main/ca-certificates: add copy of c_rehash tool

We want to avoid ca-certificates dependency for openssl tool for two reasons: - it is very large to be mandatory dependency - it disallows user choosing if openssl or libressl package should be installed Neither the openssl c_rehash nor libressl certhash can be any longer compiled standalone. So include the original c_rehash.c code that was submitted for openssl inclusion that can be built standalone.

main/ca-certificates: add copy of c_rehash tool
11bef327 · Timo Teräs · 05729420 · 11bef327
Commit 11bef327 authored 8 years ago by Timo Teräs
--- a/main/ca-certificates/APKBUILD
+++ b/main/ca-certificates/APKBUILD
@@ -2,13 +2,13 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=ca-certificates
 pkgver=20160104
-pkgrel=6
+pkgrel=7
 pkgdesc="Common CA certificates PEM files"
 url="http://packages.debian.org/sid/ca-certificates"
 arch="all"
 license="MPL 2.0 GPL2+"
-depends="libressl"  # for `openssl certhash`
-makedepends="python2"
+depends=""
+makedepends="python2 libressl-dev"
 subpackages="$pkgname-doc"
 options="!fhs"
 triggers="ca-certificates.trigger=/usr/share/ca-certificates:/usr/local/share/ca-certificates:/etc/ssl/certs:/etc/ca-certificates/update.d"
@@ -16,6 +16,7 @@ install="$pkgname.post-deinstall"
 source="http://ftp.no.debian.org/debian/pool/main/c/$pkgname/${pkgname}_${pkgver}.tar.xz
 	fix-manpage.patch
 	update-ca.c
+	c_rehash.c
 	"
 builddir="$srcdir/$pkgname"

@@ -25,12 +26,15 @@ build () {

 	${CC:-gcc} ${CFLAGS} -o update-ca-certificates "$srcdir"/update-ca.c \
 		${LDFLAGS} || return 1
+	${CC:-gcc} ${CFLAGS} -o c_rehash "$srcdir"/c_rehash.c -lcrypto \
+		${LDFLAGS} || return 1
 }

 package() {
 	cd "$builddir"

 	install -d -m755 "$pkgdir"/etc/ca-certificates/update.d \
+		"$pkgdir"/usr/bin \
 		"$pkgdir"/usr/sbin \
 		"$pkgdir"/usr/share/ca-certificates \
 		"$pkgdir"/usr/local/share/ca-certificates \
@@ -55,6 +59,9 @@ package() {
 	install -m755 update-ca-certificates "$pkgdir"/usr/sbin \
 		|| return 1

+	install -m755 c_rehash "$pkgdir"/usr/bin \
+		|| return 1
+
 	mkdir -p "$pkgdir"/etc/apk/protected_paths.d
 	cat > "$pkgdir"/etc/apk/protected_paths.d/ca-certificates.list <<-EOF
 		-etc/ssl/certs/ca-certificates.crt
@@ -64,17 +71,20 @@ package() {

 	cat > "$pkgdir"/etc/ca-certificates/update.d/certhash <<-EOF
 		#!/bin/sh
-		exec /usr/bin/openssl certhash /etc/ssl/certs
+		exec /usr/bin/c_rehash /etc/ssl/certs
 	EOF
 	chmod +x "$pkgdir"/etc/ca-certificates/update.d/certhash || return 1
 }

 md5sums="d9665a83d0d3ef8176a38e6aa20458e9  ca-certificates_20160104.tar.xz
 0c3d9f5d795c7475b997e18498b7aec8  fix-manpage.patch
-6b1767474cc5a1358de33774cb5a73ca  update-ca.c"
+6b1767474cc5a1358de33774cb5a73ca  update-ca.c
+2b64084b5d8e01f5b745c4e1f053a899  c_rehash.c"
 sha256sums="09eb770122e23260316120c0cbbddc8a1d33e7147210ce44e146084d5d5abcdd  ca-certificates_20160104.tar.xz
 60b36c4881bb367891df038a0736456c2d170496de8c339026671008b1caa09b  fix-manpage.patch
-5fa0d5c58fa20176bc97faec161fc532f956370ee6c650cbfb6039c4e6b12c24  update-ca.c"
+5fa0d5c58fa20176bc97faec161fc532f956370ee6c650cbfb6039c4e6b12c24  update-ca.c
+68f70afada0cd8fc2289102145c11d5d8b6d2421ed4b7624094bcf5dfce7d2f5  c_rehash.c"
 sha512sums="4291ba58057b66d56853162b71862832135eab6f444a5e2cf3dd1089495d44624246dc0c540871851fe9aaceb42054516309402525c8f16a88911d3af9c3518a  ca-certificates_20160104.tar.xz
 690d6bb434fb3ccce931d7ee6a167124f9c2d2e7e7a016d85f7b72a5f7f7c34db8c6133f3575e962a91981a32a88f8961776fe5fd907e57f59c03a32f2fcced3  fix-manpage.patch
-e5a74e35368c8334b51de182ab921c4b1e243df3c35bfe4bbd4e0c8d742d0ca34e274b68c1b9854ed38add680a29cb6027677fa337017ef7a0eca78922c3a22e  update-ca.c"
+e5a74e35368c8334b51de182ab921c4b1e243df3c35bfe4bbd4e0c8d742d0ca34e274b68c1b9854ed38add680a29cb6027677fa337017ef7a0eca78922c3a22e  update-ca.c
+ce32e104f995818f237c21ec09c4252c3c0e7421a6eabaab9a7a82e6abf66814d412db43d16ff51dee119b824e7418334f6919f621afa75e03a23c31dccacfcc  c_rehash.c"