override _PATH_SSL_CA_FILE with OPENSSLDIR at build time

fix #160
author: Brent Cook <bcook@openbsd.org> 2015-12-06 20:21:16 -0600
committer: Brent Cook <bcook@openbsd.org> 2015-12-06 20:35:09 -0600
commit: 5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8 (patch)
tree: 3873b800eb4c6b7266398de60a8f676dd4f69b91
parent: fabe122b4ec9890db09633d15fdb6cc010e7c39f (diff)
download: portable-5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8.tar.gz
portable-5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8.tar.bz2
portable-5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8.zip
2 files changed, 19 insertions, 0 deletions
diff --git a/patches/tls_internal.h.patch b/patches/tls_internal.h.patch
new file mode 100644
index 0000000..0f50827
--- /dev/null
+++ b/patches/tls_internal.h.patch
@@ -0,0 +1,12 @@
+--- ./openbsd/src/lib/libtls/tls_internal.h     Thu Oct 15 16:12:24 2015
+++ ./tls/tls_internal.h        Sun Dec  6 20:18:17 2015
+@@ -24,7 +24,9 @@
+ 
+ #include <openssl/ssl.h>
+ 
+#ifndef _PATH_SSL_CA_FILE
+ #define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
+#endif
+ 
+ #define TLS_CIPHERS_COMPAT     "ALL:!aNULL:!eNULL"
+ #define TLS_CIPHERS_DEFAULT    "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"
diff --git a/tls/Makefile.am b/tls/Makefile.am
index 3621e8e..2d033fd 100644
--- a/tls/Makefile.am
+++ b/tls/Makefile.am
@@ -8,6 +8,13 @@ EXTRA_DIST += CMakeLists.txt
 libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined
 libtls_la_LIBADD = ../crypto/libcrypto.la ../ssl/libssl.la $(PLATFORM_LDADD)
+libtls_la_CPPFLAGS = $(AM_CPPFLAGS)
+if OPENSSLDIR_DEFINED
+libtls_la_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"@OPENSSLDIR@\"
+else
+libtls_la_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"$(sysconfdir)/ssl\"
+endif
 libtls_la_SOURCES = tls.c
 libtls_la_SOURCES += tls_client.c
 libtls_la_SOURCES += tls_config.c
author	Brent Cook <bcook@openbsd.org>	2015-12-06 20:21:16 -0600
committer	Brent Cook <bcook@openbsd.org>	2015-12-06 20:35:09 -0600
commit	5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8 (patch)
tree	3873b800eb4c6b7266398de60a8f676dd4f69b91
parent	fabe122b4ec9890db09633d15fdb6cc010e7c39f (diff)
download	portable-5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8.tar.gz portable-5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8.tar.bz2 portable-5b49c30cbc1cd115a1d39bbdb67271e9d182b7a8.zip

diff --git a/patches/tls_internal.h.patch b/patches/tls_internal.h.patch new file mode 100644 index 0000000..0f50827 --- /dev/null +++ b/patches/tls_internal.h.patch
@@ -0,0 +1,12 @@
		1	--- ./openbsd/src/lib/libtls/tls_internal.h Thu Oct 15 16:12:24 2015
		2	+++ ./tls/tls_internal.h Sun Dec 6 20:18:17 2015
		3	@@ -24,7 +24,9 @@
		4
		5	#include <openssl/ssl.h>
		6
		7	+#ifndef _PATH_SSL_CA_FILE
		8	#define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
		9	+#endif
		10
		11	#define TLS_CIPHERS_COMPAT "ALL:!aNULL:!eNULL"
		12	#define TLS_CIPHERS_DEFAULT "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"


diff --git a/tls/Makefile.am b/tls/Makefile.am index 3621e8e..2d033fd 100644 --- a/tls/Makefile.am +++ b/tls/Makefile.am
@@ -8,6 +8,13 @@ EXTRA_DIST += CMakeLists.txt
8	libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined	8	libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined
9	libtls_la_LIBADD = ../crypto/libcrypto.la ../ssl/libssl.la $(PLATFORM_LDADD)	9	libtls_la_LIBADD = ../crypto/libcrypto.la ../ssl/libssl.la $(PLATFORM_LDADD)
10		10
		11	libtls_la_CPPFLAGS = $(AM_CPPFLAGS)
		12	if OPENSSLDIR_DEFINED
		13	libtls_la_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"@OPENSSLDIR@\"
		14	else
		15	libtls_la_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"$(sysconfdir)/ssl\"
		16	endif
		17
11	libtls_la_SOURCES = tls.c	18	libtls_la_SOURCES = tls.c
12	libtls_la_SOURCES += tls_client.c	19	libtls_la_SOURCES += tls_client.c
13	libtls_la_SOURCES += tls_config.c	20	libtls_la_SOURCES += tls_config.c