Merge pull request #2297 from pullmoll/ca-certificates
ca-certificates: remove expired certificates
This commit is contained in:
Juan RP
commit
cc74991075
|
|
@ -0,0 +1,51 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# Begin remove-expired-certs.sh
|
||||||
|
#
|
||||||
|
# Version 20120211
|
||||||
|
|
||||||
|
# Make sure the date is parsed correctly on all systems
|
||||||
|
mydate()
|
||||||
|
{
|
||||||
|
local y=$( echo $1 | cut -d" " -f4 )
|
||||||
|
local M=$( echo $1 | cut -d" " -f1 )
|
||||||
|
local d=$( echo $1 | cut -d" " -f2 )
|
||||||
|
local m
|
||||||
|
|
||||||
|
[ -z "${d}" ] && d="0"
|
||||||
|
[ "${d}" -lt 10 ] && d="0${d}"
|
||||||
|
|
||||||
|
case $M in
|
||||||
|
Jan) m="01";;
|
||||||
|
Feb) m="02";;
|
||||||
|
Mar) m="03";;
|
||||||
|
Apr) m="04";;
|
||||||
|
May) m="05";;
|
||||||
|
Jun) m="06";;
|
||||||
|
Jul) m="07";;
|
||||||
|
Aug) m="08";;
|
||||||
|
Sep) m="09";;
|
||||||
|
Oct) m="10";;
|
||||||
|
Nov) m="11";;
|
||||||
|
Dec) m="12";;
|
||||||
|
esac
|
||||||
|
|
||||||
|
certdate="${y}${m}${d}"
|
||||||
|
}
|
||||||
|
|
||||||
|
DIR="$1"
|
||||||
|
[ -z "$DIR" ] && DIR=$(pwd)
|
||||||
|
|
||||||
|
today=$(date +%Y%m%d)
|
||||||
|
|
||||||
|
find ${DIR} -type f -a -iname "*.crt" -printf "%p\n" | while read cert; do
|
||||||
|
notafter=$(/usr/bin/openssl x509 -enddate -in "${cert}" -noout)
|
||||||
|
date=$( echo ${notafter} | sed 's/^notAfter=//' )
|
||||||
|
mydate "$date"
|
||||||
|
|
||||||
|
if [ ${certdate} -lt ${today} ]; then
|
||||||
|
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
|
||||||
|
echo "EXPIRED CERTIFICATE FOUND $certdate: \"$(basename ${cert})\""
|
||||||
|
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
|
||||||
|
rm -f "${cert}"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
# Template file for 'ca-certificates'
|
# Template file for 'ca-certificates'
|
||||||
pkgname=ca-certificates
|
pkgname=ca-certificates
|
||||||
version=20150426
|
version=20150426
|
||||||
revision=2
|
revision=3
|
||||||
noarch="yes"
|
noarch="yes"
|
||||||
hostmakedepends="python"
|
hostmakedepends="libressl-openssl python"
|
||||||
depends="virtual?openssl run-parts"
|
depends="virtual?openssl run-parts"
|
||||||
conf_files="/etc/ca-certificates.conf"
|
conf_files="/etc/ca-certificates.conf"
|
||||||
short_desc="Common CA certificates for SSL/TLS"
|
short_desc="Common CA certificates for SSL/TLS"
|
||||||
|
|
@ -13,6 +13,12 @@ license="GPL-2"
|
||||||
distfiles="${DEBIAN_SITE}/main/c/${pkgname}/${pkgname}_${version}.tar.xz"
|
distfiles="${DEBIAN_SITE}/main/c/${pkgname}/${pkgname}_${version}.tar.xz"
|
||||||
checksum=37dbaa93ed64cc4ae93ac295f9248fbc741bd51376438cfb1257f17efab5494f
|
checksum=37dbaa93ed64cc4ae93ac295f9248fbc741bd51376438cfb1257f17efab5494f
|
||||||
|
|
||||||
|
post_extract() {
|
||||||
|
cp ${FILESDIR}/remove-expired-certs.sh ${wrksrc}/mozilla
|
||||||
|
sed -i ${wrksrc}/mozilla/Makefile \
|
||||||
|
-e "s;\(.*\)\(python .*\);\1\2\n\1./remove-expired-certs.sh;"
|
||||||
|
}
|
||||||
|
|
||||||
do_build() {
|
do_build() {
|
||||||
make ${makejobs}
|
make ${makejobs}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue