summaryrefslogtreecommitdiffstats
path: root/abs/core/ca-certificates/ca-certificates-utils.install
diff options
context:
space:
mode:
authorBritney Fransen <brfransen@gmail.com>2015-09-21 13:38:23 (GMT)
committerBritney Fransen <brfransen@gmail.com>2015-09-21 13:38:23 (GMT)
commita539e75c078ac28e99b25b257a0700caaae60770 (patch)
treeac0abf9714cfe95c9c1022d5bc575f46e60f74b7 /abs/core/ca-certificates/ca-certificates-utils.install
parentceb6d3594fbd672587a1f15618427be552654241 (diff)
downloadlinhes_pkgbuild-a539e75c078ac28e99b25b257a0700caaae60770.zip
linhes_pkgbuild-a539e75c078ac28e99b25b257a0700caaae60770.tar.gz
linhes_pkgbuild-a539e75c078ac28e99b25b257a0700caaae60770.tar.bz2
ca-certificates: update to 20150402
Diffstat (limited to 'abs/core/ca-certificates/ca-certificates-utils.install')
-rw-r--r--abs/core/ca-certificates/ca-certificates-utils.install43
1 files changed, 29 insertions, 14 deletions
diff --git a/abs/core/ca-certificates/ca-certificates-utils.install b/abs/core/ca-certificates/ca-certificates-utils.install
index bf18c7f..8120878 100644
--- a/abs/core/ca-certificates/ca-certificates-utils.install
+++ b/abs/core/ca-certificates/ca-certificates-utils.install
@@ -2,28 +2,43 @@ export LC_ALL=C
post_install() {
usr/bin/update-ca-trust
-}
-pre_upgrade() {
- if (( $(vercmp $2 20140923-2) < 0 )); then
- find /etc/ssl/certs -type l -print | while read symlink; do
- case $(readlink $symlink) in
- /usr/share/ca-certificates*) rm -f $symlink;;
- esac
- done
- find /etc/ssl/certs -type l -print | while read symlink; do
- test -f $symlink || rm -f $symlink
- done
- rm -f /etc/ssl/certs/ca-certificates.crt
- fi
+ # This should be a normally packaged file, but that would
+ # require user intervention at upgrade
+ ln -srf etc/ca-certificates/extracted/tls-ca-bundle.pem \
+ etc/ssl/certs/ca-certificates.crt
}
post_upgrade() {
usr/bin/update-ca-trust
+
+ if (( $(vercmp $2 20140923-7.1) < 0 )); then
+ cat <<MSG
+ The way local CA certificates are handled has changed.
+ If you have added any certificates manually:
+
+ 1. Move certificates from /usr/local/share/ca-certificates/
+ to /etc/ca-certificates/trust-source/anchors/
+ 2. Do the same with root certificates added to /etc/ssl/certs/
+ 3. Instead of \`update-ca-certificates\`, run \`trust extract-compat\`
+
+ Also see \`man 8 update-ca-trust\` and \`trust --help\`.
+MSG
+ fi
+
+ if (( $(vercmp $2 20150402) < 0 )); then
+ ln -srf etc/ca-certificates/extracted/tls-ca-bundle.pem \
+ etc/ssl/certs/ca-certificates.crt
+
+ # Moved to etc/ca-certificates/extracted
+ rm -f etc/ssl/certs/ca-bundle.trust.crt
+ fi
}
pre_remove() {
usr/bin/update-ca-trust
+
+ rm -f etc/ssl/certs/{ca-certificates.crt,java/cacerts}
}
-# vim:set noet ts=8 sw=8:
+# vim:set noet ts=8 sw=8 sts=0: