Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package ca-certificates for openSUSE:Factory
checked in at 2023-04-08 17:38:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
and /work/SRC/openSUSE:Factory/.ca-certificates.new.19717 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ca-certificates"
Sat Apr 8 17:38:24 2023 rev:52 rq:1077676 version:2+git20230406.2dae8b7
Changes:
--------
--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes
2021-10-12 21:49:54.831919866 +0200
+++
/work/SRC/openSUSE:Factory/.ca-certificates.new.19717/ca-certificates.changes
2023-04-08 17:38:26.957834271 +0200
@@ -1,0 +2,8 @@
+Thu Apr 06 08:03:11 UTC 2023 - lnus...@suse.de
+
+- Update to version 2+git20230406.2dae8b7:
+ * Build in place support
+ * Fix up argument parsing
+ * merge spec file into git
+
+-------------------------------------------------------------------
Old:
----
ca-certificates-2+git20210723.27a0476.obscpio
ca-certificates-2+git20211004.3efbea9.obscpio
New:
----
ca-certificates-2+git20230406.2dae8b7.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ca-certificates.spec ++++++
--- /var/tmp/diff_new_pack.IMEOM1/_old 2023-04-08 17:38:27.785839025 +0200
+++ /var/tmp/diff_new_pack.IMEOM1/_new 2023-04-08 17:38:27.789839047 +0200
@@ -1,7 +1,7 @@
#
# spec file for package ca-certificates
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,6 +16,16 @@
#
+%if 0%{?_build_in_place}
+%define git_version %(git log '-n1' '--date=format:%Y%m%d'
'--no-show-signature' "--pretty=format:+git%cd.%h")
+BuildRequires: git-core
+%else
+# this is required for obs' source validator. It's
+# 20-files-present-and-referenced ignores all conditionals. So the
+# definition of git_version actually happens always.
+%define git_version %{nil}
+%endif
+
# the ca bundle file was meant as compat option for e.g.
# proprietary packages. It's not meant to be used at all.
# unfortunately glib-networking has such a complicated abstraction
@@ -28,7 +38,7 @@
%define ssletcdir %{_sysconfdir}/ssl
%define cabundle /var/lib/ca-certificates/ca-bundle.pem
%define sslcerts %{ssletcdir}/certs
-Version: 2+git20211004.3efbea9
+Version: 2+git20230406.2dae8b7%{git_version}
Release: 0
Summary: Utilities for system wide CA certificate installation
License: GPL-2.0-or-later
++++++ _service ++++++
--- /var/tmp/diff_new_pack.IMEOM1/_old 2023-04-08 17:38:27.825839254 +0200
+++ /var/tmp/diff_new_pack.IMEOM1/_new 2023-04-08 17:38:27.829839277 +0200
@@ -2,9 +2,10 @@
<service name="obs_scm" mode="manual">
<param name="version">2</param>
<param name="versionformat">2+git%cd.%h</param>
- <param name="url">http://github.com/openSUSE/ca-certificates.git</param>
+ <param name="url">https://github.com/openSUSE/ca-certificates.git</param>
<param name="scm">git</param>
<param name="changesgenerate">enable</param>
+ <param name="extract">ca-certificates.spec</param>
</service>
<service name="set_version" mode="manual"/>
<service mode="buildtime" name="tar"/>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.IMEOM1/_old 2023-04-08 17:38:27.853839415 +0200
+++ /var/tmp/diff_new_pack.IMEOM1/_new 2023-04-08 17:38:27.857839437 +0200
@@ -1,6 +1,8 @@
<servicedata>
<service name="tar_scm">
<param
name="url">http://github.com/openSUSE/ca-certificates.git</param>
- <param
name="changesrevision">15986b230062fc4355616d0c63180811704b0933</param></service></servicedata>
+ <param
name="changesrevision">d16f02666b959e10f5bc64b6ab26b398f388ad0b</param></service><service
name="tar_scm">
+ <param
name="url">https://github.com/openSUSE/ca-certificates.git</param>
+ <param
name="changesrevision">2dae8b77c250506dc1bf862351c3a5de89a08e90</param></service></servicedata>
(No newline at EOF)
++++++ ca-certificates-2+git20210723.27a0476.obscpio ->
ca-certificates-2+git20230406.2dae8b7.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ca-certificates-2+git20210723.27a0476/ca-certificates.spec
new/ca-certificates-2+git20230406.2dae8b7/ca-certificates.spec
--- old/ca-certificates-2+git20210723.27a0476/ca-certificates.spec
1970-01-01 01:00:00.000000000 +0100
+++ new/ca-certificates-2+git20230406.2dae8b7/ca-certificates.spec
2023-04-06 10:02:54.000000000 +0200
@@ -0,0 +1,148 @@
+#
+# spec file for package ca-certificates
+#
+# Copyright (c) 2021 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+%if 0%{?_build_in_place}
+%define git_version %(git log '-n1' '--date=format:%Y%m%d'
'--no-show-signature' "--pretty=format:+git%cd.%h")
+BuildRequires: git-core
+%else
+# this is required for obs' source validator. It's
+# 20-files-present-and-referenced ignores all conditionals. So the
+# definition of git_version actually happens always.
+%define git_version %{nil}
+%endif
+
+# the ca bundle file was meant as compat option for e.g.
+# proprietary packages. It's not meant to be used at all.
+# unfortunately glib-networking has such a complicated abstraction
+# on top of gnutls that we have to live with the bundle for now
+%bcond_without cabundle
+
+BuildRequires: p11-kit-devel
+
+Name: ca-certificates
+%define ssletcdir %{_sysconfdir}/ssl
+%define cabundle /var/lib/ca-certificates/ca-bundle.pem
+%define sslcerts %{ssletcdir}/certs
+Version: 2%{git_version}
+Release: 0
+Summary: Utilities for system wide CA certificate installation
+License: GPL-2.0-or-later
+Group: Productivity/Networking/Security
+Source0: ca-certificates-%{version}.tar
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
+URL: https://github.com/openSUSE/ca-certificates
+#
+Requires: /usr/bin/readlink
+Requires: p11-kit
+Requires: p11-kit-tools >= 0.23.1
+# needed for post
+Requires(post): p11-kit-tools /usr/bin/readlink
+Recommends: ca-certificates-mozilla
+# no need for a separate Java package anymore. The bundle is
+# created by C code.
+Obsoletes: java-ca-certificates = 1
+Provides: java-ca-certificates = %version-%release
+BuildArch: noarch
+
+%description
+Update-ca-certificates is intended to keep the certificate stores of
+SSL libraries like OpenSSL or GnuTLS in sync with the system's CA
+certificate store that is managed by p11-kit.
+
+%prep
+%setup -q
+
+%build
+
+%install
+%if %{without cabundle}
+rm -f certbundle.run
+%endif
+%make_install
+ln -s service %{buildroot}%{_sbindir}/rcca-certificates
+install -d -m 755 %{buildroot}%{trustdir_cfg}/{anchors,blacklist}
+install -d -m 755 %{buildroot}%{trustdir_static}/{anchors,blacklist}
+install -d -m 755 %{buildroot}%{ssletcdir}
+install -d -m 755 %{buildroot}/etc/ca-certificates/update.d
+install -d -m 755 %{buildroot}%{_prefix}/lib/ca-certificates/update.d
+install -d -m 555 %{buildroot}/var/lib/ca-certificates/pem
+install -d -m 555 %{buildroot}/var/lib/ca-certificates/openssl
+install -d -m 755 %{buildroot}/%{_prefix}/lib/systemd/system
+ln -s ../../var/lib/ca-certificates/pem %{buildroot}%{sslcerts}
+%if %{with cabundle}
+install -D -m 444 /dev/null %{buildroot}/%{cabundle}
+ln -s %{cabundle} %{buildroot}%{ssletcdir}/ca-bundle.pem
+%endif
+install -D -m 444 /dev/null %{buildroot}/var/lib/ca-certificates/java-cacerts
+
+%pre
+%service_add_pre ca-certificates.path ca-certificates.service
+
+%post
+# force rebuilding all certificate stores.
+update-ca-certificates -f || true
+%service_add_post ca-certificates.path ca-certificates.service
+
+%preun
+%service_del_preun ca-certificates.path ca-certificates.service
+
+%postun
+if [ "$1" -eq 0 ]; then
+ rm -rf /var/lib/ca-certificates/pem /var/lib/ca-certificates/openssl
+fi
+%service_del_postun ca-certificates.path ca-certificates.service
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-, root, root)
+%license COPYING
+%doc README
+%dir %{pkidir_cfg}
+%dir %{trustdir_cfg}
+%dir %{trustdir_cfg}/anchors
+%dir %{trustdir_cfg}/blacklist
+%dir %{pkidir_static}
+%dir %{trustdir_static}
+%dir %{trustdir_static}/anchors
+%dir %{trustdir_static}/blacklist
+%dir %ssletcdir
+%sslcerts
+%ghost /var/lib/ca-certificates/java-cacerts
+%dir /etc/ca-certificates
+%dir /etc/ca-certificates/update.d
+%dir %{_prefix}/lib/ca-certificates
+%dir %{_prefix}/lib/ca-certificates/update.d
+%{_prefix}/lib/systemd/system/*
+%dir /var/lib/ca-certificates
+%dir /var/lib/ca-certificates/pem
+%dir /var/lib/ca-certificates/openssl
+%{_sbindir}/rcca-certificates
+%{_sbindir}/update-ca-certificates
+%{_mandir}/man8/update-ca-certificates.8*
+%{_prefix}/lib/ca-certificates/update.d/*java.run
+%{_prefix}/lib/ca-certificates/update.d/*etc_ssl.run
+%{_prefix}/lib/ca-certificates/update.d/*openssl.run
+#
+%if %{with cabundle}
+%{ssletcdir}/ca-bundle.pem
+%ghost %{cabundle}
+%{_prefix}/lib/ca-certificates/update.d/*certbundle.run
+%endif
+
+%changelog
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ca-certificates-2+git20210723.27a0476/certbundle.run
new/ca-certificates-2+git20230406.2dae8b7/certbundle.run
--- old/ca-certificates-2+git20210723.27a0476/certbundle.run 2021-07-23
14:22:15.000000000 +0200
+++ new/ca-certificates-2+git20230406.2dae8b7/certbundle.run 2023-04-06
10:02:54.000000000 +0200
@@ -37,5 +37,6 @@
mv -f "$cafile.new" "$cafile"
if ! test -e $destdir/etc/ssl/ca-bundle.pem && ! test -L
$destdir/etc/ssl/ca-bundle.pem; then
[ -z "$verbose" ] || echo "restoring $destdir/etc/ssl/ca-bundle.pem ..."
+ install -d -m 0755 $destdir/etc/ssl
ln -s ../../var/lib/ca-certificates/ca-bundle.pem
$destdir/etc/ssl/ca-bundle.pem
fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ca-certificates-2+git20210723.27a0476/etc_ssl.run
new/ca-certificates-2+git20230406.2dae8b7/etc_ssl.run
--- old/ca-certificates-2+git20210723.27a0476/etc_ssl.run 2021-07-23
14:22:15.000000000 +0200
+++ new/ca-certificates-2+git20230406.2dae8b7/etc_ssl.run 2023-04-06
10:02:54.000000000 +0200
@@ -46,7 +46,7 @@
-*) echo "invalid option: $1" >&2; exit 1 ;;
esac
-mkdir -p "${destdir}$pemdir"
+install -d -m 0755 "${destdir}$pemdir"
trust extract --purpose=server-auth --filter=ca-anchors
--format=pem-directory-hash -f "${destdir}$pemdir"
# fix up /etc/ssl/certs if it's not a link pointing to
/var/lib/ca-certificates/pem
@@ -55,5 +55,6 @@
if [ -d "$etccertsdir" ]; then
mv -Tv --backup=numbered "$etccertsdir" "$etccertsdir.old"
fi
+ install -d -m 0755 "${etccertsdir%/*}"
ln -Tsv --backup=numbered "../..$pemdir" "$etccertsdir"
-fi
\ No newline at end of file
+fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ca-certificates-2+git20210723.27a0476/openssl.run
new/ca-certificates-2+git20230406.2dae8b7/openssl.run
--- old/ca-certificates-2+git20210723.27a0476/openssl.run 2021-07-23
14:22:15.000000000 +0200
+++ new/ca-certificates-2+git20230406.2dae8b7/openssl.run 2023-04-06
10:02:54.000000000 +0200
@@ -15,7 +15,7 @@
done
[ -z "$verbose" ] || echo "creating $cadir ..."
-mkdir -p "$cadir"
+install -d -m 0755 -p "$cadir"
trust extract --format=openssl-directory --filter=ca-anchors --overwrite $cadir
# vim: syntax=sh
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ca-certificates-2+git20210723.27a0476/update-ca-certificates
new/ca-certificates-2+git20230406.2dae8b7/update-ca-certificates
--- old/ca-certificates-2+git20210723.27a0476/update-ca-certificates
2021-07-23 14:22:15.000000000 +0200
+++ new/ca-certificates-2+git20230406.2dae8b7/update-ca-certificates
2023-04-06 10:02:54.000000000 +0200
@@ -46,20 +46,23 @@
exit 0
}
-for arg in "$@"; do
- case "$arg" in
- -v|--verbose) verbose='-v' ;;
- -f|--fresh) fresh='-f' ;;
- -r|--root)
- shift
- destdir=$1
- if [ -z $destdir ]; then
- echo "-r option requires parameter <directory>"
- exit 1
- fi
- ;;
- -h|--help) help_and_exit ;;
- -*) echo "invalid option: $1" >&2; exit 1 ;;
+args=("$@")
+while [ $# -gt 0 ]; do
+ param="$1"
+ arg="$2"
+ test "$arg" = "${arg#-}" || arg=
+ shift
+ case "$param" in
+ -v|--verbose) verbose='-v' ;;
+ -f|--fresh) fresh='-f' ;;
+ -r|--root) destdir="$arg"; shift
+ if [ -z "$destdir" ]; then
+ echo "-r option requires parameter <directory>"
+ exit 1
+ fi
+ ;;
+ -h|--help) help_and_exit ;;
+ -*) echo "invalid option: $param" >&2; exit 1 ;;
esac
done
@@ -75,12 +78,15 @@
esac
rm -f /etc/pki/trust/.updated
-mkdir -p "$statedir"
+export destdir
+
+install -d -m 0755 "$destdir/$statedir"
# serialize calls if we can
if [ -z "$_CA_CERTIFICATES_LOCKED" -a -x /usr/bin/flock ]; then
export _CA_CERTIFICATES_LOCKED="1"
- exec /usr/bin/flock "$statedir" "$0" "$@"
- echo "failed to lock $statedir\n" >&2
+ set -- "${args[@]}"
+ exec /usr/bin/flock "$destdir/$statedir" "$0" "$@"
+ echo "failed to lock $destdir/$statedir\n" >&2
exit 1
fi
@@ -104,3 +110,4 @@
fi
"$f" $fresh $verbose
done < <(find_hooks|sort -k 1,1 -u)
+chmod 0555 "$destdir/$statedir"
++++++ ca-certificates.obsinfo ++++++
--- /var/tmp/diff_new_pack.IMEOM1/_old 2023-04-08 17:38:27.989840196 +0200
+++ /var/tmp/diff_new_pack.IMEOM1/_new 2023-04-08 17:38:27.993840219 +0200
@@ -1,6 +1,5 @@
name: ca-certificates
-version: 2+git20211004.3efbea9
-mtime: 1633335598
-commit: 3efbea9d908d0ecf3678aeef8ade884c0c155175
-
+version: 2+git20230406.2dae8b7
+mtime: 1680768174
+commit: 2dae8b77c250506dc1bf862351c3a5de89a08e90
