diff options
author | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2014-04-11 14:28:53 -0300 |
---|---|---|
committer | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2014-04-11 14:32:21 -0300 |
commit | 76b27c643a778bd2f7e63c4ee3d3b105b7813328 (patch) | |
tree | 9aee31c7ca9a0d9e84bde5cb83370ed586d533bb /libre/cacert-dot-org | |
parent | 9a7056bf7bbd21f46640e8b171820d021dc32a8e (diff) |
cacert-dot-org: add new package on [libre] to solve malfunctioning updates because our certificates are issued by cacert => https://lists.parabolagnulinux.org/pipermail/dev/2014-April/002158.html
Diffstat (limited to 'libre/cacert-dot-org')
-rw-r--r-- | libre/cacert-dot-org/PKGBUILD | 20 | ||||
-rw-r--r-- | libre/cacert-dot-org/cacert-dot-org.install | 26 |
2 files changed, 46 insertions, 0 deletions
diff --git a/libre/cacert-dot-org/PKGBUILD b/libre/cacert-dot-org/PKGBUILD new file mode 100644 index 000000000..421b46942 --- /dev/null +++ b/libre/cacert-dot-org/PKGBUILD @@ -0,0 +1,20 @@ +# Maintainer: Prurigro +# Contributor: Neal <neal.oakey-at-oakey-dev.de> + +pkgname=cacert-dot-org +pkgver=20140223 +pkgrel=5 +pkgdesc='CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free' +arch=('any') +url='http://www.cacert.org' +license=('GPL') +source=("http://www.cacert.org/certs/root.crt" + "http://www.cacert.org/certs/class3.crt") +depends=('ca-certificates') +install="${pkgname}.install" +sha512sums=('7350f2604e9839f1c2d02926fd4299468ffe2c456ba57a396575cfbb5b2b91fa3cb0e049f6cf3e1406d02014e420e263d6b0c4a59c51d0f03a735bfaa56ec7cc' + '416ceb36aa399f5116c617d470545a04e56bba2282e18fa7c1cc68271d8ac2e7b5787c7ea0f759794351f6e1ad77c76301664db10587046b2b269b274098845c') +package() { + [[ "$(openssl x509 -noout -fingerprint -in root.crt)" == "SHA1 Fingerprint=13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33" ]] && install -Dm644 root.crt "${pkgdir}/usr/share/ca-certificates/cacert.org/cacert.org_root.crt" + [[ "$(openssl verify -CAfile root.crt -verbose class3.crt)" == "class3.crt: OK" ]] && install -Dm644 class3.crt "${pkgdir}/usr/share/ca-certificates/cacert.org/cacert.org_class3.crt" +} diff --git a/libre/cacert-dot-org/cacert-dot-org.install b/libre/cacert-dot-org/cacert-dot-org.install new file mode 100644 index 000000000..eb11f6607 --- /dev/null +++ b/libre/cacert-dot-org/cacert-dot-org.install @@ -0,0 +1,26 @@ +post_install() { + #UPDATE FILE NAMES IN ca-certificates.conf IF THEY'RE OUT OF DATE + [[ `grep -c "mozilla/cacert.org" /etc/ca-certificates.conf` -gt 0 ]] && sed -i 's/mozilla\/cacert\.org/cacert\.org\/cacert\.org/g' /etc/ca-certificates.conf + [[ `grep -c "cacert.org/cacert.org-" /etc/ca-certificates.conf` -gt 0 ]] && sed -i 's/cacert\.org\/cacert\.org-/cacert\.org\/cacert\.org_/g' /etc/ca-certificates.conf + + #ADD THE CERTIFICATES TO ca-certificates.conf IF THEY'RE MISSING + [[ `grep -c "cacert.org/cacert.org_root.crt" /etc/ca-certificates.conf` -eq 0 ]] && echo "cacert.org/cacert.org_root.crt" >> /etc/ca-certificates.conf + [[ `grep -c "cacert.org/cacert.org_class3.crt" /etc/ca-certificates.conf` -eq 0 ]] && echo "cacert.org/cacert.org_class3.crt" >> /etc/ca-certificates.conf + + #UPDATE THE CERTIFICATES BASED ON ca-certificates.conf + update-ca-certificates --fresh +} + +post_upgrade() { + post_install +} + +post_remove() { + grep -v "cacert.org" /etc/ca-certificates.conf > /dev/shm/ca-certificates.conf.tmp + if [[ -s /dev/shm/ca-certificates.conf.tmp ]]; then + mv /dev/shm/ca-certificates.conf.tmp /etc/ca-certificates.conf + update-ca-certificates --fresh + else + echo "An error occurred that prevented the cacert.org certificates from being removed from /etc/ca-certificates.conf, please remove them manually, then run update-ca-certificates --fresh" + fi +} |