diff options
author | davidovski <david@davidovski.xyz> | 2022-01-03 16:44:09 +0000 |
---|---|---|
committer | davidovski <david@davidovski.xyz> | 2022-01-03 16:44:09 +0000 |
commit | 93d60f57780b9f1e9206f411e183bf28e6272334 (patch) | |
tree | d278fe89abb43e459cd80ebd4d67f2ba3d2e9901 /repo/core/cacerts.xibuild | |
parent | 924ee9d18af78b561fc78b0239b9ae38d5f808b3 (diff) |
added new files; git works
Diffstat (limited to 'repo/core/cacerts.xibuild')
-rw-r--r-- | repo/core/cacerts.xibuild | 94 |
1 files changed, 4 insertions, 90 deletions
diff --git a/repo/core/cacerts.xibuild b/repo/core/cacerts.xibuild index b0b395a..d80d220 100644 --- a/repo/core/cacerts.xibuild +++ b/repo/core/cacerts.xibuild @@ -1,96 +1,10 @@ #!/bin/bash -DEPS=() +DEPS=(make-ca) -SOURCE=https://hg.mozilla.org/projects/nss -DESC="Root certificates needed by ssl" - -build () { - mkdir -p certs - ln -srft certs lib/ckfw/builtins/{certdata.txt,nssckbi.h} - - cd certs - - # wholesome curling into python. Thanks for the script jan - curl -SsL https://raw.githubusercontent.com/archlinux/svntogit-packages/packages/nss/trunk/certdata2pem.py | python - - cd .. - - ( - cat <<EOF - # This is a bundle of X.509 certificates of public Certificate - # Authorities. It was generated from the Mozilla root CA list. - # These certificates and trust/distrust attributes use the file format accepted - # by the p11-kit-trust module. - # - # Source: nss/lib/ckfw/builtins/certdata.txt - # Source: nss/lib/ckfw/builtins/nssckbi.h - # - # Generated from: -EOF - cat certs/nssckbi.h | grep -w NSS_BUILTINS_LIBRARY_VERSION | awk '{print "# " $2 " " $3}' - echo '#' - ) > ca-bundle.trust.p11-kit - - for p in certs/*.tmp-p11-kit; do - cat "$p" >> ca-bundle.trust.p11-kit - done - - ./build.sh \ - --target x64 \ - --opt \ - --system-sqlite \ - --system-nspr \ - --enable-libpkix \ - --disable-tests - -} +SOURCE=https://github.com/djlucas/make-ca/releases/download/v1.7/make-ca-1.7.tar.xz +DESC="Root certificates needed by ssl built using make-ca" package () { - - # more copied from arch - local libdir=/usr/lib - local nsprver="unknown" - - sed pkg/pkg-config/nss.pc.in \ - -e "s,%libdir%,$libdir,g" \ - -e "s,%prefix%,/usr,g" \ - -e "s,%exec_prefix%,/usr/bin,g" \ - -e "s,%includedir%,/usr/include/nss,g" \ - -e "s,%NSPR_VERSION%,$nsprver,g" \ - -e "s,%NSS_VERSION%,$VER_HASH,g" | - install -Dm644 /dev/stdin "$PKG_DEST$libdir/pkgconfig/nss.pc" - - ln -s nss.pc "$PKG_DEST/usr/lib/pkgconfig/mozilla-nss.pc" - - install -Dt "$PKG_DEST$libdir" ../dist/Release/lib/*.so - install -Dt "$PKG_DEST$libdir" ../dist/Release/lib/*.so - - local vmajor vminor vpatch - { read vmajor; read vminor; read vpatch; } \ - < <(awk '/#define.*NSS_V(MAJOR|MINOR|PATCH)/ {print $3}' lib/nss/nss.h) - - sed pkg/pkg-config/nss-config.in \ - -e "s,@libdir@,$libdir,g" \ - -e "s,@prefix@,/usr/bin,g" \ - -e "s,@exec_prefix@,/usr/bin,g" \ - -e "s,@includedir@,/usr/include/nss,g" \ - -e "s,@MOD_MAJOR_VERSION@,$vmajor,g" \ - -e "s,@MOD_MINOR_VERSION@,$vminor,g" \ - -e "s,@MOD_PATCH_VERSION@,$vpatch,g" | - install -D /dev/stdin "$PKG_DEST/usr/bin/nss-config" - - install -Dt "$PKG_DEST/usr/bin" \ - ../dist/Release/bin/{*util,shlibsign,signtool,signver,ssltap} - - install -Dt "$PKG_DEST/usr/include/nss" -m644 ../dist/public/nss/*.h - - install -Dt "$PKG_DEST/usr/share/man/man1" -m644 \ - doc/nroff/{*util,signtool,signver,ssltap}.1 - - # Replace built-in trust with p11-kit connection - ln -s pkcs11/p11-kit-trust.so "$PKG_DEST$libdir/p11-kit-trust.so" - ln -sf p11-kit-trust.so "$PKG_DEST$libdir/libnssckbi.so" - + bash make-ca -g --force -D $PKG_DEST } - |