diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2011-09-02 17:47:17 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2011-09-02 17:47:17 +0000 |
| commit | a7e51826fe624286827a98ed402876cc17770fe9 (patch) | |
| tree | 1231c69e882de6ca66a426bc9ed3fb95d9f1faa2 /app-misc/ca-certificates | |
| parent | Version bump #381467 by teidakankan. Fixes rpath issues #328467 by William T... (diff) | |
| download | gentoo-2-a7e51826fe624286827a98ed402876cc17770fe9.tar.gz gentoo-2-a7e51826fe624286827a98ed402876cc17770fe9.tar.bz2 gentoo-2-a7e51826fe624286827a98ed402876cc17770fe9.zip | |
Move the config file generation to src_compile for most people to make binpkgs easier to deploy.
(Portage version: 2.2.0_alpha51/cvs/Linux x86_64)
Diffstat (limited to 'app-misc/ca-certificates')
| -rw-r--r-- | app-misc/ca-certificates/ChangeLog | 10 | ||||
| -rw-r--r-- | app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild | 84 | ||||
| -rw-r--r-- | app-misc/ca-certificates/files/ca-certificates-20090709-root.patch | 107 |
3 files changed, 200 insertions, 1 deletions
diff --git a/app-misc/ca-certificates/ChangeLog b/app-misc/ca-certificates/ChangeLog index 3145904fb103..38543210eeeb 100644 --- a/app-misc/ca-certificates/ChangeLog +++ b/app-misc/ca-certificates/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-misc/ca-certificates # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-misc/ca-certificates/ChangeLog,v 1.46 2011/09/01 14:14:07 chainsaw Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-misc/ca-certificates/ChangeLog,v 1.47 2011/09/02 17:47:17 vapier Exp $ + +*ca-certificates-20110502-r2 (02 Sep 2011) + + 02 Sep 2011; Mike Frysinger <vapier@gentoo.org> + +files/ca-certificates-20090709-root.patch, + +ca-certificates-20110502-r2.ebuild: + Move the config file generation to src_compile for most people to make + binpkgs easier to deploy. 01 Sep 2011; Tony Vroon <chainsaw@gentoo.org> ca-certificates-20110502-r1.ebuild: diff --git a/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild b/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild new file mode 100644 index 000000000000..425ba1c81d9f --- /dev/null +++ b/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild,v 1.1 2011/09/02 17:47:17 vapier Exp $ + +EAPI="2" + +inherit eutils + +DESCRIPTION="Common CA Certificates PEM files" +HOMEPAGE="http://packages.debian.org/sid/ca-certificates" +SRC_URI="mirror://debian/pool/main/c/${PN}/${PN}_${PV}+nmu1_all.deb" + +LICENSE="MPL-1.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" +IUSE="" + +DEPEND="|| ( >=sys-apps/coreutils-6.10-r1 sys-apps/mktemp sys-freebsd/freebsd-ubin )" +RDEPEND="${DEPEND} + dev-libs/openssl + sys-apps/debianutils" + +S=${WORKDIR} + +pkg_setup() { + # For the conversion to having it in CONFIG_PROTECT_MASK, + # we need to tell users about it once manually first. + [[ -f /etc/env.d/98ca-certificates ]] \ + || ewarn "You should run update-ca-certificates manually after etc-update" +} + +src_unpack() { + unpack ${A} + unpack ./data.tar.gz + rm -f control.tar.gz data.tar.gz debian-binary +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-20090709-root.patch +} + +src_compile() { + ( + echo "# Automatically generated by ${CATEGORY}/${PF}" + echo "# $(date -u)" + echo "# Do not edit." + cd "${S}"/usr/share/ca-certificates + find * -name '*.crt' | LC_ALL=C sort + ) > "${S}"/etc/ca-certificates.conf + + "${S}"/usr/sbin/update-ca-certificates --root "${S}" +} + +src_install() { + cp -pPR * "${D}"/ || die + + mv "${D}"/usr/share/doc/{ca-certificates,${PF}} || die + prepalldocs + + echo 'CONFIG_PROTECT_MASK="/etc/ca-certificates.conf"' > 98ca-certificates + doenvd 98ca-certificates +} + +pkg_postinst() { + if [ -d "${ROOT}/usr/local/share/ca-certificates" ] ; then + # if the user has local certs, we need to rebuild again + # to include their stuff in the db. + # However it's too overzealous when the user has custom certs in place. + # --fresh is to clean up dangling symlinks + "${ROOT}"/usr/sbin/update-ca-certificates --root "${ROOT}" + fi + + local c badcerts=0 + for c in $(find -L "${ROOT}"etc/ssl/certs/ -type l) ; do + ewarn "Broken symlink for a certificate at $c" + badcerts=1 + done + if [ $badcerts -eq 1 ]; then + ewarn "You MUST remove the above broken symlinks" + ewarn "Otherwise any SSL validation that use the directory may fail!" + ewarn "To batch-remove them, run:" + ewarn "find -L ${ROOT}etc/ssl/certs/ -type l -exec rm {} +" + fi +} diff --git a/app-misc/ca-certificates/files/ca-certificates-20090709-root.patch b/app-misc/ca-certificates/files/ca-certificates-20090709-root.patch new file mode 100644 index 000000000000..72a4ba1a6ddb --- /dev/null +++ b/app-misc/ca-certificates/files/ca-certificates-20090709-root.patch @@ -0,0 +1,107 @@ +--- a/usr/sbin/update-ca-certificates ++++ b/usr/sbin/update-ca-certificates +@@ -23,6 +23,7 @@ + + verbose=0 + fresh=0 ++ROOT="" + while [ $# -gt 0 ]; + do + case $1 in +@@ -30,6 +31,9 @@ + verbose=1;; + --fresh|-f) + fresh=1;; ++ --root|-r) ++ ROOT=$(readlink -f "$2") ++ shift;; + --help|-h|*) +- echo "$0: [--verbose] [--fresh]" ++ echo "$0: [--verbose] [--fresh] [--root <dir>]" + exit;; +@@ -37,11 +41,11 @@ + shift + done + +-CERTSCONF=/etc/ca-certificates.conf +-CERTSDIR=/usr/share/ca-certificates +-LOCALCERTSDIR=/usr/local/share/ca-certificates ++CERTSCONF="$ROOT/etc/ca-certificates.conf" ++CERTSDIR="$ROOT/usr/share/ca-certificates" ++LOCALCERTSDIR="$ROOT/usr/local/share/ca-certificates" + CERTBUNDLE=ca-certificates.crt +-ETCCERTSDIR=/etc/ssl/certs ++ETCCERTSDIR="$ROOT/etc/ssl/certs" + + cleanup() { + rm -f "$TEMPBUNDLE" +@@ -66,7 +70,7 @@ + -e 's/,/_/g').pem" + if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "$CERT" ] + then +- ln -sf "$CERT" "$PEM" ++ ln -sf "${CERT#$ROOT}" "$PEM" + echo +$PEM >> "$ADDED" + fi + cat "$CERT" >> "$TEMPBUNDLE" +@@ -78,22 +82,22 @@ + if test -L "$PEM" + then + rm -f "$PEM" +- echo -$PEM >> "$REMOVED" ++ echo "-$PEM" >> "$REMOVED" + fi + } + +-cd $ETCCERTSDIR ++cd "$ETCCERTSDIR" + if [ "$fresh" = 1 ]; then + echo -n "Clearing symlinks in $ETCCERTSDIR..." + find . -type l -print | while read symlink + do +- case $(readlink $symlink) in +- $CERTSDIR*) rm -f $symlink;; ++ case $(readlink "$symlink") in ++ "$CERTSDIR"*) rm -f "$symlink";; + esac + done + find . -type l -print | while read symlink + do +- test -f $symlink || rm -f $symlink ++ test -f "$symlink" || rm -f "$symlink" + done + echo "done." + fi +@@ -102,12 +106,12 @@ + + # Handle certificates that should be removed. This is an explicit act + # by prefixing lines in the configuration files with exclamation marks (!). +-sed -n -e '/^$/d' -e 's/^!//p' $CERTSCONF | while read crt ++sed -n -e '/^$/d' -e 's/^!//p' "$CERTSCONF" | while read crt + do + remove "$CERTSDIR/$crt" + done + +-sed -e '/^$/d' -e '/^#/d' -e '/^!/d' $CERTSCONF | while read crt ++sed -e '/^$/d' -e '/^#/d' -e '/^!/d' "$CERTSCONF" | while read crt + do + if ! test -f "$CERTSDIR/$crt" + then +@@ -146,14 +150,14 @@ + + echo "$ADDED_CNT added, $REMOVED_CNT removed; done." + +-HOOKSDIR=/etc/ca-certificates/update.d ++HOOKSDIR="$ROOT/etc/ca-certificates/update.d" + echo -n "Running hooks in $HOOKSDIR...." + VERBOSE_ARG= + [ "$verbose" = 0 ] || VERBOSE_ARG=--verbose +-eval run-parts $VERBOSE_ARG --test -- $HOOKSDIR | while read hook ++eval run-parts $VERBOSE_ARG --test -- \""$HOOKSDIR"\" | while read hook + do + ( cat $ADDED +- cat $REMOVED ) | $hook || echo E: $hook exited with code $?. ++ cat $REMOVED ) | "$hook" || echo E: "$hook" exited with code $?. + done + echo "done." + |