diff options
Diffstat (limited to 'import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates')
6 files changed, 226 insertions, 0 deletions
diff --git a/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch new file mode 100644 index 000000000..4b4b287d4 --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch @@ -0,0 +1,30 @@ +ca-certificates is a package from Debian, but some host distros such as Fedora +have a leaner run-parts provided by cron which doesn't support --verbose or the + -- separator between arguments and paths. + +This solves errors such as + +| Running hooks in [...]/rootfs/etc/ca-certificates/update.d... +| [...]/usr/sbin/update-ca-certificates: line 194: Not: command not found + +Upstream-Status: Inappropriate +Signed-off-by: Ross Burton <ross.burton@intel.com> +--- + sbin/update-ca-certificates | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +Index: git/sbin/update-ca-certificates +=================================================================== +--- git.orig/sbin/update-ca-certificates ++++ git/sbin/update-ca-certificates +@@ -191,9 +191,7 @@ if [ -d "$HOOKSDIR" ] + then + + echo "Running hooks in $HOOKSDIR..." +- VERBOSE_ARG= +- [ "$verbose" = 0 ] || VERBOSE_ARG="--verbose" +- eval run-parts "$VERBOSE_ARG" --test -- "$HOOKSDIR" | while read hook ++ eval run-parts --test -- "$HOOKSDIR" | while read hook + do + ( cat "$ADDED" + cat "$REMOVED" ) | "$hook" || echo "E: $hook exited with code $?." diff --git a/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch new file mode 100644 index 000000000..bf027233d --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0001-update-ca-certificates-remove-c-rehash.patch @@ -0,0 +1,46 @@ +Upstream-Status: Pending + +From 111e905fe931da1a3800accfc675cc01c8ee080c Mon Sep 17 00:00:00 2001 +From: Ulf Samuelsson <ulf@emagii.com> +Date: Tue, 28 Feb 2012 06:42:58 +0100 +Subject: [PATCH] update-ca-certificates: remove c rehash + +Updated earlier patch to apply clean on 2012-02-12 +Signed-off-by: Ulf Samuelsson <ulf@emagii.com> +--- + sbin/update-ca-certificates | 20 ++++++++++---------- + 1 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates +index 5375950..c567e3d 100755 +--- a/sbin/update-ca-certificates ++++ b/sbin/update-ca-certificates +@@ -132,16 +132,16 @@ rm -f "$CERTBUNDLE" + ADDED_CNT=$(wc -l < "$ADDED") + REMOVED_CNT=$(wc -l < "$REMOVED") + +-if [ "$ADDED_CNT" -gt 0 ] || [ "$REMOVED_CNT" -gt 0 ] +-then +- # only run if set of files has changed +- if [ "$verbose" = 0 ] +- then +- c_rehash . > /dev/null +- else +- c_rehash . +- fi +-fi ++#if [ "$ADDED_CNT" -gt 0 ] || [ "$REMOVED_CNT" -gt 0 ] ++#then ++# # only run if set of files has changed ++# if [ "$verbose" = 0 ] ++# then ++# c_rehash . > /dev/null ++# else ++# c_rehash . ++# fi ++#fi + + chmod 0644 "$TEMPBUNDLE" + mv -f "$TEMPBUNDLE" "$CERTBUNDLE" +-- +1.7.4.1 diff --git a/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch new file mode 100644 index 000000000..792b4030b --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch @@ -0,0 +1,46 @@ +Upstream-Status: Pending + +From 724cb153ca0f607fb38b3a8db3ebb2742601cd81 Mon Sep 17 00:00:00 2001 +From: Andreas Oberritter <obi@opendreambox.org> +Date: Tue, 19 Mar 2013 17:14:33 +0100 +Subject: [PATCH 2/2] update-ca-certificates: use $SYSROOT + +Signed-off-by: Andreas Oberritter <obi@opendreambox.org> +--- + sbin/update-ca-certificates | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +Index: git/sbin/update-ca-certificates +=================================================================== +--- git.orig/sbin/update-ca-certificates ++++ git/sbin/update-ca-certificates +@@ -24,12 +24,12 @@ + verbose=0 + fresh=0 + default=0 +-CERTSCONF=/etc/ca-certificates.conf +-CERTSDIR=/usr/share/ca-certificates +-LOCALCERTSDIR=/usr/local/share/ca-certificates ++CERTSCONF=$SYSROOT/etc/ca-certificates.conf ++CERTSDIR=$SYSROOT/usr/share/ca-certificates ++LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates + CERTBUNDLE=ca-certificates.crt +-ETCCERTSDIR=/etc/ssl/certs +-HOOKSDIR=/etc/ca-certificates/update.d ++ETCCERTSDIR=$SYSROOT/etc/ssl/certs ++HOOKSDIR=$SYSROOT/etc/ca-certificates/update.d + + while [ $# -gt 0 ]; + do +@@ -92,9 +92,9 @@ add() { + PEM="$ETCCERTSDIR/$(basename "$CERT" .crt | sed -e 's/ /_/g' \ + -e 's/[()]/=/g' \ + -e 's/,/_/g').pem" +- if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "$CERT" ] ++ if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "${CERT##$SYSROOT}" ] + then +- ln -sf "$CERT" "$PEM" ++ ln -sf "${CERT##$SYSROOT}" "$PEM" + echo "+$PEM" >> "$ADDED" + fi + # Add trailing newline to certificate, if it is missing (#635570) diff --git a/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch new file mode 100644 index 000000000..f8b0791be --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch @@ -0,0 +1,50 @@ +Upstream-Status: Pending + +update-ca-certificates: find SYSROOT relative to its own location + +This makes the script relocatable. + +Index: git/sbin/update-ca-certificates +=================================================================== +--- git.orig/sbin/update-ca-certificates ++++ git/sbin/update-ca-certificates +@@ -66,6 +66,39 @@ do + shift + done + ++if [ -z "$SYSROOT" ]; then ++ local_which () { ++ if [ $# -lt 1 ]; then ++ return 1 ++ fi ++ ++ ( ++ IFS=: ++ for entry in $PATH; do ++ if [ -x "$entry/$1" ]; then ++ echo "$entry/$1" ++ exit 0 ++ fi ++ done ++ exit 1 ++ ) ++ } ++ ++ case "$0" in ++ */*) ++ sbindir=$(cd ${0%/*} && pwd) ++ ;; ++ *) ++ sbindir=$(cd $(dirname $(local_which $0)) && pwd) ++ ;; ++ esac ++ prefix=${sbindir%/*} ++ SYSROOT=${prefix%/*} ++ if [ ! -d "$SYSROOT/usr/share/ca-certificates" ]; then ++ SYSROOT= ++ fi ++fi ++ + if [ ! -s "$CERTSCONF" ] + then + fresh=1 diff --git a/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch new file mode 100644 index 000000000..a113fa8b1 --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch @@ -0,0 +1,20 @@ +Upstream-Status: Pending + +Let us alter the install destination of the script via SBINDIR + +--- ca-certificates-20130119.orig/sbin/Makefile ++++ ca-certificates-20130119/sbin/Makefile +@@ -3,9 +3,12 @@ + # + # + ++SBINDIR = /usr/sbin ++ + all: + + clean: + + install: +- install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/ ++ install -d $(DESTDIR)$(SBINDIR) ++ install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/ diff --git a/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch new file mode 100644 index 000000000..6e2171f75 --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch @@ -0,0 +1,34 @@ +From 30378026d136efa779732e3f6664e2ecf461e458 Mon Sep 17 00:00:00 2001 +From: Patrick Ohly <patrick.ohly@intel.com> +Date: Thu, 17 Mar 2016 12:38:09 +0100 +Subject: [PATCH] update-ca-certificates: support Toybox + +"mktemp -t" is deprecated and does not work when using Toybox. Replace +with something that works also with Toybox. + +Upstream-Status: Pending + +Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> +--- + sbin/update-ca-certificates | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates +index 79c41bb..ae9e3f1 100755 +--- a/sbin/update-ca-certificates ++++ b/sbin/update-ca-certificates +@@ -113,9 +113,9 @@ trap cleanup 0 + + # Helper files. (Some of them are not simple arrays because we spawn + # subshells later on.) +-TEMPBUNDLE="$(mktemp -t "${CERTBUNDLE}.tmp.XXXXXX")" +-ADDED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" +-REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" ++TEMPBUNDLE="$(mktemp -p${TMPDIR:-/tmp} "${CERTBUNDLE}.tmp.XXXXXX")" ++ADDED="$(mktemp -p${TMPDIR:-/tmp} "ca-certificates.tmp.XXXXXX")" ++REMOVED="$(mktemp -p${TMPDIR:-/tmp} "ca-certificates.tmp.XXXXXX")" + + # Adds a certificate to the list of trusted ones. This includes a symlink + # in /etc/ssl/certs to the certificate file and its inclusion into the +-- +2.1.4 |