From dc6ddbdae1fdb0c8c703aedf8de28821d46a3878 Mon Sep 17 00:00:00 2001
From: John Klug <john.klug@multitech.com>
Date: Fri, 26 Jul 2019 12:44:37 -0500
Subject: Remove outdated certificates

---
 ...ertificates-don-t-use-Debianisms-in-run-p.patch | 34 ---------
 .../0002-update-ca-certificates-use-SYSROOT.patch  | 46 ------------
 .../ca-certificates/default-sysroot.patch          | 50 -------------
 .../ca-certificates/ca-certificates/sbindir.patch  | 20 ------
 .../update-ca-certificates-support-Toybox.patch    | 34 ---------
 .../ca-certificates/ca-certificates_20161130.bb    | 82 ----------------------
 6 files changed, 266 deletions(-)
 delete mode 100644 recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch
 delete mode 100644 recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
 delete mode 100644 recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
 delete mode 100644 recipes-support/ca-certificates/ca-certificates/sbindir.patch
 delete mode 100644 recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch
 delete mode 100644 recipes-support/ca-certificates/ca-certificates_20161130.bb

(limited to 'recipes-support')

diff --git a/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch b/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch
deleted file mode 100644
index 4a8ae5f..0000000
--- a/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-ca-certificates is a package from Debian, but some host distros such as Fedora
-have a leaner run-parts provided by cron which doesn't support --verbose or the
- -- separator between arguments and paths.
-
-This solves errors such as
-
-| Running hooks in [...]/rootfs/etc/ca-certificates/update.d...
-| [...]/usr/sbin/update-ca-certificates: line 194: Not: command not found
-| [...]/usr/sbin/update-ca-certificates: line 230: Not a directory: --: command not found
-| E: Not a directory: -- exited with code 127.
-
-
-Upstream-Status: Inappropriate
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
----
- sbin/update-ca-certificates | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-
-Index: git/sbin/update-ca-certificates
-===================================================================
---- git.orig/sbin/update-ca-certificates
-+++ git/sbin/update-ca-certificates
-@@ -191,9 +191,7 @@ if [ -d "$HOOKSDIR" ]
- then
- 
-   echo "Running hooks in $HOOKSDIR..."
--  VERBOSE_ARG=
--  [ "$verbose" = 0 ] || VERBOSE_ARG="--verbose"
--  eval run-parts "$VERBOSE_ARG" --test -- "$HOOKSDIR" | while read hook
-+  eval run-parts --test "$HOOKSDIR" | while read hook
-   do
-     ( cat "$ADDED"
-       cat "$REMOVED" ) | "$hook" || echo "E: $hook exited with code $?."
diff --git a/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch b/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
deleted file mode 100644
index 792b403..0000000
--- a/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-Upstream-Status: Pending
-
-From 724cb153ca0f607fb38b3a8db3ebb2742601cd81 Mon Sep 17 00:00:00 2001
-From: Andreas Oberritter <obi@opendreambox.org>
-Date: Tue, 19 Mar 2013 17:14:33 +0100
-Subject: [PATCH 2/2] update-ca-certificates: use $SYSROOT
-
-Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
----
- sbin/update-ca-certificates |   14 +++++++-------
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
-Index: git/sbin/update-ca-certificates
-===================================================================
---- git.orig/sbin/update-ca-certificates
-+++ git/sbin/update-ca-certificates
-@@ -24,12 +24,12 @@
- verbose=0
- fresh=0
- default=0
--CERTSCONF=/etc/ca-certificates.conf
--CERTSDIR=/usr/share/ca-certificates
--LOCALCERTSDIR=/usr/local/share/ca-certificates
-+CERTSCONF=$SYSROOT/etc/ca-certificates.conf
-+CERTSDIR=$SYSROOT/usr/share/ca-certificates
-+LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates
- CERTBUNDLE=ca-certificates.crt
--ETCCERTSDIR=/etc/ssl/certs
--HOOKSDIR=/etc/ca-certificates/update.d
-+ETCCERTSDIR=$SYSROOT/etc/ssl/certs
-+HOOKSDIR=$SYSROOT/etc/ca-certificates/update.d
- 
- while [ $# -gt 0 ];
- do
-@@ -92,9 +92,9 @@ add() {
-   PEM="$ETCCERTSDIR/$(basename "$CERT" .crt | sed -e 's/ /_/g' \
-                                                   -e 's/[()]/=/g' \
-                                                   -e 's/,/_/g').pem"
--  if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "$CERT" ]
-+  if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "${CERT##$SYSROOT}" ]
-   then
--    ln -sf "$CERT" "$PEM"
-+    ln -sf "${CERT##$SYSROOT}" "$PEM"
-     echo "+$PEM" >> "$ADDED"
-   fi
-   # Add trailing newline to certificate, if it is missing (#635570)
diff --git a/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch b/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
deleted file mode 100644
index f8b0791..0000000
--- a/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Upstream-Status: Pending
-
-update-ca-certificates: find SYSROOT relative to its own location
-
-This makes the script relocatable.
-
-Index: git/sbin/update-ca-certificates
-===================================================================
---- git.orig/sbin/update-ca-certificates
-+++ git/sbin/update-ca-certificates
-@@ -66,6 +66,39 @@ do
-   shift
- done
- 
-+if [ -z "$SYSROOT" ]; then
-+  local_which () {
-+    if [ $# -lt 1 ]; then
-+      return 1
-+    fi
-+
-+    (
-+      IFS=:
-+      for entry in $PATH; do
-+        if [ -x "$entry/$1" ]; then
-+          echo "$entry/$1"
-+          exit 0
-+        fi
-+      done
-+      exit 1
-+    )
-+  }
-+
-+  case "$0" in
-+    */*)
-+      sbindir=$(cd ${0%/*} && pwd)
-+      ;;
-+    *)
-+      sbindir=$(cd $(dirname $(local_which $0)) && pwd)
-+      ;;
-+  esac
-+  prefix=${sbindir%/*}
-+  SYSROOT=${prefix%/*}
-+  if [ ! -d "$SYSROOT/usr/share/ca-certificates" ]; then
-+    SYSROOT=
-+  fi
-+fi
-+
- if [ ! -s "$CERTSCONF" ]
- then
-   fresh=1
diff --git a/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/recipes-support/ca-certificates/ca-certificates/sbindir.patch
deleted file mode 100644
index a113fa8..0000000
--- a/recipes-support/ca-certificates/ca-certificates/sbindir.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Upstream-Status: Pending
-
-Let us alter the install destination of the script via SBINDIR
-
---- ca-certificates-20130119.orig/sbin/Makefile
-+++ ca-certificates-20130119/sbin/Makefile
-@@ -3,9 +3,12 @@
- #
- #
-
-+SBINDIR = /usr/sbin
-+
- all:
-
- clean:
-
- install:
--	install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/
-+	install -d $(DESTDIR)$(SBINDIR)
-+	install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/
diff --git a/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch b/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch
deleted file mode 100644
index 6e2171f..0000000
--- a/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 30378026d136efa779732e3f6664e2ecf461e458 Mon Sep 17 00:00:00 2001
-From: Patrick Ohly <patrick.ohly@intel.com>
-Date: Thu, 17 Mar 2016 12:38:09 +0100
-Subject: [PATCH] update-ca-certificates: support Toybox
-
-"mktemp -t" is deprecated and does not work when using Toybox. Replace
-with something that works also with Toybox.
-
-Upstream-Status: Pending
-
-Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
----
- sbin/update-ca-certificates | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates
-index 79c41bb..ae9e3f1 100755
---- a/sbin/update-ca-certificates
-+++ b/sbin/update-ca-certificates
-@@ -113,9 +113,9 @@ trap cleanup 0
- 
- # Helper files.  (Some of them are not simple arrays because we spawn
- # subshells later on.)
--TEMPBUNDLE="$(mktemp -t "${CERTBUNDLE}.tmp.XXXXXX")"
--ADDED="$(mktemp -t "ca-certificates.tmp.XXXXXX")"
--REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")"
-+TEMPBUNDLE="$(mktemp -p${TMPDIR:-/tmp} "${CERTBUNDLE}.tmp.XXXXXX")"
-+ADDED="$(mktemp -p${TMPDIR:-/tmp} "ca-certificates.tmp.XXXXXX")"
-+REMOVED="$(mktemp -p${TMPDIR:-/tmp} "ca-certificates.tmp.XXXXXX")"
- 
- # Adds a certificate to the list of trusted ones.  This includes a symlink
- # in /etc/ssl/certs to the certificate file and its inclusion into the
--- 
-2.1.4
diff --git a/recipes-support/ca-certificates/ca-certificates_20161130.bb b/recipes-support/ca-certificates/ca-certificates_20161130.bb
deleted file mode 100644
index e0b2e41..0000000
--- a/recipes-support/ca-certificates/ca-certificates_20161130.bb
+++ /dev/null
@@ -1,82 +0,0 @@
-SUMMARY = "Common CA certificates"
-DESCRIPTION = "This package includes PEM files of CA certificates to allow \
-SSL-based applications to check for the authenticity of SSL connections. \
-This derived from Debian's CA Certificates."
-HOMEPAGE = "http://packages.debian.org/sid/ca-certificates"
-SECTION = "misc"
-LICENSE = "GPL-2.0+ & MPL-2.0"
-LIC_FILES_CHKSUM = "file://debian/copyright;md5=e7358b9541ccf3029e9705ed8de57968"
-
-# This is needed to ensure we can run the postinst at image creation time
-DEPENDS = "ca-certificates-native"
-DEPENDS_class-native = "openssl-native"
-DEPENDS_class-nativesdk = "ca-certificates-native openssl-native"
-
-SRCREV = "61b70a1007dc269d56881a0d480fc841daacc77c"
-
-SRC_URI = "git://anonscm.debian.org/collab-maint/ca-certificates.git \
-           file://0002-update-ca-certificates-use-SYSROOT.patch \
-           file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \
-           file://update-ca-certificates-support-Toybox.patch \
-           file://default-sysroot.patch \
-           file://sbindir.patch"
-
-S = "${WORKDIR}/git"
-
-inherit allarch
-
-EXTRA_OEMAKE = "\
-    'CERTSDIR=${datadir}/ca-certificates' \
-    'SBINDIR=${sbindir}' \
-"
-
-do_compile_prepend() {
-    oe_runmake clean
-}
-
-do_install () {
-    install -d ${D}${datadir}/ca-certificates \
-               ${D}${sysconfdir}/ssl/certs \
-               ${D}${sysconfdir}/ca-certificates/update.d
-    oe_runmake 'DESTDIR=${D}' install
-
-    install -d ${D}${mandir}/man8
-    install -m 0644 sbin/update-ca-certificates.8 ${D}${mandir}/man8/
-
-    install -d ${D}${sysconfdir}
-    {
-        echo "# Lines starting with # will be ignored"
-        echo "# Lines starting with ! will remove certificate on next update"
-        echo "#"
-        find ${D}${datadir}/ca-certificates -type f -name '*.crt' | \
-            sed 's,^${D}${datadir}/ca-certificates/,,'
-    } >${D}${sysconfdir}/ca-certificates.conf
-}
-
-do_install_append_class-target () {
-    sed -i -e 's,/etc/,${sysconfdir}/,' \
-           -e 's,/usr/share/,${datadir}/,' \
-           -e 's,/usr/local,${prefix}/local,' \
-        ${D}${sbindir}/update-ca-certificates \
-        ${D}${mandir}/man8/update-ca-certificates.8
-}
-
-pkg_postinst_${PN} () {
-    SYSROOT="$D" update-ca-certificates
-}
-
-CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf"
-
-# Postinsts don't seem to be run for nativesdk packages when populating SDKs.
-CONFFILES_${PN}_append_class-nativesdk = " ${sysconfdir}/ssl/certs/ca-certificates.crt"
-do_install_append_class-nativesdk () {
-    SYSROOT="${D}${SDKPATHNATIVE}" update-ca-certificates
-}
-
-do_install_append_class-native () {
-    SYSROOT="${D}${base_prefix}" ${D}${sbindir}/update-ca-certificates
-}
-
-RDEPENDS_${PN} += "openssl"
-
-BBCLASSEXTEND += "native nativesdk"
-- 
cgit v1.2.3