Date: Sunday, August 24, 2014 @ 16:47:50
Author: heftig
Revision: 220624
Implement CA rethink
Added:
ca-certificates/trunk/ca-certificates-utils.install
(from rev 220619, ca-certificates/trunk/ca-certificates.install)
ca-certificates/trunk/confd.patch
Modified:
ca-certificates/trunk/PKGBUILD
Deleted:
ca-certificates/trunk/ca-certificates.install
-------------------------------+
PKGBUILD | 51 +++++++++++++++++++---------------------
ca-certificates-utils.install | 18 ++++++++++++++
ca-certificates.install | 23 ------------------
confd.patch | 28 +++++++++++++++++++++
4 files changed, 71 insertions(+), 49 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2014-08-24 14:47:45 UTC (rev 220623)
+++ PKGBUILD 2014-08-24 14:47:50 UTC (rev 220624)
@@ -1,43 +1,42 @@
# $Id$
# Maintainer: Pierre Schmitz <[email protected]>
-pkgname=ca-certificates
+pkgbase=ca-certificates
+pkgname=(ca-certificates-utils ca-certificates)
pkgver=20140325
-pkgrel=1
+pkgrel=2
pkgdesc='Common CA certificates'
arch=('any')
url='http://packages.qa.debian.org/c/ca-certificates.html'
license=('MPL' 'GPL')
-source=("http://ftp.debian.org/debian/pool/main/c/${pkgname}/${pkgname}_${pkgver}.tar.xz";)
depends=('bash' 'run-parts' 'openssl' 'findutils' 'coreutils' 'sed')
makedepends=('python2')
-install='ca-certificates.install'
-backup=('etc/ca-certificates.conf')
-sha256sums=('c0e3d8c517995db2737f7f1a9b69d654b8823fa6d337871c6ce111fcf083454a')
+source=("http://ftp.debian.org/debian/pool/main/c/${pkgbase}/${pkgbase}_${pkgver}.tar.xz";
+ confd.patch)
+sha256sums=('c0e3d8c517995db2737f7f1a9b69d654b8823fa6d337871c6ce111fcf083454a'
+ '6a6efe688bd7f40dc57d07ad6bfdbb83f4853a1964c55e0620e833e6c2945dab')
prepare() {
- cd ${srcdir}/${pkgname}
- sed 's|/usr/bin/python|/usr/bin/python2|g' -i mozilla/certdata2pem.py
- sed 's|python|python2|g' -i mozilla/Makefile
+ cd "${srcdir}/${pkgbase}"
+ patch -Np1 -i ../confd.patch
}
-build() {
- cd ${srcdir}/${pkgname}
- make SUBDIRS=mozilla
+package_ca-certificates-utils() {
+ pkgdesc+=" (utilities)"
+ backup=('etc/ca-certificates.conf')
+ install=ca-certificates-utils.install
+ provides=(ca-certificates)
+
+ cd "${srcdir}/${pkgbase}"
+
+ install -d
"${pkgdir}"/{etc/{ca-certificates/update.d,ssl/certs},usr/share/ca-certificates}
+ install -Dm644 sbin/update-ca-certificates.8
"${pkgdir}/usr/share/man/man8/update-ca-certificates.8"
+ install -D sbin/update-ca-certificates
"${pkgdir}/usr/bin/update-ca-certificates"
}
-package() {
- cd ${srcdir}/${pkgname}
- install -d -m755
${pkgdir}/{etc/ca-certificates/update.d,usr/{sbin,share/ca-certificates},etc/ssl/certs}
- make install SUBDIRS=mozilla DESTDIR=${pkgdir}
- mv ${pkgdir}/usr/sbin ${pkgdir}/usr/bin
- install -D -m644 sbin/update-ca-certificates.8
${pkgdir}/usr/share/man/man8/update-ca-certificates.8
+package_ca-certificates() {
+ pkgdesc+=" (default providers)"
+ depends=(ca-certificates-{mozilla,cacert})
+}
- (
- echo "# Automatically generated by ${pkgname}-${pkgver}-${pkgrel}"
- echo "# see update-ca-certificates man page"
- echo "# "
- cd ${pkgdir}/usr/share/ca-certificates
- find . -name '*.crt' | sort | cut -b3-
- ) > ${pkgdir}/etc/ca-certificates.conf
-}
+# vim:set noet ts=8 sw=8:
Copied: ca-certificates/trunk/ca-certificates-utils.install (from rev 220619,
ca-certificates/trunk/ca-certificates.install)
===================================================================
--- ca-certificates-utils.install (rev 0)
+++ ca-certificates-utils.install 2014-08-24 14:47:50 UTC (rev 220624)
@@ -0,0 +1,18 @@
+export LC_ALL=C
+
+post_install() {
+ usr/bin/update-ca-certificates --fresh >/dev/null 2>&1
+}
+
+post_upgrade() {
+ usr/bin/update-ca-certificates --fresh >/dev/null 2>&1
+}
+
+pre_remove() {
+ usr/bin/update-ca-certificates --fresh >/dev/null 2>&1
+}
+
+post_remove() {
+ # remove the cert file if it is empty
+ [[ -s etc/ssl/certs/ca-certificates.crt ]] || rm -f
etc/ssl/certs/ca-certificates.crt
+}
Deleted: ca-certificates.install
===================================================================
--- ca-certificates.install 2014-08-24 14:47:45 UTC (rev 220623)
+++ ca-certificates.install 2014-08-24 14:47:50 UTC (rev 220624)
@@ -1,23 +0,0 @@
-export LC_ALL=C
-
-post_install() {
- usr/bin/update-ca-certificates --fresh >/dev/null 2>&1
-}
-
-post_upgrade() {
- usr/bin/update-ca-certificates --fresh >/dev/null 2>&1
-}
-
-pre_remove() {
- # clean up certificates
- local _backup=$(mktemp)
- mv etc/ca-certificates.conf ${_backup}
- echo > etc/ca-certificates.conf
- usr/bin/update-ca-certificates --fresh >/dev/null 2>&1
- mv ${_backup} etc/ca-certificates.conf
-}
-
-post_remove() {
- # remove the cert file if it is empty
- [[ -s etc/ssl/certs/ca-certificates.crt ]] || rm -f
etc/ssl/certs/ca-certificates.crt
-}
Added: confd.patch
===================================================================
--- confd.patch (rev 0)
+++ confd.patch 2014-08-24 14:47:50 UTC (rev 220624)
@@ -0,0 +1,28 @@
+diff -u -Nwr ca-certificates/sbin/update-ca-certificates
ca-certificates.confd/sbin/update-ca-certificates
+--- ca-certificates/sbin/update-ca-certificates 2014-03-13
13:43:00.000000000 +0100
++++ ca-certificates.confd/sbin/update-ca-certificates 2014-08-24
13:36:19.264068119 +0200
+@@ -37,7 +37,7 @@
+ shift
+ done
+
+-CERTSCONF=/etc/ca-certificates.conf
++CERTSCONFS=/etc/ca-certificates/conf.d/*.conf
+ CERTSDIR=/usr/share/ca-certificates
+ LOCALCERTSDIR=/usr/local/share/ca-certificates
+ CERTBUNDLE=ca-certificates.crt
+@@ -101,6 +101,7 @@
+
+ echo -n "Updating certificates in $ETCCERTSDIR... "
+
++for CERTSCONF in $CERTSCONFS; do
+ # Handle certificates that should be removed. This is an explicit act
+ # by prefixing lines in the configuration files with exclamation marks (!).
+ sed -n -e '/^$/d' -e 's/^!//p' $CERTSCONF | while read crt
+@@ -117,6 +118,7 @@
+ fi
+ add "$CERTSDIR/$crt"
+ done
++done
+
+ # Now process certificate authorities installed by the local system
+ # administrator.
