added new files; git works

author: davidovski <david@davidovski.xyz> 2022-01-03 16:44:09 +0000
committer: davidovski <david@davidovski.xyz> 2022-01-03 16:44:09 +0000
commit: 93d60f57780b9f1e9206f411e183bf28e6272334 (patch)
tree: d278fe89abb43e459cd80ebd4d67f2ba3d2e9901 /repo/core/cacerts.xibuild
parent: 924ee9d18af78b561fc78b0239b9ae38d5f808b3 (diff)
1 files changed, 4 insertions, 90 deletions
diff --git a/repo/core/cacerts.xibuild b/repo/core/cacerts.xibuild
index b0b395a..d80d220 100644
--- a/repo/core/cacerts.xibuild
+++ b/repo/core/cacerts.xibuild
@@ -1,96 +1,10 @@
 #!/bin/bash
 
-DEPS=()
+DEPS=(make-ca)
 
-SOURCE=https://hg.mozilla.org/projects/nss
-DESC="Root certificates needed by ssl"
-
-build () {
-    mkdir -p certs
-    ln -srft certs lib/ckfw/builtins/{certdata.txt,nssckbi.h}
-
-    cd certs
-
-    # wholesome curling into python. Thanks for the script jan
-    curl -SsL https://raw.githubusercontent.com/archlinux/svntogit-packages/packages/nss/trunk/certdata2pem.py | python
-
-    cd ..
-    
-    (
-      cat <<EOF
-    # This is a bundle of X.509 certificates of public Certificate
-    # Authorities.  It was generated from the Mozilla root CA list.
-    # These certificates and trust/distrust attributes use the file format accepted
-    # by the p11-kit-trust module.
-    #
-    # Source: nss/lib/ckfw/builtins/certdata.txt
-    # Source: nss/lib/ckfw/builtins/nssckbi.h
-    #
-    # Generated from:
-EOF
-      cat certs/nssckbi.h | grep -w NSS_BUILTINS_LIBRARY_VERSION | awk '{print "# " $2 " " $3}'
-      echo '#'
-    ) > ca-bundle.trust.p11-kit
-
-    for p in certs/*.tmp-p11-kit; do 
-      cat "$p" >> ca-bundle.trust.p11-kit
-    done
-
-    ./build.sh \
-        --target x64 \
-        --opt \
-        --system-sqlite \
-        --system-nspr \
-        --enable-libpkix \
-        --disable-tests
-
-}
+SOURCE=https://github.com/djlucas/make-ca/releases/download/v1.7/make-ca-1.7.tar.xz
+DESC="Root certificates needed by ssl built using make-ca"
 
 package () {
-
-    # more copied from arch
-    local libdir=/usr/lib
-    local nsprver="unknown"
-
-    sed pkg/pkg-config/nss.pc.in \
-    -e "s,%libdir%,$libdir,g" \
-    -e "s,%prefix%,/usr,g" \
-    -e "s,%exec_prefix%,/usr/bin,g" \
-    -e "s,%includedir%,/usr/include/nss,g" \
-    -e "s,%NSPR_VERSION%,$nsprver,g" \
-    -e "s,%NSS_VERSION%,$VER_HASH,g" |
-    install -Dm644 /dev/stdin "$PKG_DEST$libdir/pkgconfig/nss.pc"
-
-    ln -s nss.pc "$PKG_DEST/usr/lib/pkgconfig/mozilla-nss.pc"
-
-    install -Dt "$PKG_DEST$libdir" ../dist/Release/lib/*.so
-    install -Dt "$PKG_DEST$libdir" ../dist/Release/lib/*.so
-
-    local vmajor vminor vpatch
-  { read vmajor; read vminor; read vpatch; } \
-    < <(awk '/#define.*NSS_V(MAJOR|MINOR|PATCH)/ {print $3}' lib/nss/nss.h)
-
-  sed pkg/pkg-config/nss-config.in \
-    -e "s,@libdir@,$libdir,g" \
-    -e "s,@prefix@,/usr/bin,g" \
-    -e "s,@exec_prefix@,/usr/bin,g" \
-    -e "s,@includedir@,/usr/include/nss,g" \
-    -e "s,@MOD_MAJOR_VERSION@,$vmajor,g" \
-    -e "s,@MOD_MINOR_VERSION@,$vminor,g" \
-    -e "s,@MOD_PATCH_VERSION@,$vpatch,g" |
-    install -D /dev/stdin "$PKG_DEST/usr/bin/nss-config"
-
-    install -Dt "$PKG_DEST/usr/bin" \
-      ../dist/Release/bin/{*util,shlibsign,signtool,signver,ssltap}
-
-    install -Dt "$PKG_DEST/usr/include/nss" -m644 ../dist/public/nss/*.h
-
-    install -Dt "$PKG_DEST/usr/share/man/man1" -m644 \
-      doc/nroff/{*util,signtool,signver,ssltap}.1
-
-    # Replace built-in trust with p11-kit connection
-    ln -s pkcs11/p11-kit-trust.so "$PKG_DEST$libdir/p11-kit-trust.so"
-    ln -sf p11-kit-trust.so "$PKG_DEST$libdir/libnssckbi.so"
-
+    bash make-ca -g --force -D $PKG_DEST
 }
-
author	davidovski <david@davidovski.xyz>	2022-01-03 16:44:09 +0000
committer	davidovski <david@davidovski.xyz>	2022-01-03 16:44:09 +0000
commit	93d60f57780b9f1e9206f411e183bf28e6272334 (patch)
tree	d278fe89abb43e459cd80ebd4d67f2ba3d2e9901 /repo/core/cacerts.xibuild
parent	924ee9d18af78b561fc78b0239b9ae38d5f808b3 (diff)