Date: Mon, 2 Apr 2012 01:34:28 +0700 (NOVT) From: Eugene Grosbein <eugen@grosbein.pp.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/166561: [patch] ports-mgmt/portaudit should be able to use ports openssl(1) Message-ID: <201204011834.q31IYSEe003499@grosbein.pp.ru> Resent-Message-ID: <201204011840.q31IeCZ0093709@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 166561 >Category: ports >Synopsis: [patch] ports-mgmt/portaudit should be able to use ports openssl(1) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Apr 01 18:40:12 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Eugene Grosbein >Release: FreeBSD 8.3-PRERELEASE amd64 >Organization: RDTC JSC >Environment: System: FreeBSD grosbein.pp.ru 8.3-PRERELEASE FreeBSD 8.3-PRERELEASE #19: Tue Mar 20 03:24:04 NOVT 2012 root@grosbein.pp.ru:/usr/local/obj/usr/local/src/sys/DADV amd64 >Description: Sometimes, one may install openssl from ports without overwriting base system stock openssl. portaudit should have an option to make it use /usr/local/bin/openssl instead of /usr/bin/openssl. Let it recognise new option named "portaudit_openssl" in its /usr/local/etc/portaudit.conf and use provided openssl(1) path. >How-To-Repeat: N/A >Fix: diff -urN portaudit.orig/files/portaudit-cmd.sh portaudit/files/portaudit-cmd.sh --- portaudit.orig/files/portaudit-cmd.sh 2012-04-02 00:09:31.000000000 +0700 +++ portaudit/files/portaudit-cmd.sh 2012-04-02 01:25:56.000000000 +0700 @@ -52,6 +52,7 @@ : ${portaudit_pubkey:="%%PREFIX%%/etc/portaudit.pubkey"} : ${portaudit_fixed=""} + : ${portaudit_openssl:="/usr/bin/openssl"} } extract_auditfile_raw() @@ -78,10 +79,10 @@ local TMPFILE=`mktemp -t portaudit` extract_auditfile_raw | egrep "^#SIGNATURE: " | sed "s/^#SIGNATURE: //g" \ - | openssl enc -d -a >$TMPFILE + | $portaudit_openssl enc -d -a >$TMPFILE signatureresult=`extract_auditfile_raw | egrep -v "^#SIGNATURE: " \ | egrep -v "^#CHECKSUM: " \ - | openssl dgst -sha256 -verify ${portaudit_pubkey} -signature $TMPFILE` + | $portaudit_openssl dgst -sha256 -verify ${portaudit_pubkey} -signature $TMPFILE` if [ -n "$TMPFILE" ]; then rm "$TMPFILE" fi >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201204011834.q31IYSEe003499>