72a73246dc
Since we’ve had to stick a temporary patch to OpenSSL’s postinstall pending Apple’s response on the Equifax situation, GnuTLS which leans on the OpenSSL formula to do postinstall is blowing up on every Yosemite test-bot that calls GnuTLS as a dep. ``` ==> Downloading https://www.geotrust.com/resources/root_certificates/certificates/Equifa x_Secure_Certificate_Authority.pem Already downloaded: /Library/Caches/Homebrew/openssl--Equifax_CA-Secure.pem ==> Verifying openssl--Equifax_CA-Secure.pem checksum ==> /usr/local/Cellar/openssl/1.0.2a-1/bin/c_rehash Failed to execute: /usr/local/Cellar/openssl/1.0.2a-1/bin/c_rehash Warning: The post-install step did not complete successfully You can try again using `brew postinstall gnutls` ``` This works around that for now to stop the bot flagging failures everywhere. Closes Homebrew/homebrew#38619. Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>
68 lines
2 KiB
Ruby
68 lines
2 KiB
Ruby
# GnuTLS has previous, current, and next stable branches, we use current.
|
|
# From 3.4.0 GnuTLS will be permanently disabling SSLv3. Every brew uses will need a revision with that.
|
|
# http://nmav.gnutls.org/2014/10/what-about-poodle.html
|
|
class Gnutls < Formula
|
|
homepage "http://gnutls.org"
|
|
url "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.14.tar.xz"
|
|
mirror "http://mirrors.dotsrc.org/gcrypt/gnutls/v3.3/gnutls-3.3.14.tar.xz"
|
|
sha256 "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
|
|
|
|
bottle do
|
|
cellar :any
|
|
sha256 "bd9be2fd982757c962f27f155ecdb255a87a5d892b2aa5d026eb114787dfa878" => :yosemite
|
|
sha256 "df2817f137ca2b2272d9d8af253e0cb02425b597a1f04c42ef11dd833aabf8cd" => :mavericks
|
|
sha256 "438d7ed97830ad30e7ac2468ad600a44febcf4e7bec116dd514cceb3206e6212" => :mountain_lion
|
|
end
|
|
|
|
depends_on "pkg-config" => :build
|
|
depends_on "libtasn1"
|
|
depends_on "gmp"
|
|
depends_on "nettle"
|
|
depends_on "guile" => :optional
|
|
depends_on "p11-kit" => :optional
|
|
depends_on "unbound" => :optional
|
|
|
|
fails_with :llvm do
|
|
build 2326
|
|
cause "Undefined symbols when linking"
|
|
end
|
|
|
|
def install
|
|
args = %W[
|
|
--disable-dependency-tracking
|
|
--disable-silent-rules
|
|
--disable-static
|
|
--prefix=#{prefix}
|
|
--sysconfdir=#{etc}
|
|
--with-default-trust-store-file=#{etc}/openssl/cert.pem
|
|
--disable-heartbeat-support
|
|
]
|
|
|
|
if build.with? "guile"
|
|
args << "--enable-guile"
|
|
args << "--with-guile-site-dir=no"
|
|
end
|
|
|
|
system "./configure", *args
|
|
system "make", "install"
|
|
|
|
# certtool shadows the OS X certtool utility
|
|
mv bin+"certtool", bin+"gnutls-certtool"
|
|
mv man1+"certtool.1", man1+"gnutls-certtool.1"
|
|
end
|
|
|
|
def post_install
|
|
keychains = %w[
|
|
/Library/Keychains/System.keychain
|
|
/System/Library/Keychains/SystemRootCertificates.keychain
|
|
]
|
|
|
|
openssldir = etc/"openssl"
|
|
openssldir.mkpath
|
|
(openssldir/"cert.pem").atomic_write `security find-certificate -a -p #{keychains.join(" ")}`
|
|
end
|
|
|
|
test do
|
|
system bin/"gnutls-cli", "--version"
|
|
end
|
|
end
|