From 7ce7e26cda6481200b1b2a197e6dfb762c56cb5a Mon Sep 17 00:00:00 2001
From: Dominyk Tiller
Date: Fri, 10 Apr 2015 18:33:27 +0100
Subject: libressl: improve cert handling

Missed the release notes a couple of versions back that LibreSSL had
killed off the useful c_rehash script OpenSSL uses to support custom
added certs and merged it into the OpenSSL command itself, with some
changes.

This PR just allows people to take advantage of it without so much
manual intervention and discovery. Nothing too fancy.

Closes #38521.

Signed-off-by: Tim D. Smith <git@tim-smith.us>
---
 Library/Formula/libressl.rb | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'Library')

diff --git a/Library/Formula/libressl.rb b/Library/Formula/libressl.rb
index 17255165a..1354215f8 100644
--- a/Library/Formula/libressl.rb
+++ b/Library/Formula/libressl.rb
@@ -36,7 +36,7 @@ class Libressl < Formula
     system "make", "install"
 
     # Install the dummy openssl.cnf file to stop runtime warnings.
-    mkdir_p "#{etc}/libressl"
+    mkdir_p "#{etc}/libressl/certs"
     cp "apps/openssl.cnf", "#{etc}/libressl"
   end
 
@@ -53,7 +53,10 @@ class Libressl < Formula
   def caveats; <<-EOS.undent
     A CA file has been bootstrapped using certificates from the system
     keychain. To add additional certificates, place .pem files in
-      #{etc}/libressl
+      #{etc}/libressl/certs
+
+    and run
+      #{opt_bin}/openssl certhash #{etc}/libressl/certs
     EOS
   end
 
-- 
cgit v1.2.3