Commit 11bef327 authored by Timo Teräs's avatar Timo Teräs
Browse files

main/ca-certificates: add copy of c_rehash tool

We want to avoid ca-certificates dependency for openssl tool for
two reasons:
- it is very large to be mandatory dependency
- it disallows user choosing if openssl or libressl package
  should be installed

Neither the openssl c_rehash nor libressl certhash can be any longer
compiled standalone. So include the original c_rehash.c code that
was submitted for openssl inclusion that can be built standalone.
parent 05729420
......@@ -2,13 +2,13 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=ca-certificates
pkgver=20160104
pkgrel=6
pkgrel=7
pkgdesc="Common CA certificates PEM files"
url="http://packages.debian.org/sid/ca-certificates"
arch="all"
license="MPL 2.0 GPL2+"
depends="libressl" # for `openssl certhash`
makedepends="python2"
depends=""
makedepends="python2 libressl-dev"
subpackages="$pkgname-doc"
options="!fhs"
triggers="ca-certificates.trigger=/usr/share/ca-certificates:/usr/local/share/ca-certificates:/etc/ssl/certs:/etc/ca-certificates/update.d"
......@@ -16,6 +16,7 @@ install="$pkgname.post-deinstall"
source="http://ftp.no.debian.org/debian/pool/main/c/$pkgname/${pkgname}_${pkgver}.tar.xz
fix-manpage.patch
update-ca.c
c_rehash.c
"
builddir="$srcdir/$pkgname"
......@@ -25,12 +26,15 @@ build () {
${CC:-gcc} ${CFLAGS} -o update-ca-certificates "$srcdir"/update-ca.c \
${LDFLAGS} || return 1
${CC:-gcc} ${CFLAGS} -o c_rehash "$srcdir"/c_rehash.c -lcrypto \
${LDFLAGS} || return 1
}
package() {
cd "$builddir"
install -d -m755 "$pkgdir"/etc/ca-certificates/update.d \
"$pkgdir"/usr/bin \
"$pkgdir"/usr/sbin \
"$pkgdir"/usr/share/ca-certificates \
"$pkgdir"/usr/local/share/ca-certificates \
......@@ -55,6 +59,9 @@ package() {
install -m755 update-ca-certificates "$pkgdir"/usr/sbin \
|| return 1
install -m755 c_rehash "$pkgdir"/usr/bin \
|| return 1
mkdir -p "$pkgdir"/etc/apk/protected_paths.d
cat > "$pkgdir"/etc/apk/protected_paths.d/ca-certificates.list <<-EOF
-etc/ssl/certs/ca-certificates.crt
......@@ -64,17 +71,20 @@ package() {
cat > "$pkgdir"/etc/ca-certificates/update.d/certhash <<-EOF
#!/bin/sh
exec /usr/bin/openssl certhash /etc/ssl/certs
exec /usr/bin/c_rehash /etc/ssl/certs
EOF
chmod +x "$pkgdir"/etc/ca-certificates/update.d/certhash || return 1
}
md5sums="d9665a83d0d3ef8176a38e6aa20458e9 ca-certificates_20160104.tar.xz
0c3d9f5d795c7475b997e18498b7aec8 fix-manpage.patch
6b1767474cc5a1358de33774cb5a73ca update-ca.c"
6b1767474cc5a1358de33774cb5a73ca update-ca.c
2b64084b5d8e01f5b745c4e1f053a899 c_rehash.c"
sha256sums="09eb770122e23260316120c0cbbddc8a1d33e7147210ce44e146084d5d5abcdd ca-certificates_20160104.tar.xz
60b36c4881bb367891df038a0736456c2d170496de8c339026671008b1caa09b fix-manpage.patch
5fa0d5c58fa20176bc97faec161fc532f956370ee6c650cbfb6039c4e6b12c24 update-ca.c"
5fa0d5c58fa20176bc97faec161fc532f956370ee6c650cbfb6039c4e6b12c24 update-ca.c
68f70afada0cd8fc2289102145c11d5d8b6d2421ed4b7624094bcf5dfce7d2f5 c_rehash.c"
sha512sums="4291ba58057b66d56853162b71862832135eab6f444a5e2cf3dd1089495d44624246dc0c540871851fe9aaceb42054516309402525c8f16a88911d3af9c3518a ca-certificates_20160104.tar.xz
690d6bb434fb3ccce931d7ee6a167124f9c2d2e7e7a016d85f7b72a5f7f7c34db8c6133f3575e962a91981a32a88f8961776fe5fd907e57f59c03a32f2fcced3 fix-manpage.patch
e5a74e35368c8334b51de182ab921c4b1e243df3c35bfe4bbd4e0c8d742d0ca34e274b68c1b9854ed38add680a29cb6027677fa337017ef7a0eca78922c3a22e update-ca.c"
e5a74e35368c8334b51de182ab921c4b1e243df3c35bfe4bbd4e0c8d742d0ca34e274b68c1b9854ed38add680a29cb6027677fa337017ef7a0eca78922c3a22e update-ca.c
ce32e104f995818f237c21ec09c4252c3c0e7421a6eabaab9a7a82e6abf66814d412db43d16ff51dee119b824e7418334f6919f621afa75e03a23c31dccacfcc c_rehash.c"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment