5 files changed, 239 insertions, 0 deletions
diff --git a/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch b/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch
new file mode 100644
index 0000000000..bf027233d1
--- /dev/null
+++ b/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch
@@ -0,0 +1,46 @@
+Upstream-Status: Pending
+From 111e905fe931da1a3800accfc675cc01c8ee080c Mon Sep 17 00:00:00 2001
+From: Ulf Samuelsson <ulf@emagii.com>
+Date: Tue, 28 Feb 2012 06:42:58 +0100
+Subject: [PATCH] update-ca-certificates: remove c rehash
+Updated earlier patch to apply clean on 2012-02-12
+Signed-off-by: Ulf Samuelsson <ulf@emagii.com>
+---
+ sbin/update-ca-certificates |   20 ++++++++++----------
+ 1 files changed, 10 insertions(+), 10 deletions(-)
+diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates
+index 5375950..c567e3d 100755
+--- a/sbin/update-ca-certificates
+++ b/sbin/update-ca-certificates
+@@ -132,16 +132,16 @@ rm -f "$CERTBUNDLE"
+ ADDED_CNT=$(wc -l < "$ADDED")
+ REMOVED_CNT=$(wc -l < "$REMOVED")
+-if [ "$ADDED_CNT" -gt 0 ] || [ "$REMOVED_CNT" -gt 0 ]
+-then
+-  # only run if set of files has changed
+-  if [ "$verbose" = 0 ]
+-  then
+-    c_rehash . > /dev/null
+-  else
+-    c_rehash .
+-  fi
+-fi
+#if [ "$ADDED_CNT" -gt 0 ] || [ "$REMOVED_CNT" -gt 0 ]
+#then
+#  # only run if set of files has changed
+#  if [ "$verbose" = 0 ]
+#  then
+#    c_rehash . > /dev/null
+#  else
+#    c_rehash .
+#  fi
+#fi
+ chmod 0644 "$TEMPBUNDLE"
+ mv -f "$TEMPBUNDLE" "$CERTBUNDLE"
+--
+1.7.4.1
diff --git a/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch b/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
new file mode 100644
index 0000000000..f4c84fea44
--- /dev/null
+++ b/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
@@ -0,0 +1,55 @@
+Upstream-Status: Pending
+From 724cb153ca0f607fb38b3a8db3ebb2742601cd81 Mon Sep 17 00:00:00 2001
+From: Andreas Oberritter <obi@opendreambox.org>
+Date: Tue, 19 Mar 2013 17:14:33 +0100
+Subject: [PATCH 2/2] update-ca-certificates: use $SYSROOT
+Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
+---
+ sbin/update-ca-certificates |   14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates
+index c567e3d..923b68a 100755
+--- a/sbin/update-ca-certificates
+++ b/sbin/update-ca-certificates
+@@ -37,11 +37,11 @@ do
+   shift
+ done
+-CERTSCONF=/etc/ca-certificates.conf
+-CERTSDIR=/usr/share/ca-certificates
+-LOCALCERTSDIR=/usr/local/share/ca-certificates
+CERTSCONF=$SYSROOT/etc/ca-certificates.conf
+CERTSDIR=$SYSROOT/usr/share/ca-certificates
+LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates
+ CERTBUNDLE=ca-certificates.crt
+-ETCCERTSDIR=/etc/ssl/certs
+ETCCERTSDIR=$SYSROOT/etc/ssl/certs
+ cleanup() {
+   rm -f "$TEMPBUNDLE"
+@@ -64,9 +64,9 @@ add() {
+   PEM="$ETCCERTSDIR/$(basename "$CERT" .crt | sed -e 's/ /_/g' \
+                                                   -e 's/[()]/=/g' \
+                                                   -e 's/,/_/g').pem"
+-  if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "$CERT" ]
+  if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "${CERT##$SYSROOT}" ]
+   then
+-    ln -sf "$CERT" "$PEM"
+    ln -sf "${CERT##$SYSROOT}" "$PEM"
+     echo +$PEM >> "$ADDED"
+   fi
+   cat "$CERT" >> "$TEMPBUNDLE"
+@@ -148,7 +148,7 @@ mv -f "$TEMPBUNDLE" "$CERTBUNDLE"
+ echo "$ADDED_CNT added, $REMOVED_CNT removed; done."
+-HOOKSDIR=/etc/ca-certificates/update.d
+HOOKSDIR=$SYSROOT/etc/ca-certificates/update.d
+ echo -n "Running hooks in $HOOKSDIR...."
+ VERBOSE_ARG=
+ [ "$verbose" = 0 ] || VERBOSE_ARG=--verbose
+--
+1.7.10.4
diff --git a/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch b/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
new file mode 100644
index 0000000000..7e0ee4cd24
--- /dev/null
+++ b/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
@@ -0,0 +1,55 @@
+Upstream-Status: Pending
+update-ca-certificates: find SYSROOT relative to its own location
+This makes the script relocatable.
+--- ca-certificates-20130119.orig/sbin/update-ca-certificates
+++ ca-certificates-20130119/sbin/update-ca-certificates
+@@ -37,11 +37,44 @@ do
+   shift
+ done
+-CERTSCONF=$SYSROOT/etc/ca-certificates.conf
+if [ -z "$SYSROOT" ]; then
+  local_which () {
+    if [ $# -lt 1 ]; then
+      return 1
+    fi
+
+    (
+      IFS=:
+      for entry in $PATH; do
+        if [ -x "$entry/$1" ]; then
+          echo "$entry/$1"
+          exit 0
+        fi
+      done
+      exit 1
+    )
+  }
+
+  case "$0" in
+    */*)
+      sbindir=$(cd ${0%/*} && pwd)
+      ;;
+    *)
+      sbindir=$(cd $(dirname $(local_which $0)) && pwd)
+      ;;
+  esac
+  prefix=${sbindir%/*}
+  SYSROOT=${prefix%/*}
+  if [ ! -d "$SYSROOT/usr/share/ca-certificates" ]; then
+    SYSROOT=
+  fi
+fi
+
+ CERTSDIR=$SYSROOT/usr/share/ca-certificates
+CERTSCONF=$SYSROOT/etc/ca-certificates.conf
+ETCCERTSDIR=$SYSROOT/etc/ssl/certs
+ LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates
+ CERTBUNDLE=ca-certificates.crt
+-ETCCERTSDIR=$SYSROOT/etc/ssl/certs
+ cleanup() {
+   rm -f "$TEMPBUNDLE"
diff --git a/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch
new file mode 100644
index 0000000000..a113fa8b15
--- /dev/null
+++ b/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch
@@ -0,0 +1,20 @@
+Upstream-Status: Pending
+Let us alter the install destination of the script via SBINDIR
+--- ca-certificates-20130119.orig/sbin/Makefile
+++ ca-certificates-20130119/sbin/Makefile
+@@ -3,9 +3,12 @@
+ #
+ #
+SBINDIR = /usr/sbin
+
+ all:
+ clean:
+ install:
+-       install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/
+       install -d $(DESTDIR)$(SBINDIR)
+       install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/
diff --git a/meta/recipes-support/ca-certificates/ca-certificates_20130610.bb b/meta/recipes-support/ca-certificates/ca-certificates_20130610.bb
new file mode 100644
index 0000000000..0692ca2499
--- /dev/null
+++ b/meta/recipes-support/ca-certificates/ca-certificates_20130610.bb
@@ -0,0 +1,63 @@
+SUMMARY = "Common CA certificates"
+DESCRIPTION = "This package includes PEM files of CA certificates to allow \
+SSL-based applications to check for the authenticity of SSL connections."
+HOMEPAGE = "http://packages.debian.org/sid/ca-certificates"
+SECTION = "misc"
+LICENSE = "GPL-2.0+ & MPL-2.0"
+LIC_FILES_CHKSUM = "file://debian/copyright;md5=d8fc4ed45f01c31c87c9b496d4babcae"
+# This is needed to ensure we can run the postinst at image creation time
+DEPENDS = "ca-certificates-native"
+DEPENDS_class-native = ""
+# tag: debian/20130610
+SRCREV = "9f3c12784eaee1e2b005a23ce8b5c38e1e851404"
+SRC_URI = "git://anonscm.debian.org/collab-maint/ca-certificates.git \
+           file://0001-update-ca-certificates-remove-c-rehash.patch \
+           file://0002-update-ca-certificates-use-SYSROOT.patch \
+           file://default-sysroot.patch \
+           file://sbindir.patch"
+S = "${WORKDIR}/git"
+inherit allarch
+EXTRA_OEMAKE = "\
+    'CERTSDIR=${datadir}/ca-certificates' \
+    'SBINDIR=${sbindir}' \
+"
+do_install () {
+    install -d ${D}${datadir}/ca-certificates \
+               ${D}${sysconfdir}/ssl/certs \
+               ${D}${sysconfdir}/ca-certificates/update.d
+    oe_runmake 'DESTDIR=${D}' install
+    install -d ${D}${mandir}/man8
+    install -m 0644 sbin/update-ca-certificates.8 ${D}${mandir}/man8/
+    install -d ${D}${sysconfdir}
+    {
+        echo "# Lines starting with # will be ignored"
+        echo "# Lines starting with ! will remove certificate on next update"
+        echo "#"
+        find ${D}${datadir}/ca-certificates -type f -name '*.crt' | \
+            sed 's,^${D}${datadir}/ca-certificates/,,'
+    } >${D}${sysconfdir}/ca-certificates.conf
+}
+do_install_append_class-target () {
+    sed -i -e 's,/etc/,${sysconfdir}/,' \
+           -e 's,/usr/share/,${datadir}/,' \
+           -e 's,/usr/local,${prefix}/local,' \
+        ${D}${sbindir}/update-ca-certificates \
+        ${D}${mandir}/man8/update-ca-certificates.8
+}
+pkg_postinst_${PN} () {
+    SYSROOT="$D" update-ca-certificates
+}
+CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf"
+BBCLASSEXTEND += "native nativesdk"

diff --git a/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch b/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch new file mode 100644 index 0000000000..bf027233d1 --- /dev/null +++ b/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch
@@ -0,0 +1,46 @@
	1	Upstream-Status: Pending
	2
	3	From 111e905fe931da1a3800accfc675cc01c8ee080c Mon Sep 17 00:00:00 2001
	4	From: Ulf Samuelsson <ulf@emagii.com>
	5	Date: Tue, 28 Feb 2012 06:42:58 +0100
	6	Subject: [PATCH] update-ca-certificates: remove c rehash
	7
	8	Updated earlier patch to apply clean on 2012-02-12
	9	Signed-off-by: Ulf Samuelsson <ulf@emagii.com>
	10	---
	11	sbin/update-ca-certificates \| 20 ++++++++++----------
	12	1 files changed, 10 insertions(+), 10 deletions(-)
	13
	14	diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates
	15	index 5375950..c567e3d 100755
	16	--- a/sbin/update-ca-certificates
	17	+++ b/sbin/update-ca-certificates
	18	@@ -132,16 +132,16 @@ rm -f "$CERTBUNDLE"
	19	ADDED_CNT=$(wc -l < "$ADDED")
	20	REMOVED_CNT=$(wc -l < "$REMOVED")
	21
	22	-if [ "$ADDED_CNT" -gt 0 ] \|\| [ "$REMOVED_CNT" -gt 0 ]
	23	-then
	24	- # only run if set of files has changed
	25	- if [ "$verbose" = 0 ]
	26	- then
	27	- c_rehash . > /dev/null
	28	- else
	29	- c_rehash .
	30	- fi
	31	-fi
	32	+#if [ "$ADDED_CNT" -gt 0 ] \|\| [ "$REMOVED_CNT" -gt 0 ]
	33	+#then
	34	+# # only run if set of files has changed
	35	+# if [ "$verbose" = 0 ]
	36	+# then
	37	+# c_rehash . > /dev/null
	38	+# else
	39	+# c_rehash .
	40	+# fi
	41	+#fi
	42
	43	chmod 0644 "$TEMPBUNDLE"
	44	mv -f "$TEMPBUNDLE" "$CERTBUNDLE"
	45	--
	46	1.7.4.1


diff --git a/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch b/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch new file mode 100644 index 0000000000..f4c84fea44 --- /dev/null +++ b/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
@@ -0,0 +1,55 @@
	1	Upstream-Status: Pending
	2
	3	From 724cb153ca0f607fb38b3a8db3ebb2742601cd81 Mon Sep 17 00:00:00 2001
	4	From: Andreas Oberritter <obi@opendreambox.org>
	5	Date: Tue, 19 Mar 2013 17:14:33 +0100
	6	Subject: [PATCH 2/2] update-ca-certificates: use $SYSROOT
	7
	8	Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
	9	---
	10	sbin/update-ca-certificates \| 14 +++++++-------
	11	1 file changed, 7 insertions(+), 7 deletions(-)
	12
	13	diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates
	14	index c567e3d..923b68a 100755
	15	--- a/sbin/update-ca-certificates
	16	+++ b/sbin/update-ca-certificates
	17	@@ -37,11 +37,11 @@ do
	18	shift
	19	done
	20
	21	-CERTSCONF=/etc/ca-certificates.conf
	22	-CERTSDIR=/usr/share/ca-certificates
	23	-LOCALCERTSDIR=/usr/local/share/ca-certificates
	24	+CERTSCONF=$SYSROOT/etc/ca-certificates.conf
	25	+CERTSDIR=$SYSROOT/usr/share/ca-certificates
	26	+LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates
	27	CERTBUNDLE=ca-certificates.crt
	28	-ETCCERTSDIR=/etc/ssl/certs
	29	+ETCCERTSDIR=$SYSROOT/etc/ssl/certs
	30
	31	cleanup() {
	32	rm -f "$TEMPBUNDLE"
	33	@@ -64,9 +64,9 @@ add() {
	34	PEM="$ETCCERTSDIR/$(basename "$CERT" .crt \| sed -e 's/ /_/g' \
	35	-e 's/[()]/=/g' \
	36	-e 's/,/_/g').pem"
	37	- if ! test -e "$PEM" \|\| [ "$(readlink "$PEM")" != "$CERT" ]
	38	+ if ! test -e "$PEM" \|\| [ "$(readlink "$PEM")" != "${CERT##$SYSROOT}" ]
	39	then
	40	- ln -sf "$CERT" "$PEM"
	41	+ ln -sf "${CERT##$SYSROOT}" "$PEM"
	42	echo +$PEM >> "$ADDED"
	43	fi
	44	cat "$CERT" >> "$TEMPBUNDLE"
	45	@@ -148,7 +148,7 @@ mv -f "$TEMPBUNDLE" "$CERTBUNDLE"
	46
	47	echo "$ADDED_CNT added, $REMOVED_CNT removed; done."
	48
	49	-HOOKSDIR=/etc/ca-certificates/update.d
	50	+HOOKSDIR=$SYSROOT/etc/ca-certificates/update.d
	51	echo -n "Running hooks in $HOOKSDIR...."
	52	VERBOSE_ARG=
	53	[ "$verbose" = 0 ] \|\| VERBOSE_ARG=--verbose
	54	--
	55	1.7.10.4


diff --git a/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch b/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch new file mode 100644 index 0000000000..7e0ee4cd24 --- /dev/null +++ b/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
@@ -0,0 +1,55 @@
	1	Upstream-Status: Pending
	2
	3	update-ca-certificates: find SYSROOT relative to its own location
	4
	5	This makes the script relocatable.
	6
	7	--- ca-certificates-20130119.orig/sbin/update-ca-certificates
	8	+++ ca-certificates-20130119/sbin/update-ca-certificates
	9	@@ -37,11 +37,44 @@ do
	10	shift
	11	done
	12
	13	-CERTSCONF=$SYSROOT/etc/ca-certificates.conf
	14	+if [ -z "$SYSROOT" ]; then
	15	+ local_which () {
	16	+ if [ $# -lt 1 ]; then
	17	+ return 1
	18	+ fi
	19	+
	20	+ (
	21	+ IFS=:
	22	+ for entry in $PATH; do
	23	+ if [ -x "$entry/$1" ]; then
	24	+ echo "$entry/$1"
	25	+ exit 0
	26	+ fi
	27	+ done
	28	+ exit 1
	29	+ )
	30	+ }
	31	+
	32	+ case "$0" in
	33	+ /)
	34	+ sbindir=$(cd ${0%/*} && pwd)
	35	+ ;;
	36	+ *)
	37	+ sbindir=$(cd $(dirname $(local_which $0)) && pwd)
	38	+ ;;
	39	+ esac
	40	+ prefix=${sbindir%/*}
	41	+ SYSROOT=${prefix%/*}
	42	+ if [ ! -d "$SYSROOT/usr/share/ca-certificates" ]; then
	43	+ SYSROOT=
	44	+ fi
	45	+fi
	46	+
	47	CERTSDIR=$SYSROOT/usr/share/ca-certificates
	48	+CERTSCONF=$SYSROOT/etc/ca-certificates.conf
	49	+ETCCERTSDIR=$SYSROOT/etc/ssl/certs
	50	LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates
	51	CERTBUNDLE=ca-certificates.crt
	52	-ETCCERTSDIR=$SYSROOT/etc/ssl/certs
	53
	54	cleanup() {
	55	rm -f "$TEMPBUNDLE"


diff --git a/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch new file mode 100644 index 0000000000..a113fa8b15 --- /dev/null +++ b/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch
@@ -0,0 +1,20 @@
	1	Upstream-Status: Pending
	2
	3	Let us alter the install destination of the script via SBINDIR
	4
	5	--- ca-certificates-20130119.orig/sbin/Makefile
	6	+++ ca-certificates-20130119/sbin/Makefile
	7	@@ -3,9 +3,12 @@
	8	#
	9	#
	10
	11	+SBINDIR = /usr/sbin
	12	+
	13	all:
	14
	15	clean:
	16
	17	install:
	18	- install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/
	19	+ install -d $(DESTDIR)$(SBINDIR)
	20	+ install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/


diff --git a/meta/recipes-support/ca-certificates/ca-certificates_20130610.bb b/meta/recipes-support/ca-certificates/ca-certificates_20130610.bb new file mode 100644 index 0000000000..0692ca2499 --- /dev/null +++ b/meta/recipes-support/ca-certificates/ca-certificates_20130610.bb
@@ -0,0 +1,63 @@
	1	SUMMARY = "Common CA certificates"
	2	DESCRIPTION = "This package includes PEM files of CA certificates to allow \
	3	SSL-based applications to check for the authenticity of SSL connections."
	4	HOMEPAGE = "http://packages.debian.org/sid/ca-certificates"
	5	SECTION = "misc"
	6	LICENSE = "GPL-2.0+ & MPL-2.0"
	7	LIC_FILES_CHKSUM = "file://debian/copyright;md5=d8fc4ed45f01c31c87c9b496d4babcae"
	8
	9	# This is needed to ensure we can run the postinst at image creation time
	10	DEPENDS = "ca-certificates-native"
	11	DEPENDS_class-native = ""
	12
	13	# tag: debian/20130610
	14	SRCREV = "9f3c12784eaee1e2b005a23ce8b5c38e1e851404"
	15
	16	SRC_URI = "git://anonscm.debian.org/collab-maint/ca-certificates.git \
	17	file://0001-update-ca-certificates-remove-c-rehash.patch \
	18	file://0002-update-ca-certificates-use-SYSROOT.patch \
	19	file://default-sysroot.patch \
	20	file://sbindir.patch"
	21	S = "${WORKDIR}/git"
	22
	23	inherit allarch
	24
	25	EXTRA_OEMAKE = "\
	26	'CERTSDIR=${datadir}/ca-certificates' \
	27	'SBINDIR=${sbindir}' \
	28	"
	29
	30	do_install () {
	31	install -d ${D}${datadir}/ca-certificates \
	32	${D}${sysconfdir}/ssl/certs \
	33	${D}${sysconfdir}/ca-certificates/update.d
	34	oe_runmake 'DESTDIR=${D}' install
	35
	36	install -d ${D}${mandir}/man8
	37	install -m 0644 sbin/update-ca-certificates.8 ${D}${mandir}/man8/
	38
	39	install -d ${D}${sysconfdir}
	40	{
	41	echo "# Lines starting with # will be ignored"
	42	echo "# Lines starting with ! will remove certificate on next update"
	43	echo "#"
	44	find ${D}${datadir}/ca-certificates -type f -name '*.crt' \| \
	45	sed 's,^${D}${datadir}/ca-certificates/,,'
	46	} >${D}${sysconfdir}/ca-certificates.conf
	47	}
	48
	49	do_install_append_class-target () {
	50	sed -i -e 's,/etc/,${sysconfdir}/,' \
	51	-e 's,/usr/share/,${datadir}/,' \
	52	-e 's,/usr/local,${prefix}/local,' \
	53	${D}${sbindir}/update-ca-certificates \
	54	${D}${mandir}/man8/update-ca-certificates.8
	55	}
	56
	57	pkg_postinst_${PN} () {
	58	SYSROOT="$D" update-ca-certificates
	59	}
	60
	61	CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf"
	62
	63	BBCLASSEXTEND += "native nativesdk"