# HG changeset patch # User Aleksej Bobylev # Date 1506637926 -10800 # Node ID 0b55786d7d72e1ca5bae26e7c43d86d6ef66d0b7 # Parent c2f1ad89f0c663da3eabe74204e52a4c1c99e5bd cacerts: get certificates data directly from Mozilla Hg; BLFS returns empty data today diff -r c2f1ad89f0c6 -r 0b55786d7d72 cacerts/receipt --- a/cacerts/receipt Wed Sep 27 20:45:12 2017 +0200 +++ b/cacerts/receipt Fri Sep 29 01:32:06 2017 +0300 @@ -2,7 +2,7 @@ # This receipt will follow actual version on each recook PACKAGE="cacerts" -VERSION="20170725" +VERSION="20170928" CATEGORY="security" SHORT_DESC="Certificate Authority Certificates" MAINTAINER="al.bobylev@gmail.com" @@ -10,17 +10,51 @@ WEB_SITE="http://www.linuxfromscratch.org/blfs/view/svn/postlfs/cacerts.html" HOST_ARCH="any" -#WGET_URL="https://hg.mozilla.org/releases/mozilla-release/file/default/security/nss/lib/ckfw/builtins/certdata.txt" -wget_url="http://anduin.linuxfromscratch.org/BLFS/other/certdata.txt" +wget_url="https://hg.mozilla.org/releases/mozilla-release/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt" +#wget_url="http://anduin.linuxfromscratch.org/BLFS/other/certdata.txt" BUILD_DEPENDS="perl openssl locale-en" # Rules to configure and make the package. compile_rules() { + # Determine date of certdata.txt + # FIXME: please point me to elegant way to determine this file timestamp + # in Mercurial. + string=$(wget -O- ${wget_url/raw-/} | fgrep 'date age') + # string example: + # Thu, 28 Sep 2017 10:02:22 -0700 + date_d=$(echo "$string" | cut -d' ' -f5) + case $(echo "$string" | cut -d' ' -f6) in + Jan) date_m='01';; + Feb) date_m='02';; + Mar) date_m='03';; + Apr) date_m='04';; + May) date_m='05';; + Jun) date_m='06';; + Jul) date_m='07';; + Aug) date_m='08';; + Sep) date_m='09';; + Oct) date_m='10';; + Nov) date_m='11';; + Dec) date_m='12';; + esac + date_Y=$(echo "$string" | cut -d' ' -f7) + date_Ymd="$date_Y$date_m$date_d" + + [ -f '/tmp/certdata.txt' ] && rm /tmp/certdata.txt wget -P/tmp $wget_url - VERSION=$(sed -n '/\$Revision:/s|.*Revision: \([0-9]*\).*$|\1|p' /tmp/certdata.txt) + + # Insert header (or process will fail) + sed -i "1i\ +#CVS_ID @# \$ RCSfile: certdata.txt \$ \$Revision: $date_Ymd \$ \$Date: \$" \ + /tmp/certdata.txt + + # VERSION=$(sed -n '/\$Revision:/s|.*Revision: \([0-9]*\).*$|\1|p' /tmp/certdata.txt) + VERSION="$date_Ymd" echo -e "\nActual version: $VERSION\n" + + # Update receipt version sed -i "s|^VERSION=.*|VERSION=\"$VERSION\"|" $WOK/cacerts/receipt src="$WOK/cacerts/source/cacerts-$VERSION" @@ -28,13 +62,16 @@ mv /tmp/certdata.txt $src cd $src + # Save certdata in $SRC TARBALL="$PACKAGE-$VERSION.txt" [ -e "$SRC/$TARBALL" ] || cp $src/certdata.txt $SRC/$TARBALL + # Process... cp -a $stuff/* $src ./make-ca.sh && ./remove-expired-certs.sh $src/certs + # "Installing" mkdir -p $install/etc/ssl/certs cp -a $src/certs/*.pem $install/etc/ssl/certs cp -a $src/ca-bundle.crt $install/etc/ssl @@ -62,5 +99,5 @@ # Remove broken symlinks post_remove() { - find "$1/etc/ssl/certs" -type l ! -exec test -e \{\} \; -delete + find "$1/etc/ssl/certs" -type l ! -exec test -e '{}' \; -delete }