[arch-commits] Commit in neomutt/trunk (PKGBUILD default-ca-certificates.patch)
Maxim Baz
maximbaz at archlinux.org
Tue Dec 3 13:43:45 UTC 2019
Date: Tuesday, December 3, 2019 @ 13:43:45
Author: maximbaz
Revision: 534938
neomutt: switch from openssl to gnutls dependency
Neomutt can be compiled against openssl (via --ssl) or gnutls (via --gnutls).
We used to depend on openssl, this commit changes the dependency to gnutls for the following reasons:
1. When attempting to compile against both openssl and gnutls, neomutt itself prefers to use gnutls.
2. Using gnutls allows to use certificate pinning in neomutt via ":set ssl_ca_certificates_file=..."
Debian package is also compiled against gnutls, I used it as inspiration for a smooth transition.
Namely, to preserve neomutt's integration with default CA cert bundle (by ca-certificates package),
the default value for "ssl_ca_certificates_file" is configured in system config file /etc/neomuttrc.
Added:
neomutt/trunk/default-ca-certificates.patch
Modified:
neomutt/trunk/PKGBUILD
-------------------------------+
PKGBUILD | 20 ++++++++++++++------
default-ca-certificates.patch | 12 ++++++++++++
2 files changed, 26 insertions(+), 6 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2019-12-03 13:08:35 UTC (rev 534937)
+++ PKGBUILD 2019-12-03 13:43:45 UTC (rev 534938)
@@ -5,22 +5,30 @@
# Contributor: Leonidas Spyropoulos <artafinde at gmail.com>
pkgname=neomutt
pkgver=20191129
-pkgrel=1
+pkgrel=2
pkgdesc='A version of mutt with added features'
url='https://neomutt.org/'
license=('GPL')
arch=('x86_64')
-depends=('glibc' 'gpgme' 'lua' 'notmuch-runtime' 'krb5' 'openssl'
+depends=('glibc' 'gpgme' 'lua' 'notmuch-runtime' 'krb5' 'gnutls'
'libsasl' 'ncurses' 'libidn2' 'lmdb' 'gdbm' 'kyotocabinet')
-optdepends=('python: keybase.py')
+optdepends=('python: keybase.py'
+ 'ca-certificates: default CA certificates')
makedepends=('git' 'gnupg' 'libxslt' 'docbook-xsl' 'w3m')
_github='https://github.com/neomutt/neomutt'
source=("$pkgname-$pkgver.tar.gz::$_github/archive/$pkgver.tar.gz"
- "$pkgname-$pkgver.tar.gz.sig::$_github/releases/download/$pkgver/$pkgver.tar.gz.sig")
+ "$pkgname-$pkgver.tar.gz.sig::$_github/releases/download/$pkgver/$pkgver.tar.gz.sig"
+ "default-ca-certificates.patch")
sha256sums=('c339e17b676d0a9a8db6dd1c9acac3db4b217c6b19050e5a1eec99b1b0b59a2f'
- 'SKIP')
+ 'SKIP'
+ '410a364ae8249c969fc321f0f50ecb4603e9443bd73b31f58c8487e6b8b510e0')
validpgpkeys=('86C2397270DD7A561263CA4E5FAF0A6EE7371805') # Richard Russon (flatcap) <rich at flatcap.org>
+prepare() {
+ cd "$pkgname-$pkgver"
+ patch -Np1 -i "$srcdir/default-ca-certificates.patch"
+}
+
build() {
cd "$pkgname-$pkgver"
./configure \
@@ -31,7 +39,7 @@
--lua \
--notmuch \
--gss \
- --ssl \
+ --gnutls \
--sasl \
--with-ui=ncurses \
--with-idn2=/usr \
Added: default-ca-certificates.patch
===================================================================
--- default-ca-certificates.patch (rev 0)
+++ default-ca-certificates.patch 2019-12-03 13:43:45 UTC (rev 534938)
@@ -0,0 +1,12 @@
+--- a/doc/neomuttrc.head
++++ b/doc/neomuttrc.head.new
+@@ -48,6 +48,9 @@ bind browser y exit
+ # be undone with unmime_lookup.
+ mime_lookup application/octet-stream
+
++# System-wide CA file managed by the ca-certificates package
++set ssl_ca_certificates_file="/etc/ssl/certs/ca-certificates.crt"
++
+ ##
+ ## *** DEFAULT SETTINGS FOR THE ATTACHMENTS PATCH ***
+ ##
More information about the arch-commits
mailing list