dansguardian - include ca_root_nss-3.13.3 package for certificate checks

3 files changed, 26 insertions, 4 deletions

diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc
index a568b69e..3d2d83f8 100755
--- a/config/dansguardian/dansguardian.inc
+++ b/config/dansguardian/dansguardian.inc
@@ -226,6 +226,7 @@ function sync_package_dansguardian() {
 			$ca_pk = "caprivatekeypath = '/etc/ssl/demoCA/private/cakey.pem'";
 			}
 		if(base64_decode($ca_cert['crt'])) {
+			$cert_hash=array();
 			file_put_contents("/etc/ssl/demoCA/cacert.pem",base64_decode($ca_cert['crt']));
 			exec("/usr/bin/openssl x509 -hash -noout -in /etc/ssl/demoCA/cacert.pem",$cert_hash);
 			file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",base64_decode($ca_cert['crt']));
@@ -1033,6 +1034,25 @@ function dansguardian_validate_input($post, &$input_errors) {
 }
 
 function dansguardian_php_install_command() {
+	conf_mount_rw();
+	#create ca-root hashes from ca-root-nss package
+	print "Creating root certificate bundle hashes from the Mozilla Project\n";
+	$cas=file('/usr/local/share/certs/ca-root-nss.crt');
+	$cert=0;
+	foreach ($cas as $ca){
+    	if (preg_match("/--BEGIN CERTIFICATE--/",$ca))
+			$cert=1;
+		if ($cert == 1)
+			$crt.=$ca;
+		if (preg_match("/-END CERTIFICATE-/",$ca)){
+			file_put_contents("/tmp/cert.pem",$crt, LOCK_EX);
+			$cert_hash=array();
+			exec("/usr/bin/openssl x509 -hash -noout -in /tmp/cert.pem",$cert_hash);
+			file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",$crt,LOCK_EX);
+			$crt="";
+			$cert=0;
+			}
+		}
 	sync_package_dansguardian();
 }
 
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 16dd3181..7a34a2be 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -448,12 +448,13 @@
 		<depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url>
 		<depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package>
 		<depends_on_package>clamav-0.97.3_1.tbz</depends_on_package>
-		<version>2.12.0.0 pkg v.0.1.5</version>
+		<depends_on_package>ca_root_nss-3.13.3.tbz</depends_on_package>
+		<version>2.12.0.0 pkg v.0.1.5.1</version>
 		<status>beta</status>
 		<required_version>2.0</required_version>
 		<configurationfile>dansguardian.xml</configurationfile>
 		<build_port_path>/usr/ports/www/dansguardian-devel</build_port_path>
-		<build_options>WITHOUT_APACHE=true WITHOUT_TRICKLE=false WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true</build_options>
+		<build_options>WITHOUT_APACHE=true WITH_TRICKLE=true WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true WITH_SSL=true</build_options>
 	</package>
 		<package>
 		<name>mailscanner-dev</name>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index f9e265ad..2835dff3 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -555,12 +555,13 @@
 		<depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url>
 		<depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package>
 		<depends_on_package>clamav-0.97.3_1.tbz</depends_on_package>
-		<version>2.12.0.0 pkg v.0.1.5</version>
+		<depends_on_package>ca_root_nss-3.13.3.tbz</depends_on_package>
+		<version>2.12.0.0 pkg v.0.1.5.1</version>
 		<status>beta</status>
 		<required_version>2.0</required_version>
 		<configurationfile>dansguardian.xml</configurationfile>
 		<build_port_path>/usr/ports/www/dansguardian-devel</build_port_path>
-		<build_options>WITHOUT_APACHE=true WITHOUT_TRICKLE=false WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true</build_options>
+		<build_options>WITHOUT_APACHE=true WITH_TRICKLE=true WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true WITH_SSL=true</build_options>
 	</package>
 	<package>
 		<name>siproxd</name>