summaryrefslogtreecommitdiff
path: root/skip/cacert-utils.xibuild
blob: 287b186b3e5cf0da806d9026c4463e9305778ef2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#!/bin/sh

MAKEDEPS=""
DEPS="bash toybox findutils libp11-kit"

SOURCE=https://src.fedoraproject.org/rpms/ca-certificates
DESC="CA certificate utilities"

build() {
  asciidoc.py -v -d manpage -b docbook update-ca-trust.8.txt
  xsltproc --nonet -o update-ca-trust.8 /etc/asciidoc/docbook-xsl/manpage.xsl update-ca-trust.8.xml
}

package () {
    rm update-ca-trust
    wget https://raw.githubusercontent.com/archlinux/svntogit-packages/packages/ca-certificates/trunk/update-ca-trust

    install -Dt "$PKG_DEST/usr/bin" update-ca-trust
    install -Dt "$PKG_DEST/usr/share/man/man8" -m644 update-ca-trust.8
    install -Dt "$PKG_DEST/usr/share/libalpm/hooks" -m644 *.hook

    # Trust source directories
    # Upstream also adds "blocklist" but that's useless without support in p11-kit
    install -d "$PKG_DEST"/{etc,usr/share}/ca-certificates/trust-source/{anchors,blocklist}

    # Directories used by update-ca-trust (aka "trust extract-compat")
    install -d "$PKG_DEST"/etc/{ssl/certs/{edk2,java},ca-certificates/extracted}

    # Compatibility link for OpenSSL using /etc/ssl as CAdir
    # Used in preference to the individual links in /etc/ssl/certs
    ln -sr "$PKG_DEST/etc/ca-certificates/extracted/tls-ca-bundle.pem" "$PKG_DEST/etc/ssl/cert.pem"

    # Compatiblity link for legacy bundle
    ln -sr "$PKG_DEST/etc/ca-certificates/extracted/tls-ca-bundle.pem" "$PKG_DEST/etc/ssl/certs/ca-certificates.crt"

}