This is an automated email from the git hooks/post-receive script. ebourg-guest pushed a commit to branch master in repository ca-certificates-java.
commit 9c840ab811f5abe62c26697567365815184dfea1 Author: Torsten Werner <[email protected]> Date: Sun Apr 24 22:59:25 2011 +0000 updating the jks-keystore.hook --- debian/jks-keystore.hook | 75 ++++-------------------------------------------- 1 file changed, 6 insertions(+), 69 deletions(-) diff --git a/debian/jks-keystore.hook b/debian/jks-keystore.hook index 37a8e41..a23ee1d 100644 --- a/debian/jks-keystore.hook +++ b/debian/jks-keystore.hook @@ -7,21 +7,20 @@ if [ -f /etc/default/cacerts ]; then . /etc/default/cacerts fi -KEYSTORE=/etc/ssl/certs/java/cacerts - echo "" if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then echo "updates of cacerts keystore disabled." exit 0 fi +# Do we still need it? TODO: check that. if ! mountpoint -q /proc; then echo >&2 "the keytool command requires a mounted proc fs (/proc)." exit 1 fi -for jvm in java-6-openjdk java-6-sun java-6-cacao; do - if [ -x /usr/lib/jvm/$jvm/bin/keytool ]; then +for jvm in java-6-openjdk java-7-openjdk java-6-sun; do + if [ -x /usr/lib/jvm/$jvm/bin/java ]; then break fi done @@ -36,72 +35,10 @@ if [ ! -f /etc/$jvm/jvm.cfg ]; then printf -- "-server KNOWN\n" > $temp_jvm_cfg fi -# read lines of the form: [+-]/etc/ssl/certs/*.pem - -echo "updating keystore $KEYSTORE..." +CLASSPATH=/usr/share/ca-certificates-java +export CLASSPATH -errors=0 -log=$(tempfile) -while read line; do - pem=${line#[+-]*} - alias=$(basename $pem .crt | tr A-Z a-z | tr -cs a-z0-9 _) - alias=${alias%*_} - LANG=C LC_ALL=C keytool -list -keystore $KEYSTORE \ - -storepass "$storepass" -alias "$alias" >/dev/null 2>&1 \ - && exists=yes || exists=no - case "$line" in - +*) - if [ "$exists" = yes ]; then - echo " already exists: ${line#+*}" - else - if LANG=C LC_ALL=C keytool -importcert -trustcacerts \ - -keystore $KEYSTORE -noprompt -storepass "$storepass" \ - -alias "$alias" -file "$pem" > $log 2>&1 - then - echo " added: ${line#+*}" - elif LANG=C LC_ALL=C keytool -importcert -trustcacerts \ - -keystore $KEYSTORE -noprompt -storepass "$storepass" \ - -providerClass sun.security.pkcs11.SunPKCS11 \ - -providerArg '${java.home}/lib/security/nss.cfg' \ - -alias "$alias" -file "$pem" > $log 2>&1 - then - echo " added: ${line#+*} (using NSS provider)" - elif grep -q 'Signature not available' $log; then - echo " ignored import, signature not available: ${line#+*}" - cat $log - else - echo >&2 " error adding ${line#+*}" - errors=$(expr $errors + 1) - fi; - fi - ;; - -*) - if [ "$exists" = yes ]; then - if LANG=C LC_ALL=C keytool -delete -keystore $KEYSTORE \ - -noprompt -storepass "$storepass" \ - -alias "$alias" - then - echo " removed ${line#-*}" - elif LANG=C LC_ALL=C keytool -delete -keystore $KEYSTORE \ - -noprompt -storepass "$storepass" \ - -providerClass sun.security.pkcs11.SunPKCS11 \ - -providerArg '${java.home}/lib/security/nss.cfg' \ - -alias "$alias" - then - echo " removed ${line#-*} (using NSS provider)" - else - echo >&2 " error removing ${line#+*}" - errors=$(expr $errors + 1) - fi - else - echo " does not exist: ${line#-*}" - fi - ;; - *) - echo >&2 " $0: Unknown line $line" - esac -done -rm -f $log +java UpdateCertificates -storepass "$storepass" [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/ca-certificates-java.git _______________________________________________ pkg-java-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
