[Buildroot] [PATCH 1/1] ca-certificates: new package
Baruch Siach
baruch at tkos.co.il
Wed Jan 8 04:52:07 UTC 2014
Hi Martin,
Thanks for the patch. A few comments below.
On Tue, Jan 07, 2014 at 08:29:50PM +0000, Martin Bark wrote:
> CA certificates used for SSL based applications. The package installs CA
> certificates to /usr/share/ca-certificates and creates symbolic links under
> /etc/ssl/certs. For example, the existing libcurl package will use these
> certificates for https urls. Based on the debian ca-certifcates package.
>
> Signed-off-by: Martin Bark <martin at barkynet.com>
[...]
> +CA_CERTIFICATES_VERSION = 20130906
> +CA_CERTIFICATES_SOURCE = ca-certificates_$(CA_CERTIFICATES_VERSION).tar.gz
> +CA_CERTIFICATES_SITE = ftp://ftp.debian.org/debian/pool/main/c/ca-certificates
Please use $(BR2_DEBIAN_MIRROR). See package/at/at.mk, for example.
> +CA_CERTIFICATES_DEPENDENCIES = host-openssl host-python
> +CA_CERTIFICATES_LICENSE = GPLv2+ MPLv2.0
> +CA_CERTIFICATES_LICENSE_FILES = debian/copyright
According to debian/copyright these licenses apply to the specific files
listed there. You don't use any of these files as far as I can see.
> +define CA_CERTIFICATES_BUILD_CMDS
> + PATH=$(HOST_PATH) $(MAKE) -C $(@D) all
> +endef
> +
> +define CA_CERTIFICATES_INSTALL_TARGET_CMDS
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/usr/share/ca-certificates
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/etc/ssl/certs
> + $(MAKE) -C $(@D) install DESTDIR=$(TARGET_DIR)
> + rm -f $(TARGET_DIR)/usr/sbin/update-ca-certificates
> +
> + #remove any existing certificates under /etc/ssl/certs
> + rm -f $(TARGET_DIR)/etc/ssl/certs/*
> +
> + #generate symlinks to certificates under /etc/ssl/certs
> + ( \
> + cd $(TARGET_DIR) ;\
> + for i in `find usr/share/ca-certificates -name "*.crt"` ; do \
> + ln -sf ../../../$$i etc/ssl/certs/`basename $${i%.crt}.pem` ;\
> + done ;\
> + )
> +
> + #create symbolic links to the certificates by their hash values
> + $(HOST_DIR)/usr/bin/c_rehash $(TARGET_DIR)/etc/ssl/certs
> +endef
> +
> +$(eval $(generic-package))
> --
baruch
--
http://baruch.siach.name/blog/ ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch at tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -
More information about the buildroot
mailing list