openssl: create a cert.pem file from keychain certs

Closes Homebrew/homebrew#21065.
2013-07-13 19:16:31 -05:00 · 2013-07-13 19:16:31 -05:00 · c72a41c3c5
commit c72a41c3c5
parent bfb0701778
1 changed files with 28 additions and 5 deletions
--- a/Formula/openssl.rb
+++ b/Formula/openssl.rb
@ -12,7 +12,7 @@ class Openssl < Formula
  def install
    args = %W[./Configure
               --prefix=#{prefix}
-               --openssldir=#{etc}/openssl
+               --openssldir=#{openssldir}
               zlib-dynamic
               shared
             ]
@ -31,10 +31,33 @@ class Openssl < Formula
    system "make", "install", "MANDIR=#{man}", "MANSUFFIX=ssl"
  end

-  def caveats; <<-EOS.undent
-    To install updated CA certs from Mozilla.org:
+  def openssldir
+    etc/"openssl"
+  end

-        brew install curl-ca-bundle
-    EOS
+  def cert_pem
+    openssldir/"cert.pem"
+  end
+
+  def osx_cert_pem
+    openssldir/"osx_cert.pem"
+  end
+
+  def write_pem_file
+    system "security find-certificate -a -p /Library/Keychains/System.keychain > '#{osx_cert_pem}.tmp'"
+    system "security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain >> '#{osx_cert_pem}.tmp'"
+    system "mv", "-f", "#{osx_cert_pem}.tmp", osx_cert_pem
+  end
+
+  def post_install
+    openssldir.mkpath
+
+    if cert_pem.exist?
+      write_pem_file
+    else
+      cert_pem.unlink if cert_pem.symlink?
+      write_pem_file
+      openssldir.install_symlink 'osx_cert.pem' => 'cert.pem'
+    end
  end
 end