Sun May 31 15:53:44 2020 UTC ()
Add ca-certificates-20190110
This package provides the certificates distributed by the Mozilla
Project.
It also provides a script, update-ca-certs, which can be used to manage
a location that makes certificates usable by TLS implementations,
including installing select certificates from this package.
(kim)
diff -r1.761 -r1.762 pkgsrc/security/Makefile
diff -r0 -r1.1 pkgsrc/security/ca-certificates/DESCR
diff -r0 -r1.1 pkgsrc/security/ca-certificates/INSTALL
diff -r0 -r1.1 pkgsrc/security/ca-certificates/MESSAGE
diff -r0 -r1.1 pkgsrc/security/ca-certificates/Makefile
diff -r0 -r1.1 pkgsrc/security/ca-certificates/PLIST
diff -r0 -r1.1 pkgsrc/security/ca-certificates/distinfo
diff -r0 -r1.1 pkgsrc/security/ca-certificates/files/ca-certificates.conf
--- pkgsrc/security/Makefile 2020/05/26 22:33:20 1.761
+++ pkgsrc/security/Makefile 2020/05/31 15:53:44 1.762
| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: Makefile,v 1.761 2020/05/26 22:33:20 adam Exp $ | | 1 | # $NetBSD: Makefile,v 1.762 2020/05/31 15:53:44 kim Exp $ |
2 | # | | 2 | # |
3 | | | 3 | |
4 | COMMENT= Security tools | | 4 | COMMENT= Security tools |
5 | | | 5 | |
6 | SUBDIR+= 2fa | | 6 | SUBDIR+= 2fa |
7 | SUBDIR+= Bastille | | 7 | SUBDIR+= Bastille |
8 | SUBDIR+= CSP | | 8 | SUBDIR+= CSP |
9 | SUBDIR+= CoolKey | | 9 | SUBDIR+= CoolKey |
10 | SUBDIR+= EasyPG | | 10 | SUBDIR+= EasyPG |
11 | SUBDIR+= HElib | | 11 | SUBDIR+= HElib |
12 | SUBDIR+= KeePass | | 12 | SUBDIR+= KeePass |
13 | SUBDIR+= PACK | | 13 | SUBDIR+= PACK |
14 | SUBDIR+= PortableSigner | | 14 | SUBDIR+= PortableSigner |
| @@ -24,26 +24,27 @@ SUBDIR+= antonym | | | @@ -24,26 +24,27 @@ SUBDIR+= antonym |
24 | SUBDIR+= ap-modsecurity2 | | 24 | SUBDIR+= ap-modsecurity2 |
25 | SUBDIR+= apg | | 25 | SUBDIR+= apg |
26 | SUBDIR+= argon2 | | 26 | SUBDIR+= argon2 |
27 | SUBDIR+= arirang | | 27 | SUBDIR+= arirang |
28 | SUBDIR+= asignify | | 28 | SUBDIR+= asignify |
29 | SUBDIR+= avcheck | | 29 | SUBDIR+= avcheck |
30 | SUBDIR+= bcrypt | | 30 | SUBDIR+= bcrypt |
31 | SUBDIR+= bearssl | | 31 | SUBDIR+= bearssl |
32 | SUBDIR+= beecrypt | | 32 | SUBDIR+= beecrypt |
33 | SUBDIR+= bitstir | | 33 | SUBDIR+= bitstir |
34 | SUBDIR+= boringssl | | 34 | SUBDIR+= boringssl |
35 | SUBDIR+= botan | | 35 | SUBDIR+= botan |
36 | SUBDIR+= botan-devel | | 36 | SUBDIR+= botan-devel |
| | | 37 | SUBDIR+= ca-certificates |
37 | SUBDIR+= caff | | 38 | SUBDIR+= caff |
38 | SUBDIR+= ccid | | 39 | SUBDIR+= ccid |
39 | SUBDIR+= cfs | | 40 | SUBDIR+= cfs |
40 | SUBDIR+= chkrootkit | | 41 | SUBDIR+= chkrootkit |
41 | SUBDIR+= clamav | | 42 | SUBDIR+= clamav |
42 | SUBDIR+= clamav-doc | | 43 | SUBDIR+= clamav-doc |
43 | SUBDIR+= clusterssh | | 44 | SUBDIR+= clusterssh |
44 | SUBDIR+= codecrypt | | 45 | SUBDIR+= codecrypt |
45 | SUBDIR+= courier-authlib | | 46 | SUBDIR+= courier-authlib |
46 | SUBDIR+= crack | | 47 | SUBDIR+= crack |
47 | SUBDIR+= credns | | 48 | SUBDIR+= credns |
48 | #SUBDIR+= crudesaml # only shared files | | 49 | #SUBDIR+= crudesaml # only shared files |
49 | SUBDIR+= crypto++ | | 50 | SUBDIR+= crypto++ |
This package provides the certificates distributed by the Mozilla
Project.
It also provides a script, update-ca-certs, which can be used to manage
a location that makes certificates usable by TLS implementations,
including installing select certificates from this package.
# $NetBSD: INSTALL,v 1.1 2020/05/31 15:53:44 kim Exp $
case ${STAGE} in
POST-INSTALL)
@PREFIX@/sbin/update-ca-certificates
;;
esac
===========================================================================
$NetBSD: MESSAGE,v 1.1 2020/05/31 15:53:44 kim Exp $
Execute this command to install and rehash select CA root certificates
distributed by the Mozilla Project, so that they can be used by third
party applications using OpenSSL. It also creates a single file
certificate bundle in PEM format which can be used by applications using
GnuTLS.
# update-ca-certificates
You can edit /etc/ca-certificates.conf to configure which certificates are
installed. Additionally any certificates in /usr/local/share/ca-certificates
will be installed.
To mark these certificates as trusted for users of gnupg2, do
the following (assuming default PKG_SYSCONFBASE and a Bourne shell):
# mkdir -p /usr/pkg/etc/gnupg
# cd /usr/pkg/etc/gnupg
# for c in /etc/openssl/certs/*.pem; do
> openssl x509 -in $c -noout -fingerprint|sed 's|^.*=\(.*\)|\1 S|'
> done > trustlist.txt
===========================================================================
# $NetBSD: Makefile,v 1.1 2020/05/31 15:53:44 kim Exp $
PKGNAME= ca-certificates-20190110
DISTNAME= ${PKGNAME:C/-([^-]*)$/_\1/}
CATEGORIES= security
MASTER_SITES= http://deb.debian.org/debian/pool/main/c/ca-certificates/
EXTRACT_SUFX= .tar.xz
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= https://packages.debian.org/source/sid/ca-certificates
COMMENT= Root CA certificates from the Mozilla Project
LICENSE= gnu-gpl-v2 AND mpl-2.0
NO_CONFIGURE= yes
PYTHON_FOR_BUILD_ONLY= yes
USE_TOOLS= awk:run echo:run expr:run ln:run ls:run openssl:run rm:run mkdir:run
WRKSRC= ${WRKDIR}/${PKGNAME_NOREV}
DATADIR= ${PREFIX}/share/${PKGBASE}
EGDIR= ${PREFIX}/share/examples/${PKGBASE}
# Set paths depending on whether we depend on builtin or pkgsrc
# openssl. \todo Arguably, we should consider installing into both
# builtin and pkgsrc, if both exist, but this requires much more
# thought.
CHECK_BUILTIN.openssl= yes
.include "../../security/openssl/builtin.mk"
CHECK_BUILTIN.openssl= no
.if !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
SSLDIR= /etc/openssl
.else
SSLDIR= ${PKG_SYSCONFDIR}/openssl
.endif
SUBST_CLASSES= conf paths
SUBST_MESSAGE.conf= Adjusting configuration file.
SUBST_STAGE.conf= post-build
SUBST_FILES.conf= ca-certificates.conf
SUBST_SED.conf= -e 's,^share/ca-certificates/,,'
SUBST_MESSAGE.paths= Replacing hard-coded paths.
SUBST_STAGE.paths= post-build
SUBST_FILES.paths= Makefile sbin/Makefile
SUBST_FILES.paths+= ca-certificates.conf
SUBST_FILES.paths+= sbin/update-ca-certificates sbin/update-ca-certificates.8
SUBST_SED.paths= -e 's,/usr/sbin,${PREFIX}/sbin,g'
SUBST_SED.paths+= -e 's,/etc/ca-certificates.conf,${PKG_SYSCONFDIR}/ca-certificates.conf,g'
SUBST_SED.paths+= -e 's,/etc/ssl,${SSLDIR},g'
SUBST_SED.paths+= -e 's,/usr/share/ca-certificates,${DATADIR},g'
INSTALLATION_DIRS= sbin ${DATADIR} ${EGDIR} share/man/man8
CONF_FILES= ${EGDIR}/ca-certificates.conf \
${PKG_SYSCONFDIR}/ca-certificates.conf
pre-build:
@${CP} ${FILESDIR}/ca-certificates.conf ${WRKSRC}/
@${GREP} '^share/ca-certificates/' ${FILESDIR}/../PLIST \
>> ${WRKSRC}/ca-certificates.conf
post-install:
${INSTALL_MAN} ${WRKSRC}/sbin/update-ca-certificates.8 \
${DESTDIR}${PREFIX}/share/man/man8/update-ca-certificates.8
${INSTALL_DATA} ${WRKSRC}/ca-certificates.conf \
${DESTDIR}${EGDIR}/ca-certificates.conf
.include "../../lang/python/tool.mk"
.include "../../mk/bsd.pkg.mk"
@comment $NetBSD: PLIST,v 1.1 2020/05/31 15:53:44 kim Exp $
sbin/update-ca-certificates
share/ca-certificates/mozilla/ACCVRAIZ1.crt
share/ca-certificates/mozilla/AC_RAIZ_FNMT-RCM.crt
share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt
share/ca-certificates/mozilla/AddTrust_External_Root.crt
share/ca-certificates/mozilla/AffirmTrust_Commercial.crt
share/ca-certificates/mozilla/AffirmTrust_Networking.crt
share/ca-certificates/mozilla/AffirmTrust_Premium.crt
share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt
share/ca-certificates/mozilla/Amazon_Root_CA_1.crt
share/ca-certificates/mozilla/Amazon_Root_CA_2.crt
share/ca-certificates/mozilla/Amazon_Root_CA_3.crt
share/ca-certificates/mozilla/Amazon_Root_CA_4.crt
share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt
share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt
share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt
share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt
share/ca-certificates/mozilla/CA_Disig_Root_R2.crt
share/ca-certificates/mozilla/CFCA_EV_ROOT.crt
share/ca-certificates/mozilla/COMODO_Certification_Authority.crt
share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt
share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt
share/ca-certificates/mozilla/Certigna.crt
share/ca-certificates/mozilla/Certinomis_-_Root_CA.crt
share/ca-certificates/mozilla/Certplus_Class_2_Primary_CA.crt
share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt
share/ca-certificates/mozilla/Certum_Trusted_Network_CA_2.crt
share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt
share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt
share/ca-certificates/mozilla/Cybertrust_Global_Root.crt
share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt
share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt
share/ca-certificates/mozilla/DST_Root_CA_X3.crt
share/ca-certificates/mozilla/Deutsche_Telekom_Root_CA_2.crt
share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt
share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G2.crt
share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G3.crt
share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt
share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt
share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt
share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt
share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt
share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt
share/ca-certificates/mozilla/EC-ACC.crt
share/ca-certificates/mozilla/EE_Certification_Centre_Root_CA.crt
share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt
share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt
share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt
share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G2.crt
share/ca-certificates/mozilla/GDCA_TrustAUTH_R5_ROOT.crt
share/ca-certificates/mozilla/GeoTrust_Global_CA.crt
share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority.crt
share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt
share/ca-certificates/mozilla/GeoTrust_Universal_CA.crt
share/ca-certificates/mozilla/GeoTrust_Universal_CA_2.crt
share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt
share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt
share/ca-certificates/mozilla/GlobalSign_Root_CA.crt
share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt
share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt
share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R6.crt
share/ca-certificates/mozilla/Global_Chambersign_Root_-_2008.crt
share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt
share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt
share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt
share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt
share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt
share/ca-certificates/mozilla/ISRG_Root_X1.crt
share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt
share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt
share/ca-certificates/mozilla/Izenpe.com.crt
share/ca-certificates/mozilla/LuxTrust_Global_Root_2.crt
share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA_2009.crt
share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt
share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt
share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt
share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt
share/ca-certificates/mozilla/QuoVadis_Root_CA.crt
share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt
share/ca-certificates/mozilla/QuoVadis_Root_CA_2.crt
share/ca-certificates/mozilla/QuoVadis_Root_CA_2_G3.crt
share/ca-certificates/mozilla/QuoVadis_Root_CA_3.crt
share/ca-certificates/mozilla/QuoVadis_Root_CA_3_G3.crt
share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_ECC.crt
share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt
share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_ECC.crt
share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_RSA.crt
share/ca-certificates/mozilla/SZAFIR_ROOT_CA2.crt
share/ca-certificates/mozilla/SecureSign_RootCA11.crt
share/ca-certificates/mozilla/SecureTrust_CA.crt
share/ca-certificates/mozilla/Secure_Global_CA.crt
share/ca-certificates/mozilla/Security_Communication_RootCA2.crt
share/ca-certificates/mozilla/Security_Communication_Root_CA.crt
share/ca-certificates/mozilla/Sonera_Class_2_Root_CA.crt
share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt
share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt
share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt
share/ca-certificates/mozilla/Starfield_Class_2_CA.crt
share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt
share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt
share/ca-certificates/mozilla/SwissSign_Gold_CA_-_G2.crt
share/ca-certificates/mozilla/SwissSign_Silver_CA_-_G2.crt
share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_2.crt
share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_3.crt
share/ca-certificates/mozilla/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt
share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt
share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt
share/ca-certificates/mozilla/Taiwan_GRCA.crt
share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt
share/ca-certificates/mozilla/TrustCor_ECA-1.crt
share/ca-certificates/mozilla/TrustCor_RootCert_CA-1.crt
share/ca-certificates/mozilla/TrustCor_RootCert_CA-2.crt
share/ca-certificates/mozilla/Trustis_FPS_Root_CA.crt
share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt
share/ca-certificates/mozilla/USERTrust_RSA_Certification_Authority.crt
share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt
share/ca-certificates/mozilla/VeriSign_Universal_Root_Certification_Authority.crt
share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt
share/ca-certificates/mozilla/XRamp_Global_CA_Root.crt
share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt
share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt
share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt
share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt
share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt
share/examples/ca-certificates/ca-certificates.conf
share/man/man8/update-ca-certificates.8
$NetBSD: distinfo,v 1.1 2020/05/31 15:53:44 kim Exp $
SHA1 (ca-certificates_20190110.tar.xz) = 47d4584eae85fc905e4994766eb3930a8a84e2e1
RMD160 (ca-certificates_20190110.tar.xz) = cbf8f474fba527dc96413632ac5874385bd38e17
SHA512 (ca-certificates_20190110.tar.xz) = 9ce2661018edb120d0ef5bd3ed52c0f73f577d7607d135a31730549f5eb4176db4865cdb8bde77a78dc3efb8968846da5e72af8a833a9da2a8a7deb4f1560372
Size (ca-certificates_20190110.tar.xz) = 243472 bytes
# $NetBSD: ca-certificates.conf,v 1.1 2020/05/31 15:53:44 kim Exp $
#
# This file lists certificates that update-ca-certificates(8) will
# select or deselect for installing in /etc/ssl/certs.
#
# A line beginning with # is a comment.
# A line beginning with ! deselects the matching certificate file.
#