search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
p7zip: assorted fixes
[oi-userland.git] / components / openindiana / ca-certificates / Makefile
blobfea261f73fdd610f94e9a9170351d619005e79f2
1 #
2 # This file and its contents are supplied under the terms of the
3 # Common Development and Distribution License ("CDDL"), version 1.0.
4 # You may only use this file in accordance with the terms of version
5 # 1.0 of the CDDL.
6 #
7 # A full copy of the text of the CDDL should have accompanied this
8 # source. A copy of the CDDL is also available via the Internet at
9 # http://www.illumos.org/license/CDDL.
10 #
11
12 #
13 # Copyright 2016 Alexander Pyhalov
14 # Copyright 2019 Michal Nowak
15 # Copyright 2021 Till Wegmueller
16 # Copyright 2022 David Stes
17 # Copyright 2023 Niklas Poslovski
18 #
19
20 BUILD_STYLE = archive
21 BUILD_BITS = NO_ARCH
22 include ../../../make-rules/shared-macros.mk
23
24 COMPONENT_NAME= ca-certificates
25 COMPONENT_VERSION_MAJOR= 3
26 COMPONENT_VERSION_MINOR= 105
27 COMPONENT_VERSION= $(COMPONENT_VERSION_MAJOR).$(COMPONENT_VERSION_MINOR)
28 HUMAN_VERSION= 20240924
29 COMPONENT_SUMMARY= Common CA certificates
30 COMPONENT_SRC= nss-$(COMPONENT_VERSION)
31 COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
32 COMPONENT_ARCHIVE_HASH= sha256:8e8e4c8c88ca5c828b207cfaf66c6188e7f96c97cc18946d3db7da4c0d395619
33 COMPONENT_ARCHIVE_URL= https://ftp.mozilla.org/pub/security/nss/releases/NSS_$(COMPONENT_VERSION_MAJOR)_$(COMPONENT_VERSION_MINOR)_RTM/src/$(COMPONENT_ARCHIVE)
34 COMPONENT_PROJECT_URL= https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
35 COMPONENT_FMRI= crypto/ca-certificates
36 COMPONENT_LICENSE= MPLv2.0
37 COMPONENT_LICENSE_FILE= nss/COPYING
38
39 BUILD_TARGET = $(BUILD_$(MK_BITS))
40 INSTALL_TARGET = $(INSTALL_$(MK_BITS))
41
42 include $(WS_MAKE_RULES)/common.mk
43
44 PKG_OPTIONS += -I $(COMPONENT_DIR)
45
46 CLEAN_PATHS += $(BUILD_DIR) $(PROTO_DIR)
47
48 $(BUILD_$(MK_BITS)): $(BUILD_DIR_$(MK_BITS))/.certs_renamed
49
50 # some filenames are UTF-8 not 7bit ASCII because
51 # certdata.txt has CKA_LABEL UTF8 entries that are not 7bit ASCII
52 # for example NetLock_Arany_(Class_Gold)_Ftanstvny.pem has a small letter o
53 # which uses the Hungarian small latin o with double acute (U + 0151)
54 # to avoid packaging UTF-8 non-ASCII paths in /etc, process by iconv
55 # see Illumos bug #14510 and bug #11625
56
57 $(BUILD_DIR_$(MK_BITS))/.certs_renamed: $(BUILD_DIR_$(MK_BITS))/.certs_extracted
58 for i in $(@D)/xx*; do \
59 FILE_LEN=$$(wc -l "$$i" |awk ' { print $$1; }' ); \
60 BEGIN=$$(grep -n "BEGIN CERT" "$$i" |cut -d : -f 1); \
61 TAIL=$$(($$FILE_LEN-$$BEGIN+1)); \
62 NAME=$$(head -1 "$$i" | tr ' ' '_' | \
63 iconv -c -f UTF-8 -t ASCII | \
64 tr -d '?' | tr -d '(' | tr -d ')' \
65 ); \
66 tail -n $$TAIL "$$i" > $(@D)/$${NAME}.pem ;\
67 done
68 $(TOUCH) $@
69
70 $(BUILD_DIR_$(MK_BITS))/.certs_extracted: $(BUILD_DIR_$(MK_BITS))/ca-bundle.processed
71 cd $(@D) &&\
72 NUM=$$(awk '/BEGIN/{n++} END{print n-2}' $(@D)/ca-bundle.processed) &&\
73 csplit -s -n 3 $(@D)/ca-bundle.processed '/END CERT/1' "{$$NUM}"
74 $(TOUCH) $@
75
76 $(BUILD_DIR_$(MK_BITS))/ca-bundle.processed: $(BUILD_DIR_$(MK_BITS))/ca-bundle.crt
77 grep -v '^#' $(@D)/ca-bundle.crt | grep -v '^$$' > $@
78
79 $(BUILD_DIR_$(MK_BITS))/ca-bundle.crt: $(BUILD_DIR_$(MK_BITS))/certdata.txt
80 cd $(@D) && $(PERL) $(COMPONENT_DIR)/files/mk-ca-bundle.pl -n
81
82
83 $(BUILD_DIR_$(MK_BITS))/certdata.txt: $(SOURCE_DIR)/nss/lib/ckfw/builtins/certdata.txt
84 $(MKDIR) $(@D)
85 $(CP) $(SOURCE_DIR)/nss/lib/ckfw/builtins/certdata.txt $@
86
87 $(SOURCE_DIR)/nss/lib/ckfw/builtins/certdata.txt: $(SOURCE_DIR)/.prep
88
89 $(INSTALL_$(MK_BITS)): $(BUILD_$(MK_BITS))
90 $(MKDIR) $(PROTO_DIR)/etc/certs/CA $(PROTO_DIR)/etc/openssl/certs
91 $(CP) $(@D)/*.pem $(PROTO_DIR)/etc/certs/CA/
92 cd $(PROTO_DIR)/etc/certs/CA &&\
93 for i in *.pem ; do \
94 HASH=$$(openssl x509 -noout -hash -in $$i); \
95 ln -fs ../../certs/CA/$${i} ../../openssl/certs/$${HASH}.0; \
96 done;
97 touch $@
98
99 # Manually added dependencies
100 REQUIRED_PACKAGES += file/gnu-coreutils
101 REQUIRED_PACKAGES += library/security/openssl
102 REQUIRED_PACKAGES += runtime/perl
103 REQUIRED_PACKAGES += library/perl-5/libwww-perl
104 REQUIRED_PACKAGES += text/gawk
105 REQUIRED_PACKAGES += text/gnu-grep
106 REQUIRED_PACKAGES += system/library/iconv/utf-8
107
108 # Auto-generated dependencies
109 REQUIRED_PACKAGES += system/ca-certificates