sigsolucoes/ca-certificates-brazil
3
0
Fork 0
mirror of https://github.com/ekaaty/ca-certificates-brazil.git synced 2025-12-06 01:22:38 -03:00
Code Issues Actions Packages Projects Releases Wiki Activity

CA PKI update tool autodetection (legacy/p11kit)

Browse Source
This commit is contained in:
Christian Tosta
2025-04-16 08:39:53 -03:00
parent 921cab191b
commit 4b2bdb47bf
2 changed files with 53 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
CMakeLists.txt
View File

@@ -1,7 +1,19 @@
cmake_minimum_required(VERSION 3.16) cmake_minimum_required(VERSION 3.16)
project(ca-certificates-brazil) project(ca-certificates-brazil)
string(TIMESTAMP PROJECT_VERSION "%Y%m%d") set(HASH_FILE "hashsha512.txt")
execute_process(
COMMAND bash -c
"date +%Y.%m.%d \
-d \"$( \
curl -ksI $(grep ${HASH_FILE} ${CMAKE_SOURCE_DIR}/sources) \
| grep -iPo '^Last-Modified: \\K[\\S ]*'
)\"
"
OUTPUT_VARIABLE PROJECT_VERSION
OUTPUT_STRIP_TRAILING_WHITESPACE
)
set(SourceFiles set(SourceFiles
"${CMAKE_SOURCE_DIR}/cmake" "${CMAKE_SOURCE_DIR}/cmake"
@@ -15,9 +27,7 @@ include(CPackLists.txt)
add_custom_target(clear-certs add_custom_target(clear-certs
COMMAND rm -rf COMMAND rm -rf
certs/ certs/
isrg-root-x2.crt pki/
lets-encrypt-ca-bundle.crt
icp-brasil-ca-bundle.crt
) )
add_custom_target(certs add_custom_target(certs
@@ -26,14 +36,16 @@ add_custom_target(certs
--create-dirs --create-dirs
--output-dir certs --output-dir certs
-ksO < ${CMAKE_CURRENT_SOURCE_DIR}/sources -ksO < ${CMAKE_CURRENT_SOURCE_DIR}/sources
&& unzip -d certs certs/ACcompactado.zip && cd certs
&& (sha512sum -c --quiet ${HASH_FILE} || exit -1)
&& unzip ACcompactado.zip
DEPENDS DEPENDS
clear-certs clear-certs
) )
add_custom_target(isrg-root-x2.crt add_custom_target(isrg-root-x2.crt
COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/crt2bundle.sh COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/crt2bundle.sh
buildroot/share/pki/ca-trust-source/anchors/isrg-root-x2.crt pki/ca-trust-source/anchors/isrg-root-x2.crt
certs/isrg-root-x2.pem certs/isrg-root-x2.pem
DEPENDS DEPENDS
certs certs
@@ -41,7 +53,7 @@ add_custom_target(isrg-root-x2.crt
add_custom_target(lets-encrypt-ca-bundle.crt add_custom_target(lets-encrypt-ca-bundle.crt
COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/crt2bundle.sh COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/crt2bundle.sh
buildroot/share/pki/ca-trust-source/anchors/lets-encrypt-ca-bundle.crt pki/ca-trust-source/anchors/lets-encrypt-ca-bundle.crt
certs/lets-encrypt-e1.pem certs/lets-encrypt-e1.pem
certs/lets-encrypt-e2.pem certs/lets-encrypt-e2.pem
certs/lets-encrypt-r3.pem certs/lets-encrypt-r3.pem
@@ -52,26 +64,45 @@ add_custom_target(lets-encrypt-ca-bundle.crt
add_custom_target(icp-brasil-ca-bundle.crt add_custom_target(icp-brasil-ca-bundle.crt
COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/crt2bundle.sh COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/crt2bundle.sh
buildroot/share/pki/ca-trust-source/anchors/icp-brasil-ca-bundle.crt pki/ca-trust-source/anchors/icp-brasil-ca-bundle.crt
certs/*.crt certs/*.crt
DEPENDS DEPENDS
certs certs
) )
add_custom_target(archors ALL add_custom_target(anchors ALL
DEPENDS DEPENDS
isrg-root-x2.crt isrg-root-x2.crt
lets-encrypt-ca-bundle.crt lets-encrypt-ca-bundle.crt
icp-brasil-ca-bundle.crt icp-brasil-ca-bundle.crt
) )
# Checks which tool is used to update certificate keyring
find_program(UPDATE_CACERTS_TOOL
NAMES
update-ca-certificates
update-ca-trust
REQUIRED
)
message("-- Check for CA certificates update tool: ${UPDATE_CACERTS_TOOL}")
string(REGEX MATCH "update-ca-trust" P11KIT UPDATE_CACERTS_TOOL)
string(REGEX MATCH "update-ca-certificates" LEGACY UPDATE_CACERTS_TOOL)
# Set install destination directory according the used tool
if(DEFINED P11KIT)
set(CACERT_INSTALL_DIR "share/pki/ca-trust-source/anchors")
else()
set(CACERT_INSTALL_DIR "share/ca-certificates/extra")
endif()
message("-- Set install path to CA certificates: ${CACERT_INSTALL_DIR}")
install( install(
FILES FILES
${CMAKE_CURRENT_BINARY_DIR}/buildroot/share/pki/ca-trust-source/anchors/isrg-root-x2.crt ${CMAKE_CURRENT_BINARY_DIR}/pki/ca-trust-source/anchors/isrg-root-x2.crt
${CMAKE_CURRENT_BINARY_DIR}/buildroot/share/pki/ca-trust-source/anchors/lets-encrypt-ca-bundle.crt ${CMAKE_CURRENT_BINARY_DIR}/pki/ca-trust-source/anchors/lets-encrypt-ca-bundle.crt
${CMAKE_CURRENT_BINARY_DIR}/buildroot/share/pki/ca-trust-source/anchors/icp-brasil-ca-bundle.crt ${CMAKE_CURRENT_BINARY_DIR}/pki/ca-trust-source/anchors/icp-brasil-ca-bundle.crt
DESTINATION DESTINATION
./share/pki/ca-trust-source/anchors ${CMAKE_INSTALL_PREFIX}/${CACERT_INSTALL_DIR}
) )
# vim: ts=2:sw=2:sts=2:et # vim: ts=2:sw=2:sts=2:et

12
CPackLists.txt
View File

@@ -30,10 +30,16 @@ set(SourceIgnoreFiles
string(REPLACE "." "\\\." SourceIgnoreFiles "${SourceIgnoreFiles}") string(REPLACE "." "\\\." SourceIgnoreFiles "${SourceIgnoreFiles}")
string(REPLACE "/" "\\\/" SourceIgnoreFiles "${SourceIgnoreFiles}") string(REPLACE "/" "\\\/" SourceIgnoreFiles "${SourceIgnoreFiles}")
# Override install prefix for package target
string(REGEX REPLACE "^/(.*)" "\\1"
CPACK_PACKAGING_INSTALL_PREFIX "${CMAKE_INSTALL_PREFIX}"
)
set(CPACK_SET_DESTDIR ON)
set(CPACK_GENERATOR "TGZ") set(CPACK_GENERATOR "TGZ")
set(CPACK_TOPLEVEL_TAG "") set(CPACK_PACKAGE_TOPLEVEL_TAG "noarch")
set(CPACK_INCLUDE_TOPLEVEL_DIRECTORY 0) set(CPACK_INCLUDE_TOPLEVEL_DIRECTORY 0)
set(CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${PROJECT_VERSION}") set(CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${PROJECT_VERSION}.${CPACK_PACKAGE_TOPLEVEL_TAG}")
set(CPACK_IGNORE_FILES "${SourceIgnoreFiles}") set(CPACK_IGNORE_FILES "${SourceIgnoreFiles}")
set(CPACK_OUTPUT_CONFIG_FILE "${PROJECT_BINARY_DIR}/CPackConfig.cmake") set(CPACK_OUTPUT_CONFIG_FILE "${PROJECT_BINARY_DIR}/CPackConfig.cmake")
configure_file( configure_file(
@@ -63,7 +69,7 @@ add_custom_target(sdist
USES_TERMINAL USES_TERMINAL
) )
add_custom_target(dist add_custom_target(bdist
COMMAND "${CMAKE_COMMAND}" COMMAND "${CMAKE_COMMAND}"
--build "${CMAKE_BINARY_DIR}" --build "${CMAKE_BINARY_DIR}"
--target package --target package