--- ca-certificates-undebianize/sbin/update-ca-certificates 2008-11-01 12:17:37.000000000 +0100
+++ ca-certificates-20090814/sbin/update-ca-certificates 2010-05-05 14:03:33.683398895 +0300
-@@ -38,7 +38,7 @@
+@@ -28,7 +28,7 @@ CERTSCONF=/etc/ca-certificates.conf
CERTSDIR=/usr/share/ca-certificates
LOCALCERTSDIR=/usr/local/share/ca-certificates
CERTBUNDLE=ca-certificates.crt
-ETCCERTSDIR=/etc/ssl/certs
+ETCCERTSDIR=@openssldir@
+ HOOKSDIR=/etc/ca-certificates/update.d
- cleanup() {
- rm -f "$TEMPBUNDLE"
-@@ -57,7 +57,7 @@
- REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")"
-
- # Adds a certificate to the list of trusted ones. This includes a symlink
--# in /etc/ssl/certs to the certificate file and its inclusion into the
-+# in @openssldir@ to the certificate file and its inclusion into the
- # bundle.
- add() {
- CERT="$1"
-@@ -88,16 +88,6 @@
- fi
+ while [ $# -gt 0 ];
+@@ -187,19 +187,4 @@ mv -f "$TEMPBUNDLE" "$CERTBUNDLE"
echo "$ADDED_CNT added, $REMOVED_CNT removed; done."
--
--HOOKSDIR=/etc/ca-certificates/update.d
--echo -n "Running hooks in $HOOKSDIR...."
--VERBOSE_ARG=
--[ "$verbose" = 0 ] || VERBOSE_ARG=--verbose
--eval run-parts $VERBOSE_ARG --test -- $HOOKSDIR | while read hook
--do
-- ( cat $ADDED
-- cat $REMOVED ) | $hook || echo E: $hook exited with code $?.
--done
- echo "done."
+-if [ -d "$HOOKSDIR" ]
+-then
+-
+- echo "Running hooks in $HOOKSDIR..."
+- VERBOSE_ARG=
+- [ "$verbose" = 0 ] || VERBOSE_ARG="--verbose"
+- eval run-parts "$VERBOSE_ARG" --test -- "$HOOKSDIR" | while read -r hook
+- do
+- ( cat "$ADDED"
+- cat "$REMOVED" ) | "$hook" || echo "E: $hook exited with code $?."
+- done
+- echo "done."
+-
+-fi
+-
# vim:set et sw=2:
--- ca-certificates-20130610/sbin/update-ca-certificates.8~ 2013-06-11 11:32:35.000000000 +0300
+++ ca-certificates-20130610/sbin/update-ca-certificates.8 2013-06-11 11:54:40.662201388 +0300
.\" .sp <n> insert n+1 empty lines
.\" for manpage-specific macros, see man(7)
.SH NAME
--update-ca-certificates \- update /etc/ssl/certs and certificates.crt
+-update-ca-certificates \- update /etc/ssl/certs and ca-certificates.crt
+update-ca-certificates \- update @openssldir@ and ca-certificates.crt
.SH SYNOPSIS
.B update-ca-certificates
.RI [ options ]
-@@ -26,7 +26,7 @@
- This manual page was written for the Debian distribution.
- .PP
- \fBupdate-ca-certificates\fP is a program that updates the directory
--/etc/ssl/certs to hold SSL certificates and generates certificates.crt,
-+@openssldir@ to hold SSL certificates and generates certificates.crt,
- a concatenated single-file list of certificates.
- .PP
- It reads the file /etc/ca-certificates.conf. Each line gives a pathname of
@@ -38,11 +38,6 @@
- .PP
- Furthermore all certificates with a .crt extension found below
- /usr/local/share/ca-certificates are also included as implicitly trusted.
+ should be one certificate per file, and not multiple certificates in a single
+ file. Then run update-ca-certificates to merge the new certificates into the
+ existing machine store at /etc/ssl/certs.
-.PP
-Before terminating, \fBupdate-ca-certificates\fP invokes
-\fBrun-parts\fP on /etc/ca-certificates/update.d and calls each hook with
.SH OPTIONS
A summary of options is included below.
.TP
-@@ -53,13 +48,13 @@
- Be verbose. Output \fBc_rehash\fP.
+@@ -61,7 +61,7 @@
+ Be verbose. Output \fBopenssl rehash\fP.
.TP
.B \-f, \-\-fresh
-Fresh updates. Remove symlinks in /etc/ssl/certs directory.
+Fresh updates. Remove symlinks in @openssldir@ directory.
- .SH FILES
.TP
+ .B \-\-certsconf
+ Change the configuration file. By default, the file
+@@ -84,7 +84,7 @@
.I /etc/ca-certificates.conf
A configuration file.
.TP
-.I /etc/ssl/certs/ca-certificates.crt
+.I /etc/openssl/ca-certificates.crt
- A single-file version of CA certificates. This holds
- all CA certificates that you activated in /etc/ca-certificates.conf.
+ A single-file version of CA certificates. This holds all CA certificates
+ that were activated in /etc/ca-certificates.conf.
.TP
projects / packages / ca-certificates.git / blobdiff