[MacPorts] #42728: autogen @5.17.4_0: autoopts-config produces a stray -R flag, breaks gnutls @3.1.22_0 build
MacPorts
noreply at macports.org
Wed Jun 4 17:06:48 PDT 2014
#42728: autogen @5.17.4_0: autoopts-config produces a stray -R flag, breaks gnutls
@3.1.22_0 build
-----------------------------+-------------------
Reporter: jwhowse4@… | Owner: mww@…
Type: defect | Status: new
Priority: Normal | Milestone:
Component: ports | Version: 2.2.1
Resolution: | Keywords:
Port: autogen gnutls |
-----------------------------+-------------------
Comment (by mschamschula@…):
Replying to [comment:37 devans@…]:
> Replying to [comment:36 mschamschula@…]:
> > Replying to [comment:35 devans@…]:
> > > I see this morning that the latest version of gnutls is now 3.3.4.
> >
> > I've merged patch-gnutls-3.3.3-rev1.diff with the version bump to
3.3.4, with some minor edits. I have only built the +unbound variant under
Mavericks. Please test!
>
> gnutls, gnutls +dane both build successfully on 10.8, 10.9. 10.7 should
build as well since it uses a similar version of clang. I was also able to
build successfully using the apple-gcc-4.2 compiler to simulate
compilation on 10.6.
>
> A trivial confidence test using danetool from the +dane build also works
successfully.
> {{{
> danetool --check www.freebsd.org --proto tcp --port 443
> Querying www.freebsd.org (tcp:443)...
> _443._tcp.www.freebsd.org. IN TLSA ( 03 00 01
3f86a1fa85f6e5169cb27bf25c863805ebfd3225a16aadb75587804680992096 )
> Certificate usage: Local end-entity (03)
> Certificate type: X.509 (00)
> Contents: SHA2-256 hash (01)
> Data:
3f86a1fa85f6e5169cb27bf25c863805ebfd3225a16aadb75587804680992096
>
> $ danetool --check www.fedoraproject.org --proto tcp --port 443
> Querying www.fedoraproject.org (tcp:443)...
> _443._tcp.www.fedoraproject.org. IN TLSA ( 00 00 01
19400be5b7a31fb733917700789d2f0a2471c0c9d506c0e504c06c16d7cb17c0 )
> Certificate usage: CA (00)
> Certificate type: X.509 (00)
> Contents: SHA2-256 hash (01)
> Data:
19400be5b7a31fb733917700789d2f0a2471c0c9d506c0e504c06c16d7cb17c0
> }}}
>
> Based on this, I think the updated port could be committed as is unless
you want to add a default trust store file to configure.args as suggested
by cal.
> {{{
> --with-default-trust-store-file="${prefix}/etc/openssl/cert.pem"
> }}}
> in which case you would also need a dependency something like this
> {{{
> depends_run path:etc/openssl/cert.pem:certsync
> }}}
It turns out that the trust store file is in the .crt format provided by
the curl-ca-bundle. I've added this to the .3.diff file.
--
Ticket URL: <https://trac.macports.org/ticket/42728#comment:38>
MacPorts <http://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list