Use built-in CA store of OpenSSL/GnuTLS when CA_BUNDLE is disabled

PR: 248047 Reported by: Michael Osipov <michael.osipov@siemens.com> Submitted by: kevans
svn path=/head/; revision=548355
2020-09-12 12:11:07 +00:00 · 2020-09-12 12:11:07 +00:00 · ba22f5dc4e · 2021-03-31 03:12:20 +00:00
commit ba22f5dc4e
parent 98d2dac1be
1 changed files with 4 additions and 0 deletions
--- a/ftp/curl/Makefile
+++ b/ftp/curl/Makefile
@ -140,6 +140,10 @@ WOLFSSL_LIB_DEPENDS=	libwolfssl.so:security/wolfssl

 .include <bsd.port.pre.mk>

+.if !${PORT_OPTIONS:MCA_BUNDLE} && (${PORT_OPTIONS:MGNUTLS} || ${PORT_OPTIONS:MOPENSSL})
+CONFIGURE_ARGS+=--with-ca-fallback
+.endif
+
 .if ((!${PORT_OPTIONS:MGNUTLS} && !${PORT_OPTIONS:MOPENSSL}) || (${PORT_OPTIONS:MOPENSSL} && ${SSL_DEFAULT:Mlibressl*})) && ${PORT_OPTIONS:MTLS_SRP}
 IGNORE=		only supports TLS-SRP with either OpenSSL or GnuTLS
 .endif