From bb302e707a4c5e2dddfa7be9a77b4ee979be7ffb Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Tue, 28 Jan 2020 03:02:18 +0000 Subject: [PATCH] caroot: blacklisted: automatically pick up *.pem in the tree This kind of automagica got picked up in trusted/ prior to the initial commit, but never got applied over in blacklisted. Ideally no one will be using blacklisted/ to store arbitrary certs that they don't intend to blacklist, so we should just install anything that's in here rather than force consumer to first copy cert into place and then modify the file listing in the Makefile. Wise man once say: "it is better to restrict too much, than not enough. sometimes." --- secure/caroot/blacklisted/Makefile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/secure/caroot/blacklisted/Makefile b/secure/caroot/blacklisted/Makefile index 7691993416b3..ab93d2779380 100644 --- a/secure/caroot/blacklisted/Makefile +++ b/secure/caroot/blacklisted/Makefile @@ -2,6 +2,8 @@ BINDIR= /usr/share/certs/blacklisted -FILES= +BLACKLISTED_CERTS!= ls ${.CURDIR}/*.pem 2> /dev/null || true + +FILES+= ${BLACKLISTED_CERTS} .include