diff options
| author | Waldemar Brodkorb <wbx@openadk.org> | 2010-02-07 20:03:20 +0100 |
|---|---|---|
| committer | Waldemar Brodkorb <wbx@openadk.org> | 2010-02-07 20:03:20 +0100 |
| commit | 6daa792eab1488d013fefc5eb7e4d01f40f38687 (patch) | |
| tree | 6391cc46bb9fc8b859d99175ea317e5fa7b37959 /package/ca-certificates/src | |
| parent | adcaca72539b2ff4a5f4deee00d5f0251378ac9b (diff) | |
change defaults for CONFIG/BUILD/INSTALL styles
All packages need an update, so here is a very huge commit.
Most of the 460 source packages use automatic style for configuration,
building and installing. Make these styles default to "auto".
If you have a package, which does not conform to this, just use
manual style and add a do-$task make target.
I added a new style named AUTOTOOL style, which is needed for some
broken packages, which needs to be updated via autoconf or automake.
I renamed CONFIGURE_STYLE to CONFIG_STYLE.
Updates for some packages, which have newer upstream versions.
Renaming of all package/*/extra directories. Use the directory
src/ to provide overwrites of source files or to add the code, when
no upstream package is available or used. src directory will be automatically
used.
Diffstat (limited to 'package/ca-certificates/src')
| -rw-r--r-- | package/ca-certificates/src/update-ca-certificates | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/package/ca-certificates/src/update-ca-certificates b/package/ca-certificates/src/update-ca-certificates new file mode 100644 index 000000000..c86f7676f --- /dev/null +++ b/package/ca-certificates/src/update-ca-certificates @@ -0,0 +1,80 @@ +#!/bin/sh +# +# update-ca-certificates script for embedded systems. +# +# Copyright (C) 2009 Phil Sutter <phil@nwl.cc> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +CRTCONF=/etc/ca-certificates.conf +CRTDIR=/usr/share/ca-certificates +LNKDIR=/etc/ssl/certs +OPENSSL="openssl" + +cert_type() { # (certfile) + grep -qE '^-----BEGIN (X509 |TRUSTED |)CERTIFICATE-----' $1 && { + echo "cert" + return 0 + } + grep -qE '^-----BEGIN X509 CRL-----' $1 && { + echo "crl" + return 0 + } + echo "unknown" + return 1 +} + +${OPENSSL} version >/dev/null 2>&1 || { + echo "Fatal: no openssl executable found, bailing out" + exit 1 +} + +for l in $(ls ${DESTDIR}${LNKDIR}/* 2>/dev/null); do + [ -L "$l" ] && rm -f "$l" +done + +cat ${DESTDIR}$CRTCONF | while read crt; do + [ -n "$crt" ] || continue + [[ "$crt" = -* ]] && continue + + cname="$(basename $crt)" + + ln -s ${CRTDIR}/$crt ${DESTDIR}${LNKDIR}/$cname + + ctype="$(cert_type ${DESTDIR}${CRTDIR}/$crt)" + case $ctype in + cert) + sslcmd="x509" + pfx="" + ;; + crl) + sslcmd="crl" + pfx="r" + ;; + *) + echo "Warning: ignoring unknown filetype ${DESTDIR}${CRTDIR}/$crt" + continue + ;; + esac + + hsh="$(${OPENSSL} $sslcmd -hash -noout -in ${DESTDIR}${CRTDIR}/$crt)" + idx=0 + while [ -e ${DESTDIR}${LNKDIR}/${hsh}.${pfx}${idx} ]; do + let "idx++" + done + ln -s ${CRTDIR}/$crt ${DESTDIR}${LNKDIR}/${hsh}.${pfx}${idx} +done + +exit 0 |