slackware-current/source/n/ca-certificates/ca-certificates.SlackBuild
Patrick J Volkerding 10851c8f6b Fri Mar 8 18:28:40 UTC 2019
a/bash-5.0.002-x86_64-3.txz:  Rebuilt.
  Fix applying patches. Thanks to saahriktu.
a/e2fsprogs-1.45.0-x86_64-1.txz:  Upgraded.
n/ca-certificates-20190308-noarch-1.txz:  Upgraded.
n/nghttp2-1.37.0-x86_64-1.txz:  Upgraded.
n/ntp-4.2.8p13-x86_64-1.txz:  Upgraded.
  This release fixes a bug that allows an attacker with access to an explicitly
  trusted source to send a crafted malicious mode 6 (ntpq) packet that can
  trigger a NULL pointer dereference, crashing ntpd.
  It also provides 17 other bugfixes and 1 other improvement.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936
  (* Security fix *)
n/postfix-3.4.1-x86_64-2.txz:  Rebuilt.
n/s-nail-14.9.13-x86_64-1.txz:  Upgraded.
2019-03-09 08:59:47 +01:00

101 lines
3.4 KiB
Bash
Executable file

#!/bin/bash
# Slackware build script for ca-certificates
# Copyright 2009,2011 Robby Workman Northport, AL, USA
# Copyright 2012, 2013, 2015, 2016, 2018 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=ca-certificates
VERSION=${VERSION:-$(echo certdata-*.txt.xz | cut -f 2 -d - | cut -f 1 -d .)}
ARCH=noarch
BUILD=${BUILD:-1}
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
TARVERSION=${VERSION}
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
rm -rf $PKG
mkdir -p $TMP $PKG/usr/share/ca-certificates $PKG/usr/sbin
cd $TMP
rm -rf $PKGNAM
# Extract the tarball:
tar xvf $CWD/${PKGNAM}.tar.?z || exit 1
cd $PKGNAM || exit 1
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \; -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \;
# Remove incompatible command operators used to call 'run-parts':
zcat $CWD/fixup_update-ca-certificates.diff.gz | patch -p1 || exit 1
# Use "c_rehash" rather than "openssl rehash". They act mostly the same, but
# the openssl builtin is not available on older versions of Slackware, while
# c_rehash will always be there.
zcat $CWD/update-ca-certificates.c_rehash.diff.gz | patch -p1 || exit 1
# Update to certdata.txt from $CWD:
xzcat $CWD/certdata-${VERSION}.txt.xz > mozilla/certdata.txt
make || exit 1
make install DESTDIR=$PKG || exit 1
mkdir -p $PKG/etc/ca-certificates/update.d
printf "# Automatically generated by $PKGNAM-$VERSION \n#\n" \
> $PKG/etc/ca-certificates.conf.new
( cd $PKG/usr/share/ca-certificates
find . -name '*.crt' | sort | cut -b3-
) >> $PKG/etc/ca-certificates.conf.new
mkdir -p $PKG/usr/man/man8
gzip -9c sbin/update-ca-certificates.8 > \
$PKG/usr/man/man8/update-ca-certificates.8.gz
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
cp -a docs/* $PKG/usr/doc/$PKGNAM-$VERSION
mkdir -p $PKG/var/log/setup
cat $CWD/setup.11.cacerts > $PKG/var/log/setup/setup.11.cacerts
chmod 755 $PKG/var/log/setup/setup.11.cacerts
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
cd $PKG
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz