ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-20 14:13:16 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
5a85aada3f
openwrt/package/system/ca-certificates/Makefile
Tianling Shen 7c83b6ac86 ca-certificates: Update to version 20230311 
Update the ca-certificates and ca-bundle package from version 20211016 to
version 20230311.

Use TAR_OPTIONS instead of hacking Build/Prepare, refresh patches.

Debian change-log entry [1]:
|[...]
|[ Đoàn Trần Công Danh ]
|* ca-certificates: compat with non-GNU mktemp (closes: #1000847)
|
|[ Ilya Lipnitskiy ]
|* certdata2pem.py: use UTC time when checking cert validity
|
|[ Julien Cristau ]
|* Update Mozilla certificate authority bundle to version 2.60
|   The following certificate authorities were added (+):
|   + "Autoridad de Certificacion Firmaprofesional CIF A62634068"
|   + "Certainly Root E1"
|   + "Certainly Root R1"
|   + "D-TRUST BR Root CA 1 2020"
|   + "D-TRUST EV Root CA 1 2020"
|   + "DigiCert TLS ECC P384 Root G5"
|   + "DigiCert TLS RSA4096 Root G5"
|   + "E-Tugra Global Root CA ECC v3"
|   + "E-Tugra Global Root CA RSA v3"
|   + "HARICA TLS ECC Root CA 2021"
|   + "HARICA TLS RSA Root CA 2021"
|   + "HiPKI Root CA - G1"
|   + "ISRG Root X2"
|   + "Security Communication ECC RootCA1"
|   + "Security Communication RootCA3"
|   + "Telia Root CA v2"
|   + "TunTrust Root CA"
|   + "vTrus ECC Root CA"
|   + "vTrus Root CA"
|  The following certificate authorities were removed (-):
|  - "Cybertrust Global Root" (expired)
|  - "EC-ACC"
|  - "GlobalSign Root CA - R2" (expired)
|  - "Hellenic Academic and Research Institutions RootCA 2011"
|  - "Network Solutions Certificate Authority"
|  - "Staat der Nederlanden EV Root CA" (expired)
|* Drop trailing space from debconf template causing misformatting
|  (closes: #980821)
|
|[ Wataru Ashihara ]
|* Make certdata2pem.py compatible with cryptography >= 35 (closes: #1008244)
|[...]

[1]: https://metadata.ftp-master.debian.org/changelogs/main/c/ca-certificates/ca-certificates_20230311_changelog

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-27 22:51:18 +02:00

68 lines
1.8 KiB
Makefile
Raw Blame History

#
# Copyright (C) 2006-2017 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=ca-certificates
PKG_VERSION:=20230311
PKG_RELEASE:=1
PKG_MAINTAINER:=
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@DEBIAN/pool/main/c/ca-certificates
PKG_HASH:=83de934afa186e279d1ed08ea0d73f5cf43a6fbfb5f00874b6db3711c64576f3
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
TAR_OPTIONS+= --strip-components 1
TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
define Package/ca-certificates
SECTION:=base
CATEGORY:=Base system
TITLE:=System CA certificates
PKGARCH:=all
PROVIDES:=ca-certs
endef
define Package/ca-bundle
SECTION:=base
CATEGORY:=Base system
TITLE:=System CA certificates as a bundle
PKGARCH:=all
PROVIDES:=ca-certs
endef
define Build/Install
mkdir -p \
$(PKG_INSTALL_DIR)/usr/sbin \
$(PKG_INSTALL_DIR)/usr/share/ca-certificates
$(call Build/Install/Default,)
endef
define Package/ca-certificates/install
$(INSTALL_DIR) $(1)/etc/ssl/certs
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/ca-certificates/*/*.crt $(1)/etc/ssl/certs/
for CERTFILE in `ls -1 $(1)/etc/ssl/certs`; do \
HASH=`openssl x509 -hash -noout -in $(1)/etc/ssl/certs/$$$$CERTFILE` ; \
SUFFIX=0 ; \
while [ -h "$(1)/etc/ssl/certs/$$$$HASH.$$$$SUFFIX" ]; do \
let "SUFFIX += 1" ; \
done ; \
$(LN) "$$$$CERTFILE" "$(1)/etc/ssl/certs/$$$$HASH.$$$$SUFFIX" ; \
done
endef
define Package/ca-bundle/install
$(INSTALL_DIR) $(1)/etc/ssl/certs
cat $(PKG_INSTALL_DIR)/usr/share/ca-certificates/*/*.crt >$(1)/etc/ssl/certs/ca-certificates.crt
$(LN) /etc/ssl/certs/ca-certificates.crt $(1)/etc/ssl/cert.pem
endef
$(eval $(call BuildPackage,ca-bundle))
$(eval $(call BuildPackage,ca-certificates))
Reference in New Issue View Git Blame Copy Permalink