From 3dc5e4eae9f7712ff80eb8da71c109e2b53efa48 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Elan=20Ruusam=C3=A4e?= Date: Sat, 12 May 2012 12:59:54 +0000 Subject: [PATCH] - up to 20120212, see changelog for added/removed ca-s Changed files: TODO -> 1.6 ca-certificates-etc-certs.patch -> 1.11 ca-certificates-more-certs.patch -> 1.7 ca-certificates-mozilla.patch -> 1.3 ca-certificates.spec -> 1.49 --- TODO | 27 +++++++++++++++++++++++++++ ca-certificates-etc-certs.patch | 10 +++++----- ca-certificates-more-certs.patch | 13 +++++-------- ca-certificates-mozilla.patch | 9 --------- ca-certificates.spec | 5 +++-- 5 files changed, 40 insertions(+), 24 deletions(-) diff --git a/TODO b/TODO index e9193b3..327e545 100644 --- a/TODO +++ b/TODO @@ -40,3 +40,30 @@ lrwxrwxrwx 1 glen users 37 Aug 27 18:15 f4039b98.1 -> Microsoft_Internet_Autho -rw-r--r-- 1 glen users 2.1K Aug 18 11:51 VeriSign_Class3_Extended_Validation_CA.pem -rw-r--r-- 1 glen users 1.3K Aug 18 11:51 VeriSign_International_Server_Class_3_CA.pem + + + +/usr/sbin/update-ca-certificates --fresh || : +14:12:26 root[tty3]@haarber /# /usr/sbin/update-ca-certificates --fresh +Clearing symlinks in /etc/openssl/certs...done. +Updating certificates in /etc/openssl/certs... W: /usr/share/ca-certificates/mozilla/DigiNotar_Root_CA.crt or /etc/certs/mozilla/DigiNotar_Root_CA.crt not found, but listed in /etc/ca-certificates.conf. +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +WARNING: can't open config file: /etc/openssl/openssl.cnf +14:12:31 root[tty3]@haarber /# rpm -qf /etc/openssl/openssl.cnf +openssl-tools-1.0.0g-1.x86_64 + + diff --git a/ca-certificates-etc-certs.patch b/ca-certificates-etc-certs.patch index a321e25..0bbdbb3 100644 --- a/ca-certificates-etc-certs.patch +++ b/ca-certificates-etc-certs.patch @@ -1,5 +1,5 @@ ---- ca-certificates/sbin/update-ca-certificates 2008-11-01 18:39:19.000000000 +0100 -+++ ca-certificates/sbin/update-ca-certificates-local 2008-11-01 19:17:39.138384960 +0100 +--- ca-certificates-20120212/sbin/update-ca-certificates~ 2012-05-12 11:41:03.000000000 +0300 ++++ ca-certificates-20120212/sbin/update-ca-certificates 2012-05-12 11:43:10.517657520 +0300 @@ -37,7 +37,7 @@ CERTSCONF=/etc/ca-certificates.conf @@ -52,12 +52,12 @@ - if ! test -f "$CERTSDIR/$crt" + if test -f "$CERTSDIR/$crt" then +- echo "W: $CERTSDIR/$crt not found, but listed in $CERTSCONF." >&2 + add "$CERTSDIR/$crt" + elif test -f "$LOCALCERTSDIR/$crt" + then + add "$LOCALCERTSDIR/$crt" + else -- echo "W: $CERTSDIR/$crt not found, but listed in $CERTSCONF." >&2 + echo "W: $CERTSDIR/$crt or $LOCALCERTSDIR/$crt not found, but listed in $CERTSCONF." >&2 continue fi @@ -74,6 +74,6 @@ - done -fi - - chmod 0644 "$TEMPBUNDLE" - mv -f "$TEMPBUNDLE" "$CERTBUNDLE" + rm -f "$CERTBUNDLE" + ADDED_CNT=$(wc -l < "$ADDED") diff --git a/ca-certificates-more-certs.patch b/ca-certificates-more-certs.patch index 9cdff80..29c0373 100644 --- a/ca-certificates-more-certs.patch +++ b/ca-certificates-more-certs.patch @@ -1,15 +1,14 @@ ---- ca-certificates/Makefile~ 2008-06-23 20:57:45.000000000 +0200 -+++ ca-certificates/Makefile 2008-11-01 13:10:32.000000000 +0100 -@@ -5,7 +5,7 @@ +--- ca-certificates-20120212/Makefile~ 2011-12-06 04:03:08.000000000 +0200 ++++ ca-certificates-20120212/Makefile 2012-05-12 11:40:20.330015955 +0300 +@@ -3,7 +3,7 @@ # CERTSDIR = /usr/share/ca-certificates --SUBDIRS = spi-inc.org debconf.org mozilla cacert.org brasil.gov.br signet.pl gouv.fr -+SUBDIRS = spi-inc.org debconf.org mozilla cacert.org brasil.gov.br signet.pl gouv.fr thawte certum terena esteid +-SUBDIRS = mozilla cacert.org debconf.org spi-inc.org ++SUBDIRS = mozilla cacert.org debconf.org spi-inc.org thawte certum terena esteid all: for dir in $(SUBDIRS); do \ -diff -urN ca-certificates/certum/Makefile ca-certificates-more/certum/Makefile --- ca-certificates/certum/Makefile 1970-01-01 01:00:00.000000000 +0100 +++ ca-certificates-more/certum/Makefile 2007-02-02 07:23:19.000000000 +0100 @@ -0,0 +1,12 @@ @@ -25,7 +24,6 @@ diff -urN ca-certificates/certum/Makefile ca-certificates-more/certum/Makefile + for p in *.crt; do \ + install -p -m 644 $$p $(CERTSDIR)/$$p ; \ + done -diff -urN ca-certificates/thawte/Makefile ca-certificates-more/thawte/Makefile --- ca-certificates/thawte/Makefile 1970-01-01 01:00:00.000000000 +0100 +++ ca-certificates-more/thawte/Makefile 2007-02-02 07:23:19.000000000 +0100 @@ -0,0 +1,12 @@ @@ -41,7 +39,6 @@ diff -urN ca-certificates/thawte/Makefile ca-certificates-more/thawte/Makefile + for p in *.crt; do \ + install -p -m 644 $$p $(CERTSDIR)/$$p ; \ + done -diff -urN ca-certificates/terena/Makefile ca-certificates-more/terena/Makefile --- ca-certificates/terena/Makefile 1970-01-01 01:00:00.000000000 +0100 +++ ca-certificates-more/terena/Makefile 2007-02-02 07:23:19.000000000 +0100 @@ -0,0 +1,12 @@ diff --git a/ca-certificates-mozilla.patch b/ca-certificates-mozilla.patch index 624cbfb..044dc2a 100644 --- a/ca-certificates-mozilla.patch +++ b/ca-certificates-mozilla.patch @@ -1,14 +1,5 @@ --- ca-certificates-20090814/mozilla/certdata.txt.old 2009-06-24 12:32:03.000000000 +0200 +++ ca-certificates-20090814/mozilla/certdata.txt 2009-08-31 20:28:47.000000000 +0200 -@@ -14086,7 +14086,7 @@ - END - CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR - CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR --CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUST_UNKNOWN -+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR - CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE - - # @@ -17628,3 +17628,2637 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_UNTRUSTED CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_UNTRUSTED diff --git a/ca-certificates.spec b/ca-certificates.spec index dfd5206..4e58649 100644 --- a/ca-certificates.spec +++ b/ca-certificates.spec @@ -11,12 +11,12 @@ Summary: Common CA Certificates PEM files Summary(pl.UTF-8): Pliki PEM popularnych certyfikatów CA Name: ca-certificates -Version: 20110502+nmu1 +Version: 20120212 Release: 1 License: distributable Group: Libraries Source0: ftp://ftp.debian.org/debian/pool/main/c/ca-certificates/%{name}_%{version}.tar.gz -# Source0-md5: 13aed718a5cdd05b4086c93dafd4e1e2 +# Source0-md5: 391dea8d827db935ca0d0d1e6641bf23 Source1: https://www.verisign.com/support/thawte-roots.zip # Source1-md5: a3709cc0279ef3fca4f86ea775066b18 Source2: http://www.certum.pl/keys/CA.pem @@ -207,6 +207,7 @@ rm -rf $RPM_BUILD_ROOT %files %defattr(644,root,root,755) +%doc debian/README.Debian debian/changelog %config(noreplace) %verify(not md5 mtime size) %{certsdir}/ca-certificates.crt %files update -- 2.43.0