recipe 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
  1. # Build recipe for ca-certificates (a version from Alpine Linux).
  2. #
  3. # Copyright (c) 2018-2019, 2021-2022 Matias Fonzo, <selk@dragora.org>.
  4. #
  5. # Licensed under the Apache License, Version 2.0 (the "License");
  6. # you may not use this file except in compliance with the License.
  7. # You may obtain a copy of the License at
  8. #
  9. # http://www.apache.org/licenses/LICENSE-2.0
  10. #
  11. # Unless required by applicable law or agreed to in writing, software
  12. # distributed under the License is distributed on an "AS IS" BASIS,
  13. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14. # See the License for the specific language governing permissions and
  15. # limitations under the License.
  16. # Exit immediately on any error
  17. set -e
  18. program=ca-certificates
  19. version=20220111_d12d01b
  20. release=1
  21. # Define a category for the output of the package name
  22. pkgcategory=networking
  23. tarname=${program}-${version}.tar.lz
  24. # Remote source(s)
  25. fetch="
  26. https://dragora.mirror.garr.it/current/sources/$tarname
  27. rsync://rsync.dragora.org/current/sources/$tarname
  28. "
  29. description="
  30. Common CA certificates PEM files.
  31. This package comes from the CA certificates version found in
  32. \"Alpine Linux\".
  33. "
  34. homepage=https://git.alpinelinux.org/cgit/ca-certificates/
  35. license="GPLv2+ | MPLv2.0"
  36. # Source documentation
  37. docs="VERSION"
  38. docsdir="${docdir}/${program}-${version}"
  39. # Limit parallel jobs for this build
  40. jobs=1
  41. build()
  42. {
  43. unpack "${tardir}/$tarname"
  44. cd "$srcdir"
  45. # Add updated source file with the included root certificates
  46. # https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
  47. cat "${worktree}/archive/ca-certificates/certdata.txt" > certdata.txt
  48. # Set sane permissions
  49. chmod -R u+w,go-w,a+rX-s .
  50. make -j${jobs} V=1
  51. make -j${jobs} V=1 DESTDIR="$destdir" install
  52. strip --strip-unneeded \
  53. "${destdir}/usr/bin/c_rehash" \
  54. "${destdir}/usr/sbin/update-ca-certificates"
  55. # Clean up broken symlinks, if any
  56. find "$destdir" -print | while read -r file
  57. do
  58. if test -L "$file" && test ! -e "$file"
  59. then
  60. echo "Deleting dangling symlink: $file"
  61. rm -f -- "$file"
  62. fi
  63. done
  64. mkdir -p "${destdir}"/etc/ca-certificates/update.d
  65. # To populate config file
  66. (
  67. echo "# Automatically generated by $full_pkgname"
  68. cd "${destdir}/usr/share/ca-certificates"
  69. find . -name '*.crt' | sort | cut -b3-
  70. ) > "${destdir}/etc/ca-certificates.conf"
  71. # Generate the bundle in similar way as update-ca-certificates would do
  72. find . -name '*.crt' | sort | while read -r file
  73. do
  74. cat -- "$file"
  75. echo ""
  76. done > "${destdir}/etc/ssl/certs/ca-certificates.crt"
  77. # Make run-parts script
  78. cat << "EOF" > "${destdir}/etc/ca-certificates/update.d/certhash"
  79. #! /bin/sh -
  80. exec /usr/bin/c_rehash /etc/ssl/certs
  81. EOF
  82. chmod 755 "${destdir}/etc/ca-certificates/update.d/certhash"
  83. # Compress and link man pages (if needed)
  84. if test -d "${destdir}/$mandir"
  85. then
  86. (
  87. cd "${destdir}/$mandir"
  88. find . -type f -exec lzip -9 {} +
  89. find . -type l | while read -r file
  90. do
  91. ln -sf "$(readlink -- "$file").lz" "${file}.lz"
  92. rm -- "$file"
  93. done
  94. )
  95. fi
  96. # Copy documentation
  97. mkdir -p "${destdir}/$docsdir"
  98. cp -p $docs "${destdir}/$docsdir"
  99. }