X-Git-Url: http://git.pld-linux.org/?p=packages%2Fca-certificates.git;a=blobdiff_plain;f=ca-certificates.spec;h=cb8705b09149046053ad1de4aa9675ad091df741;hp=ae2e592dc58314d0dd6bd7e47e57fdde22abd407;hb=53d36f708e9dd92f252e8190313558ef561912b1;hpb=cfe3948c1ff6469f120786478f537bbf34de38a1

diff --git a/ca-certificates.spec b/ca-certificates.spec
index ae2e592..cb8705b 100644
--- a/ca-certificates.spec
+++ b/ca-certificates.spec
@@ -1,18 +1,18 @@
 # TODO
 # - cleanup dead links from /etc/openssl/certs after -update uninstall
-#
 # - https://bugzilla.mozilla.org/show_bug.cgi?id=549701 and
 #   http://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/b6493a285ba79998#
+# - add certs noted in TODO file
 #
 Summary:	Common CA Certificates PEM files
 Summary(pl.UTF-8):	Pliki PEM popularnych certyfikatÃ³w CA
 Name:		ca-certificates
-Version:	20090814
-Release:	14
+Version:	20120212
+Release:	1
 License:	distributable
 Group:		Libraries
-Source0:	ftp://ftp.debian.org/debian/pool/main/c/ca-certificates/%{name}_%{version}+nmu3.tar.gz
-# Source0-md5:	578be1c5a459cea3b243777c08610727
+Source0:	ftp://ftp.debian.org/debian/pool/main/c/ca-certificates/%{name}_%{version}.tar.gz
+# Source0-md5:	391dea8d827db935ca0d0d1e6641bf23
 Source1:	https://www.verisign.com/support/thawte-roots.zip
 # Source1-md5:	a3709cc0279ef3fca4f86ea775066b18
 Source2:	http://www.certum.pl/keys/CA.pem
@@ -64,6 +64,7 @@ Patch3:		%{name}-c_rehash.sh.patch
 Patch4:		%{name}-endline.patch
 Patch5:		%{name}-mozilla.patch
 Patch6:		%{name}-DESTDIR.patch
+Patch7:		%{name}.d.patch
 URL:		http://www.cacert.org/
 BuildRequires:	openssl-tools
 BuildRequires:	python
@@ -107,7 +108,7 @@ Script and data for updating CA Certificates database.
 Skrypt i dane do odÅwieÅ¼ania bazy certyfikatÃ³w CA.
 
 %prep
-%setup -q -n %{name}-%{version}+nmu3
+%setup -q
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
@@ -115,6 +116,7 @@ Skrypt i dane do odÅwieÅ¼ania bazy certyfikatÃ³w CA.
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 
 %{__sed} -i -e 's,@openssldir@,%{openssldir},' sbin/update-ca-certificates*
 
@@ -126,25 +128,25 @@ find thawte/ -name *.pem -o -name *.txt| while read f ; do
 		nname=$(basename "$ff" .pem)
 		nname=$(basename "$nname" .txt)
 		nname=$(basename "$nname" _b64)
-		cp -i "$f" "thawte/${nname}.crt"
+		cp -pi "$f" "thawte/${nname}.crt"
 	else
 		echo "Skipping $f, doesn't look like PEM CERT"
 	fi
 done
 
 install -d certum
-cp -ai %{SOURCE2} certum
-cp -ai %{SOURCE3} certum
-cp -ai %{SOURCE4} certum
-cp -ai %{SOURCE5} certum
-cp -ai %{SOURCE6} certum
-cp -ai %{SOURCE7} certum
-cp -ai %{SOURCE8} certum
-cp -ai %{SOURCE9} certum
-cp -ai %{SOURCE10} certum
-cp -ai %{SOURCE11} certum
-cp -ai %{SOURCE12} certum
-cp -ai %{SOURCE13} certum
+cp -pi %{SOURCE2} certum
+cp -pi %{SOURCE3} certum
+cp -pi %{SOURCE4} certum
+cp -pi %{SOURCE5} certum
+cp -pi %{SOURCE6} certum
+cp -pi %{SOURCE7} certum
+cp -pi %{SOURCE8} certum
+cp -pi %{SOURCE9} certum
+cp -pi %{SOURCE10} certum
+cp -pi %{SOURCE11} certum
+cp -pi %{SOURCE12} certum
+cp -pi %{SOURCE13} certum
 for a in certum/*.pem; do
 	mv -i "$a" "${a%.pem}.crt"
 done
@@ -156,13 +158,13 @@ openssl x509 -inform DER -in %{SOURCE16} -outform PEM -out terena/$(basename %{S
 openssl x509 -inform DER -in %{SOURCE17} -outform PEM -out terena/$(basename %{SOURCE17})
 openssl x509 -inform DER -in %{SOURCE18} -outform PEM -out terena/$(basename %{SOURCE18})
 
-# http://www.sk.ee/pages.php/0203040502#Root_certificates
-# JUUR-SK, ESTEID-SK and ESTEID-SK 2007
+# http://www.sk.ee/en/Repository/certs/rootcertificates
+# JUUR-SK, ESTEID-SK and ESTEID-SK 2007, ESTEID-SK 2011
 install -d esteid
-cp -ai %{SOURCE19} esteid
-cp -ai %{SOURCE20} esteid
-cp -ai %{SOURCE21} esteid/ESTEID-SK_2007.crt
-cp -ai %{SOURCE22} esteid/ESTEID-SK_2011.crt
+cp -pi %{SOURCE19} esteid
+cp -pi %{SOURCE20} esteid
+cp -pi %{SOURCE21} esteid/ESTEID-SK_2007.crt
+cp -pi %{SOURCE22} esteid/ESTEID-SK_2011.crt
 for a in esteid/*.PEM.cer; do
 	mv -i "$a" "${a%.PEM.cer}.crt"
 done
@@ -171,15 +173,14 @@ done
 %{__make}
 
 # We have those and more in specific dirs
-rm mozilla/{Thawte,thawte,Certum,IGC_A,Deutsche_Telekom_Root_CA_2}*.crt
+rm mozilla/{Thawte,thawte,Certum,IGC_A,Deutsche_Telekom_Root_CA_2,Juur-SK}*.crt
 
 # See TODO
 # rm mozilla/RSA_Security_1024_v3.crt
 
 %install
 rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_datadir}/%{name},%{_sbindir},%{certsdir}}
-
+install -d $RPM_BUILD_ROOT{%{_datadir}/%{name},%{_sbindir},%{certsdir},%{_sysconfdir}/ca-certificates.d}
 %{__make} install \
 	DESTDIR=$RPM_BUILD_ROOT
 
@@ -203,10 +204,12 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(644,root,root,755)
+%doc debian/README.Debian debian/changelog
 %config(noreplace) %verify(not md5 mtime size) %{certsdir}/ca-certificates.crt
 
 %files update
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_sbindir}/update-ca-certificates
 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ca-certificates.conf
+%dir %{_sysconfdir}/ca-certificates.d
 %{_datadir}/ca-certificates