- Bump PORTREVISION for dependencies changes

- Define CA_BUNDLE and add to default Options - Add REINPLACE and patches to enable CA_BUNDLE PR: ports/188508 Submitted by: ashish@
svn path=/head/; revision=351104
2014-04-12 15:21:22 +00:00 · 2014-04-12 15:21:22 +00:00 · eb452fa487 · 2021-03-31 03:12:20 +00:00
commit eb452fa487
parent f23f74ce0b
3 changed files with 46 additions and 4 deletions
--- a/irc/hexchat/Makefile
+++ b/irc/hexchat/Makefile
@ -3,7 +3,7 @@

 PORTNAME=	hexchat
 PORTVERSION=	2.9.6.1
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	irc gnome ipv6
 MASTER_SITES=	http://dl.hexchat.org/${PORTNAME}/

@ -29,16 +29,18 @@ SUB_FILES=	pkg-message

 PORTDOCS=	*

-OPTIONS_DEFINE=		CANBERRA DBUS DOAT DOCS FISHLIM NLS NOTIFY PERL \
-			PYTHON SOCKS TEXTFE XFT
+OPTIONS_DEFINE=		CA_BUNDLE CANBERRA DBUS DOAT DOCS FISHLIM NLS NOTIFY \
+			PERL PYTHON SOCKS TEXTFE XFT

 OPTIONS_RADIO=		SPELL
 OPTIONS_RADIO_SPELL=	GTKSPELL LIBSEXY STATIC

-OPTIONS_DEFAULT=	CANBERRA DBUS NOTIFY LIBSEXY PERL PYTHON SOCKS XFT
+OPTIONS_DEFAULT=	CA_BUNDLE CANBERRA DBUS NOTIFY LIBSEXY PERL PYTHON \
+			SOCKS XFT

 OPTIONS_SUB=	yes

+CA_BUNDLE_DESC=		Include CA bundle for SSL verification
 CANBERRA_DESC=		Audio support via Libcanberra
 DOAT_DESC=		Do At plugin
 GTKSPELL_DESC=		Spell checking support via GTKSpell
@ -47,6 +49,7 @@ LIBSEXY_DESC=		Spell checking support via Libsexy
 STATIC_DESC=		Spell checking embedded in the binary
 TEXTFE_DESC=		Text frontend

+CA_BUNDLE_RUN_DEPENDS=	${LOCALBASE}/share/certs/ca-root-nss.crt:${PORTSDIR}/security/ca_root_nss
 CANBERRA_LIB_DEPENDS=	libcanberra.so:${PORTSDIR}/audio/libcanberra
 CANBERRA_CONFIGURE_ENABLE=	libcanberra
 DBUS_LIB_DEPENDS=	libdbus-glib-1.so:${PORTSDIR}/devel/dbus-glib
@ -84,6 +87,12 @@ CONFIGURE_ARGS+=--enable-spell=libsexy
 CONFIGURE_ARGS+=--enable-spell=static
 .endif

+.if ${PORT_OPTIONS:MCA_BUNDLE}
+CA_BUNDLE=	"${LOCALBASE}/share/certs/ca-root-nss.crt"
+.else
+CA_BUNDLE=	NULL
+.endif
+
 .if ${PORT_OPTIONS:MXFT}
 USE_XORG+=	xft
 .endif
@ -104,6 +113,8 @@ post-patch:
 	@${REINPLACE_CMD} -e 's|/bin/bash|/bin/sh|g' ${WRKSRC}/autogen.sh
 	@${REINPLACE_CMD} -e '/^appdata_DATA/s|hexchat.appdata.xml||' \
 		${WRKSRC}/share/misc/Makefile.am ${WRKSRC}/share/misc/Makefile.in
+	@${REINPLACE_CMD} -e 's|%%CA_BUNDLE%%|${CA_BUNDLE}|' \
+		${WRKSRC}/src/common/server.c

 pre-configure:
 	@(cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ./autogen.sh)
--- a/irc/hexchat/files/patch-srccommonserver.c
+++ b/irc/hexchat/files/patch-srccommonserver.c
@ -0,0 +1,11 @@
+--- ./src/common/server.c.orig	2013-09-12 00:18:19.000000000 +0200
+++ ./src/common/server.c	2014-04-12 16:12:48.778585855 +0200
+@@ -862,7 +862,7 @@
+ 		/* it'll be a memory leak, if connection isn't terminated by
+ 		   server_cleanup() */
+ 		serv->ssl = _SSL_socket (ctx, serv->sok);
+-		if ((err = _SSL_set_verify (ctx, ssl_cb_verify, NULL)))
+		if ((err = _SSL_set_verify (ctx, ssl_cb_verify, %%CA_BUNDLE%%)))
+ 		{
+ 			EMIT_SIGNAL (XP_TE_CONNFAIL, serv->server_session, err, NULL,
+ 							 NULL, NULL, 0);
--- a/irc/hexchat/files/patch-srccommonssl.c
+++ b/irc/hexchat/files/patch-srccommonssl.c
@ -0,0 +1,20 @@
+--- ./src/common/ssl.c.orig	2013-09-12 00:18:19.000000000 +0200
+++ ./src/common/ssl.c	2014-04-12 16:06:12.028592630 +0200
+@@ -305,7 +305,7 @@
+ 		__SSL_fill_err_buf ("SSL_CTX_set_default_verify_paths");
+ 		return (err_buf);
+ 	}
+-/*
+
+ 	if (cacert)
+ 	{
+ 		if (!SSL_CTX_load_verify_locations (ctx, cacert, NULL))
+@@ -314,7 +314,7 @@
+ 			return (err_buf);
+ 		}
+ 	}
+-*/
+
+ 	SSL_CTX_set_verify (ctx, SSL_VERIFY_PEER, verify_callback);
+ 
+ 	return (NULL);