class Gnutls < Formula desc "GNU Transport Layer Security (TLS) Library" homepage "https://gnutls.org/" url "https://gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-3.6.6.tar.xz" mirror "https://www.mirrorservice.org/sites/ftp.gnupg.org/gcrypt/gnutls/v3.6/gnutls-3.6.6.tar.xz" sha256 "bb9acab8af2ac430edf45faaaa4ed2c51f86e57cb57689be6701aceef4732ca7" bottle do rebuild 1 sha256 "44b47f5f857dccb0716619a049ea10466650a0f699f804152f6697395059e2a1" => :mojave sha256 "9e3ef9011a01c45d25d6624bc2165a149ee1adb646ea535fd285567115faffd2" => :high_sierra sha256 "264198ced383d3ae9d947e5811fb9daf49004971e268ce045b2cc95de8ef2c53" => :sierra end depends_on "pkg-config" => :build depends_on "gmp" depends_on "libtasn1" depends_on "libunistring" depends_on "nettle" depends_on "p11-kit" depends_on "unbound" def install args = %W[ --disable-dependency-tracking --disable-silent-rules --disable-static --prefix=#{prefix} --sysconfdir=#{etc} --with-default-trust-store-file=#{etc}/openssl/cert.pem --disable-guile --disable-heartbeat-support --with-p11-kit ] system "./configure", *args system "make", "install" # certtool shadows the macOS certtool utility mv bin/"certtool", bin/"gnutls-certtool" mv man1/"certtool.1", man1/"gnutls-certtool.1" end def post_install keychains = %w[ /System/Library/Keychains/SystemRootCertificates.keychain ] certs_list = `security find-certificate -a -p #{keychains.join(" ")}` certs = certs_list.scan(/-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----/m) valid_certs = certs.select do |cert| IO.popen("openssl x509 -inform pem -checkend 0 -noout", "w") do |openssl_io| openssl_io.write(cert) openssl_io.close_write end $CHILD_STATUS.success? end openssldir = etc/"openssl" openssldir.mkpath (openssldir/"cert.pem").atomic_write(valid_certs.join("\n")) end test do system bin/"gnutls-cli", "--version" end end