summaryrefslogtreecommitdiff
path: root/libre/cacert-dot-org
diff options
context:
space:
mode:
authorAndré Fabian Silva Delgado <emulatorman@parabola.nu>2014-04-11 14:28:53 -0300
committerAndré Fabian Silva Delgado <emulatorman@parabola.nu>2014-04-11 14:32:21 -0300
commit76b27c643a778bd2f7e63c4ee3d3b105b7813328 (patch)
tree9aee31c7ca9a0d9e84bde5cb83370ed586d533bb /libre/cacert-dot-org
parent9a7056bf7bbd21f46640e8b171820d021dc32a8e (diff)
cacert-dot-org: add new package on [libre] to solve malfunctioning updates because our certificates are issued by cacert => https://lists.parabolagnulinux.org/pipermail/dev/2014-April/002158.html
Diffstat (limited to 'libre/cacert-dot-org')
-rw-r--r--libre/cacert-dot-org/PKGBUILD20
-rw-r--r--libre/cacert-dot-org/cacert-dot-org.install26
2 files changed, 46 insertions, 0 deletions
diff --git a/libre/cacert-dot-org/PKGBUILD b/libre/cacert-dot-org/PKGBUILD
new file mode 100644
index 000000000..421b46942
--- /dev/null
+++ b/libre/cacert-dot-org/PKGBUILD
@@ -0,0 +1,20 @@
+# Maintainer: Prurigro
+# Contributor: Neal <neal.oakey-at-oakey-dev.de>
+
+pkgname=cacert-dot-org
+pkgver=20140223
+pkgrel=5
+pkgdesc='CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free'
+arch=('any')
+url='http://www.cacert.org'
+license=('GPL')
+source=("http://www.cacert.org/certs/root.crt"
+ "http://www.cacert.org/certs/class3.crt")
+depends=('ca-certificates')
+install="${pkgname}.install"
+sha512sums=('7350f2604e9839f1c2d02926fd4299468ffe2c456ba57a396575cfbb5b2b91fa3cb0e049f6cf3e1406d02014e420e263d6b0c4a59c51d0f03a735bfaa56ec7cc'
+ '416ceb36aa399f5116c617d470545a04e56bba2282e18fa7c1cc68271d8ac2e7b5787c7ea0f759794351f6e1ad77c76301664db10587046b2b269b274098845c')
+package() {
+ [[ "$(openssl x509 -noout -fingerprint -in root.crt)" == "SHA1 Fingerprint=13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33" ]] && install -Dm644 root.crt "${pkgdir}/usr/share/ca-certificates/cacert.org/cacert.org_root.crt"
+ [[ "$(openssl verify -CAfile root.crt -verbose class3.crt)" == "class3.crt: OK" ]] && install -Dm644 class3.crt "${pkgdir}/usr/share/ca-certificates/cacert.org/cacert.org_class3.crt"
+}
diff --git a/libre/cacert-dot-org/cacert-dot-org.install b/libre/cacert-dot-org/cacert-dot-org.install
new file mode 100644
index 000000000..eb11f6607
--- /dev/null
+++ b/libre/cacert-dot-org/cacert-dot-org.install
@@ -0,0 +1,26 @@
+post_install() {
+ #UPDATE FILE NAMES IN ca-certificates.conf IF THEY'RE OUT OF DATE
+ [[ `grep -c "mozilla/cacert.org" /etc/ca-certificates.conf` -gt 0 ]] && sed -i 's/mozilla\/cacert\.org/cacert\.org\/cacert\.org/g' /etc/ca-certificates.conf
+ [[ `grep -c "cacert.org/cacert.org-" /etc/ca-certificates.conf` -gt 0 ]] && sed -i 's/cacert\.org\/cacert\.org-/cacert\.org\/cacert\.org_/g' /etc/ca-certificates.conf
+
+ #ADD THE CERTIFICATES TO ca-certificates.conf IF THEY'RE MISSING
+ [[ `grep -c "cacert.org/cacert.org_root.crt" /etc/ca-certificates.conf` -eq 0 ]] && echo "cacert.org/cacert.org_root.crt" >> /etc/ca-certificates.conf
+ [[ `grep -c "cacert.org/cacert.org_class3.crt" /etc/ca-certificates.conf` -eq 0 ]] && echo "cacert.org/cacert.org_class3.crt" >> /etc/ca-certificates.conf
+
+ #UPDATE THE CERTIFICATES BASED ON ca-certificates.conf
+ update-ca-certificates --fresh
+}
+
+post_upgrade() {
+ post_install
+}
+
+post_remove() {
+ grep -v "cacert.org" /etc/ca-certificates.conf > /dev/shm/ca-certificates.conf.tmp
+ if [[ -s /dev/shm/ca-certificates.conf.tmp ]]; then
+ mv /dev/shm/ca-certificates.conf.tmp /etc/ca-certificates.conf
+ update-ca-certificates --fresh
+ else
+ echo "An error occurred that prevented the cacert.org certificates from being removed from /etc/ca-certificates.conf, please remove them manually, then run update-ca-certificates --fresh"
+ fi
+}