forked from necromant2005/homebrew-boneyard
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
97 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
class UcspiTools < Formula | ||
desc "Various tools to handle UCSPI connections" | ||
homepage "https://github.com/younix/ucspi/blob/master/README.md" | ||
revision 10 | ||
|
||
stable do | ||
url "https://github.com/younix/ucspi/archive/v1.2.tar.gz" | ||
sha256 "38cd0ae9113324602a600a6234d60ec9c3a8c13c8591e9b730f91ffb77e5412a" | ||
|
||
# LibreSSL is still in rapid development & the release branch we follow | ||
# moves much quicker than the ucspi project. Since ucspi-tools breaks | ||
# every LibreSSL update vendor until new release is available. | ||
resource "libressl" do | ||
url "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.7.tar.gz" | ||
sha256 "7e2c68b383bba8efb7dce5ea1eccfda77048547d1d2a7355c072efd7ccd893cd" | ||
end | ||
|
||
# LibreSSL renamed a function between the 2.1.3 and 2.1.4 release which ucspi uses. | ||
# https://github.com/younix/ucspi/issues/2 | ||
# http://www.freshbsd.org/commit/openbsd/2b22762d1139c74c743195f46b41fea0b9459ecd | ||
patch do | ||
url "https://github.com/younix/ucspi/pull/3.diff" | ||
sha256 "932aa6fcde21dc4eb3ad4474a6cd5f413f4da076b1de1491360a60584e0e514e" | ||
end | ||
end | ||
|
||
head do | ||
url "https://github.com/younix/ucspi.git" | ||
|
||
depends_on "libressl" | ||
end | ||
|
||
depends_on "pkg-config" => :build | ||
depends_on "ucspi-tcp" | ||
|
||
def install | ||
if build.stable? | ||
vendordir = libexec/"vendor/libressl" | ||
resource("libressl").stage do | ||
args = %W[ | ||
--disable-dependency-tracking | ||
--disable-silent-rules | ||
--prefix=#{vendordir} | ||
--with-openssldir=#{vendordir}/etc | ||
--sysconfdir=#{vendordir}/etc | ||
] | ||
|
||
# https://github.com/libressl-portable/portable/issues/121 | ||
args << "--disable-asm" if MacOS.version <= :snow_leopard | ||
|
||
system "./configure", *args | ||
system "make" | ||
system "make", "check" | ||
system "make", "install" | ||
|
||
# It looks for the headers prior to checking pkg-config so we | ||
# can't just pass PKG_CONFIG_PATH sadly. | ||
ENV.prepend_path "PATH", vendordir/"bin" | ||
ENV.prepend_path "PKG_CONFIG_PATH", "#{vendordir}/lib/pkgconfig" | ||
ENV.prepend "CFLAGS", "-I#{vendordir}/include" | ||
end | ||
end | ||
|
||
system "make", "PREFIX=#{prefix}", "install", "CFLAGS=#{ENV.cflags}" | ||
end | ||
|
||
def post_install | ||
return unless File.exist?(libexec/"vendor") | ||
|
||
keychains = %w[ | ||
/System/Library/Keychains/SystemRootCertificates.keychain | ||
] | ||
|
||
certs_list = `security find-certificate -a -p #{keychains.join(" ")}` | ||
certs = certs_list.scan( | ||
/-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----/m | ||
) | ||
|
||
valid_certs = certs.select do |cert| | ||
IO.popen("openssl x509 -inform pem -checkend 0 -noout", "w") do |openssl_io| | ||
openssl_io.write(cert) | ||
openssl_io.close_write | ||
end | ||
|
||
$?.success? | ||
end | ||
|
||
# LibreSSL install a default pem - We prefer to use OS X for consistency. | ||
rm_f libexec/"vendor/libressl/etc/cert.pem" | ||
(libexec/"vendor/libressl/etc/cert.pem").atomic_write(valid_certs.join("\n")) | ||
end | ||
|
||
test do | ||
out = shell_output("#{bin}/tlsc 2>&1", 1) | ||
assert_equal "tlsc [-hCH] [-c cert_file] [-f ca_file] [-p ca_path] program [args...]\n", out | ||
end | ||
end |