wok-next rev 19873
cacerts: get certificates data directly from Mozilla Hg; BLFS returns empty data today
author | Aleksej Bobylev <al.bobylev@gmail.com> |
---|---|
date | Fri Sep 29 01:32:06 2017 +0300 (2017-09-29) |
parents | c2f1ad89f0c6 |
children | 603704fe1abe |
files | cacerts/receipt |
line diff
1.1 --- a/cacerts/receipt Wed Sep 27 20:45:12 2017 +0200 1.2 +++ b/cacerts/receipt Fri Sep 29 01:32:06 2017 +0300 1.3 @@ -2,7 +2,7 @@ 1.4 1.5 # This receipt will follow actual version on each recook 1.6 PACKAGE="cacerts" 1.7 -VERSION="20170725" 1.8 +VERSION="20170928" 1.9 CATEGORY="security" 1.10 SHORT_DESC="Certificate Authority Certificates" 1.11 MAINTAINER="al.bobylev@gmail.com" 1.12 @@ -10,17 +10,51 @@ 1.13 WEB_SITE="http://www.linuxfromscratch.org/blfs/view/svn/postlfs/cacerts.html" 1.14 HOST_ARCH="any" 1.15 1.16 -#WGET_URL="https://hg.mozilla.org/releases/mozilla-release/file/default/security/nss/lib/ckfw/builtins/certdata.txt" 1.17 -wget_url="http://anduin.linuxfromscratch.org/BLFS/other/certdata.txt" 1.18 +wget_url="https://hg.mozilla.org/releases/mozilla-release/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt" 1.19 +#wget_url="http://anduin.linuxfromscratch.org/BLFS/other/certdata.txt" 1.20 1.21 BUILD_DEPENDS="perl openssl locale-en" 1.22 1.23 # Rules to configure and make the package. 1.24 compile_rules() 1.25 { 1.26 + # Determine date of certdata.txt 1.27 + # FIXME: please point me to elegant way to determine this file timestamp 1.28 + # in Mercurial. 1.29 + string=$(wget -O- ${wget_url/raw-/} | fgrep 'date age') 1.30 + # string example: 1.31 + # <td class="date age">Thu, 28 Sep 2017 10:02:22 -0700</td> 1.32 + date_d=$(echo "$string" | cut -d' ' -f5) 1.33 + case $(echo "$string" | cut -d' ' -f6) in 1.34 + Jan) date_m='01';; 1.35 + Feb) date_m='02';; 1.36 + Mar) date_m='03';; 1.37 + Apr) date_m='04';; 1.38 + May) date_m='05';; 1.39 + Jun) date_m='06';; 1.40 + Jul) date_m='07';; 1.41 + Aug) date_m='08';; 1.42 + Sep) date_m='09';; 1.43 + Oct) date_m='10';; 1.44 + Nov) date_m='11';; 1.45 + Dec) date_m='12';; 1.46 + esac 1.47 + date_Y=$(echo "$string" | cut -d' ' -f7) 1.48 + date_Ymd="$date_Y$date_m$date_d" 1.49 + 1.50 + [ -f '/tmp/certdata.txt' ] && rm /tmp/certdata.txt 1.51 wget -P/tmp $wget_url 1.52 - VERSION=$(sed -n '/\$Revision:/s|.*Revision: \([0-9]*\).*$|\1|p' /tmp/certdata.txt) 1.53 + 1.54 + # Insert header (or process will fail) 1.55 + sed -i "1i\ 1.56 +#CVS_ID @# \$ RCSfile: certdata.txt \$ \$Revision: $date_Ymd \$ \$Date: \$" \ 1.57 + /tmp/certdata.txt 1.58 + 1.59 + # VERSION=$(sed -n '/\$Revision:/s|.*Revision: \([0-9]*\).*$|\1|p' /tmp/certdata.txt) 1.60 + VERSION="$date_Ymd" 1.61 echo -e "\nActual version: $VERSION\n" 1.62 + 1.63 + # Update receipt version 1.64 sed -i "s|^VERSION=.*|VERSION=\"$VERSION\"|" $WOK/cacerts/receipt 1.65 1.66 src="$WOK/cacerts/source/cacerts-$VERSION" 1.67 @@ -28,13 +62,16 @@ 1.68 mv /tmp/certdata.txt $src 1.69 cd $src 1.70 1.71 + # Save certdata in $SRC 1.72 TARBALL="$PACKAGE-$VERSION.txt" 1.73 [ -e "$SRC/$TARBALL" ] || cp $src/certdata.txt $SRC/$TARBALL 1.74 1.75 + # Process... 1.76 cp -a $stuff/* $src 1.77 ./make-ca.sh && 1.78 ./remove-expired-certs.sh $src/certs 1.79 1.80 + # "Installing" 1.81 mkdir -p $install/etc/ssl/certs 1.82 cp -a $src/certs/*.pem $install/etc/ssl/certs 1.83 cp -a $src/ca-bundle.crt $install/etc/ssl 1.84 @@ -62,5 +99,5 @@ 1.85 1.86 # Remove broken symlinks 1.87 post_remove() { 1.88 - find "$1/etc/ssl/certs" -type l ! -exec test -e \{\} \; -delete 1.89 + find "$1/etc/ssl/certs" -type l ! -exec test -e '{}' \; -delete 1.90 }