[packages/h2o] use system ca-certificates package

Fri Sep 29 14:29:15 CEST 2017

commit be1cf404e2132a5338ff8a3b4c6299b393d9ad9d
Author: Elan Ruusamäe <glen at pld-linux.org>
Date:   Fri Sep 29 15:29:10 2017 +0300

    use system ca-certificates package

 h2o.spec        |  5 +++--
 system-ca.patch | 21 +++++++++++++++++++++
 2 files changed, 24 insertions(+), 2 deletions(-)
---

diff --git a/h2o.spec b/h2o.spec
index 231f2b1..27cd440 100644
--- a/h2o.spec
+++ b/h2o.spec
@@ -12,6 +12,7 @@ License:	MIT
 Group:		Networking/Daemons/HTTP
 Source0:	https://github.com/h2o/h2o/archive/v%{version}/%{name}-%{version}.tar.gz
 # Source0-md5:	efc3a98cd21d3b91d66b2a99b1518255
+Patch0:		system-ca.patch
 URL:		https://h2o.examp1e.net/
 BuildRequires:	cmake >= 2.8.11
 BuildRequires:	libstdc++-devel
@@ -24,6 +25,7 @@ BuildRequires:	zlib-devel
 BuildRequires:	bison
 BuildRequires:	ruby-devel
 %endif
+Requires:	ca-certificates
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
 %define	_bindir %{_sbindir}
@@ -60,6 +62,7 @@ you to build your own software using H2O.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 install -d build
@@ -99,8 +102,6 @@ rm -rf $RPM_BUILD_ROOT
 %attr(755,root,root) %{_datadir}/%{name}/kill-on-close
 %attr(755,root,root) %{_datadir}/%{name}/setuidgid
 %attr(755,root,root) %{_datadir}/%{name}/start_server
-# TODO: use ca-certificates package
-%{_datadir}/%{name}/ca-bundle.crt
 
 %if %{with mruby}
 %{_datadir}/%{name}/mruby
diff --git a/system-ca.patch b/system-ca.patch
new file mode 100644
index 0000000..cf9e477
--- /dev/null
+++ b/system-ca.patch
@@ -0,0 +1,21 @@
+--- h2o-2.2.2/./CMakeLists.txt~	2017-04-23 06:26:35.000000000 +0300
++++ h2o-2.2.2/./CMakeLists.txt	2017-09-29 15:26:44.945814814 +0300
+@@ -495,7 +495,6 @@
+ ENDIF ()
+ 
+ INSTALL(PROGRAMS share/h2o/annotate-backtrace-symbols share/h2o/fastcgi-cgi share/h2o/fetch-ocsp-response share/h2o/kill-on-close share/h2o/setuidgid share/h2o/start_server DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/h2o)
+-INSTALL(FILES share/h2o/ca-bundle.crt DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/h2o)
+ INSTALL(FILES share/h2o/status/index.html DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/h2o/status)
+ INSTALL(DIRECTORY doc/ DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/doc/h2o PATTERN "Makefile" EXCLUDE PATTERN "README.md" EXCLUDE)
+ INSTALL(DIRECTORY examples/ DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/doc/h2o/examples)
+--- h2o-2.2.2/./lib/handler/configurator/proxy.c~	2017-04-23 06:26:35.000000000 +0300
++++ h2o-2.2.2/./lib/handler/configurator/proxy.c	2017-09-29 15:27:40.468710510 +0300
+@@ -298,7 +298,7 @@
+     if (ctx->pathconf == NULL && ctx->hostconf == NULL) {
+         /* is global conf, setup the default SSL context */
+         self->vars->ssl_ctx = create_ssl_ctx();
+-        char *ca_bundle = h2o_configurator_get_cmd_path("share/h2o/ca-bundle.crt");
++        char *ca_bundle = "/etc/certs/ca-certificates.crt";
+         if (SSL_CTX_load_verify_locations(self->vars->ssl_ctx, ca_bundle, NULL) != 1)
+             fprintf(stderr, "Warning: failed to load the default certificates file at %s. Proxying to HTTPS servers may fail.\n",
+                     ca_bundle);
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/h2o.git/commitdiff/be1cf404e2132a5338ff8a3b4c6299b393d9ad9d

