diff options
author | John Klug <john.klug@multitech.com> | 2019-07-26 12:44:37 -0500 |
---|---|---|
committer | Serhii Kostiuk <serhii.o.kostiuk@globallogic.com> | 2020-05-20 13:45:48 +0300 |
commit | dc6ddbdae1fdb0c8c703aedf8de28821d46a3878 (patch) | |
tree | f6cef19863a34e61f6f20ec60ae2d18aadaecf9f /recipes-support/ca-certificates | |
parent | bb12df039a86d07bcc991e46aa4a469d1ceb0680 (diff) | |
download | meta-mlinux-dc6ddbdae1fdb0c8c703aedf8de28821d46a3878.tar.gz meta-mlinux-dc6ddbdae1fdb0c8c703aedf8de28821d46a3878.tar.bz2 meta-mlinux-dc6ddbdae1fdb0c8c703aedf8de28821d46a3878.zip |
Remove outdated certificates
Diffstat (limited to 'recipes-support/ca-certificates')
6 files changed, 0 insertions, 266 deletions
diff --git a/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch b/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch deleted file mode 100644 index 4a8ae5f..0000000 --- a/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch +++ /dev/null @@ -1,34 +0,0 @@ -ca-certificates is a package from Debian, but some host distros such as Fedora -have a leaner run-parts provided by cron which doesn't support --verbose or the - -- separator between arguments and paths. - -This solves errors such as - -| Running hooks in [...]/rootfs/etc/ca-certificates/update.d... -| [...]/usr/sbin/update-ca-certificates: line 194: Not: command not found -| [...]/usr/sbin/update-ca-certificates: line 230: Not a directory: --: command not found -| E: Not a directory: -- exited with code 127. - - -Upstream-Status: Inappropriate -Signed-off-by: Ross Burton <ross.burton@intel.com> -Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com> ---- - sbin/update-ca-certificates | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -Index: git/sbin/update-ca-certificates -=================================================================== ---- git.orig/sbin/update-ca-certificates -+++ git/sbin/update-ca-certificates -@@ -191,9 +191,7 @@ if [ -d "$HOOKSDIR" ] - then - - echo "Running hooks in $HOOKSDIR..." -- VERBOSE_ARG= -- [ "$verbose" = 0 ] || VERBOSE_ARG="--verbose" -- eval run-parts "$VERBOSE_ARG" --test -- "$HOOKSDIR" | while read hook -+ eval run-parts --test "$HOOKSDIR" | while read hook - do - ( cat "$ADDED" - cat "$REMOVED" ) | "$hook" || echo "E: $hook exited with code $?." diff --git a/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch b/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch deleted file mode 100644 index 792b403..0000000 --- a/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch +++ /dev/null @@ -1,46 +0,0 @@ -Upstream-Status: Pending - -From 724cb153ca0f607fb38b3a8db3ebb2742601cd81 Mon Sep 17 00:00:00 2001 -From: Andreas Oberritter <obi@opendreambox.org> -Date: Tue, 19 Mar 2013 17:14:33 +0100 -Subject: [PATCH 2/2] update-ca-certificates: use $SYSROOT - -Signed-off-by: Andreas Oberritter <obi@opendreambox.org> ---- - sbin/update-ca-certificates | 14 +++++++------- - 1 file changed, 7 insertions(+), 7 deletions(-) - -Index: git/sbin/update-ca-certificates -=================================================================== ---- git.orig/sbin/update-ca-certificates -+++ git/sbin/update-ca-certificates -@@ -24,12 +24,12 @@ - verbose=0 - fresh=0 - default=0 --CERTSCONF=/etc/ca-certificates.conf --CERTSDIR=/usr/share/ca-certificates --LOCALCERTSDIR=/usr/local/share/ca-certificates -+CERTSCONF=$SYSROOT/etc/ca-certificates.conf -+CERTSDIR=$SYSROOT/usr/share/ca-certificates -+LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates - CERTBUNDLE=ca-certificates.crt --ETCCERTSDIR=/etc/ssl/certs --HOOKSDIR=/etc/ca-certificates/update.d -+ETCCERTSDIR=$SYSROOT/etc/ssl/certs -+HOOKSDIR=$SYSROOT/etc/ca-certificates/update.d - - while [ $# -gt 0 ]; - do -@@ -92,9 +92,9 @@ add() { - PEM="$ETCCERTSDIR/$(basename "$CERT" .crt | sed -e 's/ /_/g' \ - -e 's/[()]/=/g' \ - -e 's/,/_/g').pem" -- if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "$CERT" ] -+ if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "${CERT##$SYSROOT}" ] - then -- ln -sf "$CERT" "$PEM" -+ ln -sf "${CERT##$SYSROOT}" "$PEM" - echo "+$PEM" >> "$ADDED" - fi - # Add trailing newline to certificate, if it is missing (#635570) diff --git a/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch b/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch deleted file mode 100644 index f8b0791..0000000 --- a/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch +++ /dev/null @@ -1,50 +0,0 @@ -Upstream-Status: Pending - -update-ca-certificates: find SYSROOT relative to its own location - -This makes the script relocatable. - -Index: git/sbin/update-ca-certificates -=================================================================== ---- git.orig/sbin/update-ca-certificates -+++ git/sbin/update-ca-certificates -@@ -66,6 +66,39 @@ do - shift - done - -+if [ -z "$SYSROOT" ]; then -+ local_which () { -+ if [ $# -lt 1 ]; then -+ return 1 -+ fi -+ -+ ( -+ IFS=: -+ for entry in $PATH; do -+ if [ -x "$entry/$1" ]; then -+ echo "$entry/$1" -+ exit 0 -+ fi -+ done -+ exit 1 -+ ) -+ } -+ -+ case "$0" in -+ */*) -+ sbindir=$(cd ${0%/*} && pwd) -+ ;; -+ *) -+ sbindir=$(cd $(dirname $(local_which $0)) && pwd) -+ ;; -+ esac -+ prefix=${sbindir%/*} -+ SYSROOT=${prefix%/*} -+ if [ ! -d "$SYSROOT/usr/share/ca-certificates" ]; then -+ SYSROOT= -+ fi -+fi -+ - if [ ! -s "$CERTSCONF" ] - then - fresh=1 diff --git a/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/recipes-support/ca-certificates/ca-certificates/sbindir.patch deleted file mode 100644 index a113fa8..0000000 --- a/recipes-support/ca-certificates/ca-certificates/sbindir.patch +++ /dev/null @@ -1,20 +0,0 @@ -Upstream-Status: Pending - -Let us alter the install destination of the script via SBINDIR - ---- ca-certificates-20130119.orig/sbin/Makefile -+++ ca-certificates-20130119/sbin/Makefile -@@ -3,9 +3,12 @@ - # - # - -+SBINDIR = /usr/sbin -+ - all: - - clean: - - install: -- install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/ -+ install -d $(DESTDIR)$(SBINDIR) -+ install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/ diff --git a/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch b/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch deleted file mode 100644 index 6e2171f..0000000 --- a/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 30378026d136efa779732e3f6664e2ecf461e458 Mon Sep 17 00:00:00 2001 -From: Patrick Ohly <patrick.ohly@intel.com> -Date: Thu, 17 Mar 2016 12:38:09 +0100 -Subject: [PATCH] update-ca-certificates: support Toybox - -"mktemp -t" is deprecated and does not work when using Toybox. Replace -with something that works also with Toybox. - -Upstream-Status: Pending - -Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> ---- - sbin/update-ca-certificates | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates -index 79c41bb..ae9e3f1 100755 ---- a/sbin/update-ca-certificates -+++ b/sbin/update-ca-certificates -@@ -113,9 +113,9 @@ trap cleanup 0 - - # Helper files. (Some of them are not simple arrays because we spawn - # subshells later on.) --TEMPBUNDLE="$(mktemp -t "${CERTBUNDLE}.tmp.XXXXXX")" --ADDED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" --REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" -+TEMPBUNDLE="$(mktemp -p${TMPDIR:-/tmp} "${CERTBUNDLE}.tmp.XXXXXX")" -+ADDED="$(mktemp -p${TMPDIR:-/tmp} "ca-certificates.tmp.XXXXXX")" -+REMOVED="$(mktemp -p${TMPDIR:-/tmp} "ca-certificates.tmp.XXXXXX")" - - # Adds a certificate to the list of trusted ones. This includes a symlink - # in /etc/ssl/certs to the certificate file and its inclusion into the --- -2.1.4 diff --git a/recipes-support/ca-certificates/ca-certificates_20161130.bb b/recipes-support/ca-certificates/ca-certificates_20161130.bb deleted file mode 100644 index e0b2e41..0000000 --- a/recipes-support/ca-certificates/ca-certificates_20161130.bb +++ /dev/null @@ -1,82 +0,0 @@ -SUMMARY = "Common CA certificates" -DESCRIPTION = "This package includes PEM files of CA certificates to allow \ -SSL-based applications to check for the authenticity of SSL connections. \ -This derived from Debian's CA Certificates." -HOMEPAGE = "http://packages.debian.org/sid/ca-certificates" -SECTION = "misc" -LICENSE = "GPL-2.0+ & MPL-2.0" -LIC_FILES_CHKSUM = "file://debian/copyright;md5=e7358b9541ccf3029e9705ed8de57968" - -# This is needed to ensure we can run the postinst at image creation time -DEPENDS = "ca-certificates-native" -DEPENDS_class-native = "openssl-native" -DEPENDS_class-nativesdk = "ca-certificates-native openssl-native" - -SRCREV = "61b70a1007dc269d56881a0d480fc841daacc77c" - -SRC_URI = "git://anonscm.debian.org/collab-maint/ca-certificates.git \ - file://0002-update-ca-certificates-use-SYSROOT.patch \ - file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \ - file://update-ca-certificates-support-Toybox.patch \ - file://default-sysroot.patch \ - file://sbindir.patch" - -S = "${WORKDIR}/git" - -inherit allarch - -EXTRA_OEMAKE = "\ - 'CERTSDIR=${datadir}/ca-certificates' \ - 'SBINDIR=${sbindir}' \ -" - -do_compile_prepend() { - oe_runmake clean -} - -do_install () { - install -d ${D}${datadir}/ca-certificates \ - ${D}${sysconfdir}/ssl/certs \ - ${D}${sysconfdir}/ca-certificates/update.d - oe_runmake 'DESTDIR=${D}' install - - install -d ${D}${mandir}/man8 - install -m 0644 sbin/update-ca-certificates.8 ${D}${mandir}/man8/ - - install -d ${D}${sysconfdir} - { - echo "# Lines starting with # will be ignored" - echo "# Lines starting with ! will remove certificate on next update" - echo "#" - find ${D}${datadir}/ca-certificates -type f -name '*.crt' | \ - sed 's,^${D}${datadir}/ca-certificates/,,' - } >${D}${sysconfdir}/ca-certificates.conf -} - -do_install_append_class-target () { - sed -i -e 's,/etc/,${sysconfdir}/,' \ - -e 's,/usr/share/,${datadir}/,' \ - -e 's,/usr/local,${prefix}/local,' \ - ${D}${sbindir}/update-ca-certificates \ - ${D}${mandir}/man8/update-ca-certificates.8 -} - -pkg_postinst_${PN} () { - SYSROOT="$D" update-ca-certificates -} - -CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf" - -# Postinsts don't seem to be run for nativesdk packages when populating SDKs. -CONFFILES_${PN}_append_class-nativesdk = " ${sysconfdir}/ssl/certs/ca-certificates.crt" -do_install_append_class-nativesdk () { - SYSROOT="${D}${SDKPATHNATIVE}" update-ca-certificates -} - -do_install_append_class-native () { - SYSROOT="${D}${base_prefix}" ${D}${sbindir}/update-ca-certificates -} - -RDEPENDS_${PN} += "openssl" - -BBCLASSEXTEND += "native nativesdk" |