blob: f88b9d241b1fe665a03bfa74733f108974957abb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
#!/bin/bash
DEPS=(bash coreutils findutils p11-kit)
SOURCE=https://src.fedoraproject.org/rpms/ca-certificates
DESC="CA certificate utilities"
build() {
asciidoc.py -v -d manpage -b docbook update-ca-trust.8.txt
xsltproc --nonet -o update-ca-trust.8 /etc/asciidoc/docbook-xsl/manpage.xsl update-ca-trust.8.xml
}
package () {
rm update-ca-trust
wget https://raw.githubusercontent.com/archlinux/svntogit-packages/packages/ca-certificates/trunk/update-ca-trust
install -Dt "$PKG_DEST/usr/bin" update-ca-trust
install -Dt "$PKG_DEST/usr/share/man/man8" -m644 update-ca-trust.8
install -Dt "$PKG_DEST/usr/share/libalpm/hooks" -m644 *.hook
# Trust source directories
# Upstream also adds "blocklist" but that's useless without support in p11-kit
install -d "$PKG_DEST"/{etc,usr/share}/ca-certificates/trust-source/{anchors,blocklist}
# Directories used by update-ca-trust (aka "trust extract-compat")
install -d "$PKG_DEST"/etc/{ssl/certs/{edk2,java},ca-certificates/extracted}
# Compatibility link for OpenSSL using /etc/ssl as CAdir
# Used in preference to the individual links in /etc/ssl/certs
ln -sr "$PKG_DEST/etc/ca-certificates/extracted/tls-ca-bundle.pem" "$PKG_DEST/etc/ssl/cert.pem"
# Compatiblity link for legacy bundle
ln -sr "$PKG_DEST/etc/ca-certificates/extracted/tls-ca-bundle.pem" "$PKG_DEST/etc/ssl/certs/ca-certificates.crt"
}
|