
version 3.0.33
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 2
</span> categories www security net
platforms darwin
license GPL-2
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -300,15 +300,36 @@ variant https_inspection \
</span> system -W ${destroot}${tls_ca_dir} \
"${prefix}/share/apple-pki-bundle/bin/pems_that_wont_expire_soon.sh \
${prefix}/share/apple-pki-bundle/apple-pki-bundle.pem \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- >> trustedCAs.pem-temp"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- copy ${destroot}${tls_ca_dir}/trustedCAs.pem-temp \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${tls_ca_dir}/trustedCAs.pem
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ >> ${destroot}${tls_ca_dir}/trustedCAs.pem-temp"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ copy ${destroot}${tls_ca_dir}/trustedCAs.pem-temp \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${tls_ca_dir}/trustedCAs.pem
</span> system -W ${destroot}${tls_ca_dir} \
"${prefix}/share/apple-pki-bundle/bin/pems_not_in_pemfile.sh \
${prefix}/share/curl/curl-ca-bundle.crt \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- trustedCAs.pem-temp \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- >> trustedCAs.pem"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- delete ${destroot}${tls_ca_dir}/trustedCAs.pem-temp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${tls_ca_dir}/trustedCAs.pem-temp \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ >> ${destroot}${tls_ca_dir}/trustedCAs.pem"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if { [variant_isset "user_pki_bundle"] \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ && [file exists ${user_pki_bundle}]} {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ delete ${destroot}${tls_ca_dir}/trustedCAs.pem-temp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ copy ${destroot}${tls_ca_dir}/trustedCAs.pem \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${tls_ca_dir}/trustedCAs.pem-temp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ system -W ${destroot}${tls_ca_dir} \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "${prefix}/share/apple-pki-bundle/bin/pems_not_in_pemfile.sh \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${user_pki_bundle} \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${tls_ca_dir}/trustedCAs.pem-temp \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ >> ${destroot}${tls_ca_dir}/trustedCAs.pem"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ delete ${destroot}${tls_ca_dir}/trustedCAs.pem-temp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ xinstall -m 0664 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${tls_ca_dir}/trustedCAs.pem \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${prefix}/etc/${name}/CA
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if {[existsuser ${privoxyUser}] != 0 && [existsgroup ${privoxyGroup}] != 0} {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ file attributes \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${destroot}${prefix}/etc/${name}/CA/trustedCAs.pem \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ -group ${privoxyGroup} -owner ${privoxyUser} \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ -permissions 0664
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span> }
pre-activate {
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -407,16 +428,6 @@ TLS_PRIVOXY_ROOT_CA
</span> # Do not overwrite ca-password, but this is where it goes
# reinplace -E -q "s|^#(ca-password\[\[:space:]]+)\[^\[:space:]]*)|\\1${tls_ca_passphrase}|" \
# ${prefix}/etc/${name}/config
<span style='display:block; white-space:pre;background:#ffe0e0;'>- if { ![file exists ${prefix}/etc/${name}/CA/trustedCAs.pem] } {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- xinstall -m 0664 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${tls_ca_dir}/trustedCAs.pem \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${prefix}/etc/${name}/CA
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if {[existsuser ${privoxyUser}] != 0 && [existsgroup ${privoxyGroup}] != 0} {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- file attributes ${prefix}/etc/${name}/CA/trustedCAs.pem \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- -group ${privoxyGroup} -owner ${privoxyUser} \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- -permissions 0664
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span> }
notes \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -473,8 +484,16 @@ TLS_PRIVOXY_ROOT_CA
</span> the System keychain, trust for X.509.
# Disable MITM for the CA on some FF configurations
<span style='display:block; white-space:pre;background:#ffe0e0;'>- Firefox.app> about:config> security.enterprise_roots.enabled> true
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ Firefox.app> about:config> security.enterprise_roots.enabled> true"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if {[variant_isset "user_pki_bundle"]} {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if {[exists notes]} {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # leave a blank line after the existing notes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ notes-append ""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ notes-append "User PKI certificates will be added from the file\
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${user_pki_bundle} (ASCII PEM file)."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span> }
variant ecc \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -487,8 +506,15 @@ variant ecc \
</span> patch-ssl_common.h.diff
}
<span style='display:block; white-space:pre;background:#e0ffe0;'>+set user_pki_bundle ${prefix}/etc/${name}/CA/user-pki-bundle.pem
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+variant user_pki_bundle \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ requires https_inspection \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ description "Add user PKI certificates from ${user_pki_bundle}" {}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> default_variants-append \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- +https_inspection
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ +https_inspection \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ +user_pki_bundle
</span>
startupitem.create yes
startupitems \
</pre><pre style='margin:0'>
</pre>