summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorgdt <gdt@pkgsrc.org>2017-06-19 00:32:37 +0000
committergdt <gdt@pkgsrc.org>2017-06-19 00:32:37 +0000
commit370fd79d22eeb467ac0bd23c2f2c4c699d089b9a (patch)
treefcbd125124645d9975a28795df0e8a15efd081ad
parent4faed6a170c159a4ea58bb71ac265457b65d9d7a (diff)
downloadpkgsrc-370fd79d22eeb467ac0bd23c2f2c4c699d089b9a.tar.gz
Rationalize directory handling around ca-certificates.crt
Now, ca-certificates.crt is always in the main certs dir, because we have been careful about builtin vs pkgsrc paths. So the directory must exist (because it was checked earlier). Instead, check for the ca-certificates.crt file existing. Add more questioning comments. Based on a patch by J. Lewis Muir.
-rw-r--r--security/mozilla-rootcerts/Makefile4
-rw-r--r--security/mozilla-rootcerts/files/mozilla-rootcerts.sh16
2 files changed, 10 insertions, 10 deletions
diff --git a/security/mozilla-rootcerts/Makefile b/security/mozilla-rootcerts/Makefile
index 1fbf30dd133..9f6122ec8cc 100644
--- a/security/mozilla-rootcerts/Makefile
+++ b/security/mozilla-rootcerts/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.27 2017/06/19 00:10:21 gdt Exp $
+# $NetBSD: Makefile,v 1.28 2017/06/19 00:32:37 gdt Exp $
DISTNAME= mozilla-rootcerts-1.0.${CERTDATA_DATE}
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= security
MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/052b90b5414f/security/nss/lib/ckfw/builtins/certdata.txt
DISTFILES= ${CERTDATA}
diff --git a/security/mozilla-rootcerts/files/mozilla-rootcerts.sh b/security/mozilla-rootcerts/files/mozilla-rootcerts.sh
index f300ec3ce2c..f306e3a292b 100644
--- a/security/mozilla-rootcerts/files/mozilla-rootcerts.sh
+++ b/security/mozilla-rootcerts/files/mozilla-rootcerts.sh
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: mozilla-rootcerts.sh,v 1.15 2017/06/19 00:20:15 gdt Exp $
+# $NetBSD: mozilla-rootcerts.sh,v 1.16 2017/06/19 00:32:37 gdt Exp $
#
# This script is meant to be used as follows:
#
@@ -201,6 +201,7 @@ install)
# quell warnings for a missing config file
touch $destdir$conffile
fi
+ # Insist on e.g. /etc/openssl/certs existing.
if [ ! -d $destdir$certdir ]; then
${ECHO} 1>&2 "ERROR: $destdir$certdir does not exist, aborting."
exit 1
@@ -217,18 +218,17 @@ install)
$self extract
$self rehash
set +e
-
- # \todo Explain the point of the next check. After directory
- # rationalization, it is checking the same directory that was
- # just populated.
- if [ -d $destdir$certdir ]; then
- ${ECHO} 1>&2 "ERROR: $destdir$certdir already exists, aborting."
+ # \todo Explain why if we are willing to write
+ # ca-certificates.crt, we are not willing to remove and
+ # re-create it. Arguably install should be idempotent without
+ # error.
+ if [ -e $destdir$certdir/ca-certificates.crt ]; then
+ ${ECHO} 1>&2 "ERROR: $destdir$certdir/ca-certificates.crt already exists, aborting."
exit 1
fi
set -e
# \todo Explain the purpose of the ca-certificates file, and
# specifically if it is for openssl itself, propgrams using
# openssl, gnutls, or something else.
- $MKDIR $destdir$certdir
cat $destdir$certdir/*.pem > $destdir$certdir/ca-certificates.crt
esac