Author: twerner Date: 2011-08-16 09:04:53 +0000 (Tue, 16 Aug 2011) New Revision: 14200
Added: tags/ca-certificates-java/20110816/ tags/ca-certificates-java/20110816/debian/changelog tags/ca-certificates-java/20110816/debian/control tags/ca-certificates-java/20110816/debian/jks-keystore.hook Removed: tags/ca-certificates-java/20110816/debian/changelog tags/ca-certificates-java/20110816/debian/control tags/ca-certificates-java/20110816/debian/jks-keystore.hook Log: [svn-buildpackage] Tagging ca-certificates-java 20110816 Deleted: tags/ca-certificates-java/20110816/debian/changelog =================================================================== --- trunk/ca-certificates-java/debian/changelog 2011-08-16 04:24:16 UTC (rev 14195) +++ tags/ca-certificates-java/20110816/debian/changelog 2011-08-16 09:04:53 UTC (rev 14200) @@ -1,131 +0,0 @@ -ca-certificates-java (20110531) unstable; urgency=low - - * Prepare for multiarch libnss3 update. - - -- Matthias Klose <d...@ubuntu.com> Tue, 31 May 2011 15:20:52 +0200 - -ca-certificates-java (20110426) unstable; urgency=low - - * Test for existing file in postinst before copying it. (Closes: #624152) - * Add Vcs headers to debian/control. - - -- Torsten Werner <twer...@debian.org> Tue, 26 Apr 2011 09:23:03 +0200 - -ca-certificates-java (20110425) unstable; urgency=low - - * Add Java code to update the keystore and support UTF-8 encoded filenames. - (Closes: #607245, #623671) - * Change Maintainer to Debian Java Maintainers and add myself to Uploaders. - * Update Build-Depends. - * Replace old inconsistent keystore aliases. (Closes: #623888) - * Add support for openjdk-7 and remove support for old cacao VM. - * Add a NEWS file explaining the update. - * Update README.Debian. - - -- Torsten Werner <twer...@debian.org> Mon, 25 Apr 2011 15:28:55 +0200 - -ca-certificates-java (20100412) unstable; urgency=low - - * Upload to unstable. - - -- Matthias Klose <d...@ubuntu.com> Mon, 12 Apr 2010 03:15:47 +0200 - -ca-certificates-java (20100406ubuntu1) lucid; urgency=low - - * Make the installation and import of certificates more robust, - if the NSS based security provider is disabled or not built. - - -- Matthias Klose <d...@ubuntu.com> Sun, 11 Apr 2010 20:54:43 +0200 - -ca-certificates-java (20100406) unstable; urgency=low - - * Explicitely fail the installation, if /proc is not mounted. - Currently required by the java tools, changed in OpenJDK7. - Closes: #576453. LP: #556044. - * Print name of JVM in case of errors. - * Set priority to optional, set section to java. Closes: #566855. - * Remove /etc/ssl/certs on package purge, if empty. Closes: #566853. - - -- Matthias Klose <d...@debian.org> Tue, 06 Apr 2010 21:41:39 +0200 - -ca-certificates-java (20091021) unstable; urgency=low - - * Clarify output for keytool errors (although it shouldnn't be - necessary anymore). Closes: #540490. - - -- Matthias Klose <d...@ubuntu.com> Wed, 21 Oct 2009 22:00:53 +0200 - -ca-certificates-java (20090928) karmic; urgency=low - - * Rebuild with OpenJDK supporting PKCS11 cryptography, rebuild with - ca-certificates 20090814. - - -- Matthias Klose <d...@ubuntu.com> Mon, 28 Sep 2009 16:47:09 +0200 - -ca-certificates-java (20090629) unstable; urgency=low - - * debian/rules, debian/postinst, debian/jks-keystore.hook: Filter out - SHA384withECDSA certificates since keytool won't support them. - LP: #392104, closes: #534520. - * Fix typo in hook. Closes: #534533. - * Use java6-runtime-headless as alternative dependency. Closes: #512293. - - -- Matthias Klose <d...@ubuntu.com> Mon, 29 Jun 2009 11:27:59 +0200 - -ca-certificates-java (20081028) unstable; urgency=low - - * Ignore LANG and LC_ALL setting when running keytool. LP: #289934. - - -- Matthias Klose <d...@debian.org> Tue, 28 Oct 2008 07:20:16 +0100 - -ca-certificates-java (20081027) unstable; urgency=medium - - * Merge from Ubuntu: - - Don't try to import certificates, which are listed in - /etc/ca-certificates.conf, but not available on the system. - Just warn about those. LP: #289091. - - Need to run keytool, when the jre is unpacked, but not yet configured. - Create a temporary jvm.cfg for the time in that postinst and the - jks-keystore.hook are run, and remove it afterwards. LP: #289199. - - -- Matthias Klose <d...@debian.org> Mon, 27 Oct 2008 13:58:14 +0100 - -ca-certificates-java (20081024) unstable; urgency=low - - * Install /etc/default/cacerts with mode 600. - - -- Matthias Klose <d...@debian.org> Fri, 24 Oct 2008 15:10:48 +0200 - -ca-certificates-java (20081022) unstable; urgency=low - - * debian/jks-keystore.hook: - - Don't stop after first error during the update. LP: #244412. - Closes: #489748. - - Call keytool with -noprompt. - * On initial install, add locally added certificates. LP: #244410. - Closes: #489748. - * Install /etc/default/cacerts to set options: - - storepass, holding the password for the keystore. - - updates, to enable/disable updates of the keystore. - * Only use the keytool command from OpenJDK or Sun Java. Closes: #496587. - - -- Matthias Klose <d...@ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200 - -ca-certificates-java (20080712) unstable; urgency=low - - * Upload to main. - - -- Matthias Klose <d...@ubuntu.com> Sat, 12 Jul 2008 12:19:00 +0200 - -ca-certificates-java (20080711) unstable; urgency=low - - * debian/jks-keystore.hook: Fix typo. Closes: #489747, LP: #244408. - - -- Matthias Klose <d...@ubuntu.com> Fri, 11 Jul 2008 20:38:04 +0200 - -ca-certificates-java (20080514) unstable; urgency=low - - * Initial release. - - -- Matthias Klose <d...@ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000 - Copied: tags/ca-certificates-java/20110816/debian/changelog (from rev 14198, trunk/ca-certificates-java/debian/changelog) =================================================================== --- tags/ca-certificates-java/20110816/debian/changelog (rev 0) +++ tags/ca-certificates-java/20110816/debian/changelog 2011-08-16 09:04:53 UTC (rev 14200) @@ -0,0 +1,139 @@ +ca-certificates-java (20110816) unstable; urgency=low + + * Upgrade Recommends: libnss3-1d to a versioned Depends due to multiarch + changes. (Closes: #635571) + * Use the locale C.UTF-8 for the hook script to be more robust. + + -- Torsten Werner <twer...@debian.org> Tue, 16 Aug 2011 11:00:33 +0200 + +ca-certificates-java (20110531) unstable; urgency=low + + * Prepare for multiarch libnss3 update. + + -- Matthias Klose <d...@ubuntu.com> Tue, 31 May 2011 15:20:52 +0200 + +ca-certificates-java (20110426) unstable; urgency=low + + * Test for existing file in postinst before copying it. (Closes: #624152) + * Add Vcs headers to debian/control. + + -- Torsten Werner <twer...@debian.org> Tue, 26 Apr 2011 09:23:03 +0200 + +ca-certificates-java (20110425) unstable; urgency=low + + * Add Java code to update the keystore and support UTF-8 encoded filenames. + (Closes: #607245, #623671) + * Change Maintainer to Debian Java Maintainers and add myself to Uploaders. + * Update Build-Depends. + * Replace old inconsistent keystore aliases. (Closes: #623888) + * Add support for openjdk-7 and remove support for old cacao VM. + * Add a NEWS file explaining the update. + * Update README.Debian. + + -- Torsten Werner <twer...@debian.org> Mon, 25 Apr 2011 15:28:55 +0200 + +ca-certificates-java (20100412) unstable; urgency=low + + * Upload to unstable. + + -- Matthias Klose <d...@ubuntu.com> Mon, 12 Apr 2010 03:15:47 +0200 + +ca-certificates-java (20100406ubuntu1) lucid; urgency=low + + * Make the installation and import of certificates more robust, + if the NSS based security provider is disabled or not built. + + -- Matthias Klose <d...@ubuntu.com> Sun, 11 Apr 2010 20:54:43 +0200 + +ca-certificates-java (20100406) unstable; urgency=low + + * Explicitely fail the installation, if /proc is not mounted. + Currently required by the java tools, changed in OpenJDK7. + Closes: #576453. LP: #556044. + * Print name of JVM in case of errors. + * Set priority to optional, set section to java. Closes: #566855. + * Remove /etc/ssl/certs on package purge, if empty. Closes: #566853. + + -- Matthias Klose <d...@debian.org> Tue, 06 Apr 2010 21:41:39 +0200 + +ca-certificates-java (20091021) unstable; urgency=low + + * Clarify output for keytool errors (although it shouldnn't be + necessary anymore). Closes: #540490. + + -- Matthias Klose <d...@ubuntu.com> Wed, 21 Oct 2009 22:00:53 +0200 + +ca-certificates-java (20090928) karmic; urgency=low + + * Rebuild with OpenJDK supporting PKCS11 cryptography, rebuild with + ca-certificates 20090814. + + -- Matthias Klose <d...@ubuntu.com> Mon, 28 Sep 2009 16:47:09 +0200 + +ca-certificates-java (20090629) unstable; urgency=low + + * debian/rules, debian/postinst, debian/jks-keystore.hook: Filter out + SHA384withECDSA certificates since keytool won't support them. + LP: #392104, closes: #534520. + * Fix typo in hook. Closes: #534533. + * Use java6-runtime-headless as alternative dependency. Closes: #512293. + + -- Matthias Klose <d...@ubuntu.com> Mon, 29 Jun 2009 11:27:59 +0200 + +ca-certificates-java (20081028) unstable; urgency=low + + * Ignore LANG and LC_ALL setting when running keytool. LP: #289934. + + -- Matthias Klose <d...@debian.org> Tue, 28 Oct 2008 07:20:16 +0100 + +ca-certificates-java (20081027) unstable; urgency=medium + + * Merge from Ubuntu: + - Don't try to import certificates, which are listed in + /etc/ca-certificates.conf, but not available on the system. + Just warn about those. LP: #289091. + - Need to run keytool, when the jre is unpacked, but not yet configured. + Create a temporary jvm.cfg for the time in that postinst and the + jks-keystore.hook are run, and remove it afterwards. LP: #289199. + + -- Matthias Klose <d...@debian.org> Mon, 27 Oct 2008 13:58:14 +0100 + +ca-certificates-java (20081024) unstable; urgency=low + + * Install /etc/default/cacerts with mode 600. + + -- Matthias Klose <d...@debian.org> Fri, 24 Oct 2008 15:10:48 +0200 + +ca-certificates-java (20081022) unstable; urgency=low + + * debian/jks-keystore.hook: + - Don't stop after first error during the update. LP: #244412. + Closes: #489748. + - Call keytool with -noprompt. + * On initial install, add locally added certificates. LP: #244410. + Closes: #489748. + * Install /etc/default/cacerts to set options: + - storepass, holding the password for the keystore. + - updates, to enable/disable updates of the keystore. + * Only use the keytool command from OpenJDK or Sun Java. Closes: #496587. + + -- Matthias Klose <d...@ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200 + +ca-certificates-java (20080712) unstable; urgency=low + + * Upload to main. + + -- Matthias Klose <d...@ubuntu.com> Sat, 12 Jul 2008 12:19:00 +0200 + +ca-certificates-java (20080711) unstable; urgency=low + + * debian/jks-keystore.hook: Fix typo. Closes: #489747, LP: #244408. + + -- Matthias Klose <d...@ubuntu.com> Fri, 11 Jul 2008 20:38:04 +0200 + +ca-certificates-java (20080514) unstable; urgency=low + + * Initial release. + + -- Matthias Klose <d...@ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000 + Deleted: tags/ca-certificates-java/20110816/debian/control =================================================================== --- trunk/ca-certificates-java/debian/control 2011-08-16 04:24:16 UTC (rev 14195) +++ tags/ca-certificates-java/20110816/debian/control 2011-08-16 09:04:53 UTC (rev 14200) @@ -1,17 +0,0 @@ -Source: ca-certificates-java -Section: java -Priority: optional -Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> -Uploaders: Matthias Klose <d...@ubuntu.com>, Torsten Werner <twer...@debian.org> -Build-Depends: debhelper (>= 6), default-jdk -Standards-Version: 3.8.4 -Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/ca-certificates-java -Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/ca-certificates-java/ - -Package: ca-certificates-java -Architecture: all -Depends: ca-certificates (>= 20090814), openjdk-6-jre-headless (>= 6b16-1.6.1-2) | java6-runtime-headless, ${misc:Depends} -Recommends: libnss3-1d -Description: Common CA certificates (JKS keystore) - This package uses the hooks of the ca-certificates package to update the - cacerts JKS keystore used for many java runtimes. Copied: tags/ca-certificates-java/20110816/debian/control (from rev 14196, trunk/ca-certificates-java/debian/control) =================================================================== --- tags/ca-certificates-java/20110816/debian/control (rev 0) +++ tags/ca-certificates-java/20110816/debian/control 2011-08-16 09:04:53 UTC (rev 14200) @@ -0,0 +1,18 @@ +Source: ca-certificates-java +Section: java +Priority: optional +Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> +Uploaders: Matthias Klose <d...@ubuntu.com>, Torsten Werner <twer...@debian.org> +Build-Depends: debhelper (>= 6), default-jdk +Standards-Version: 3.8.4 +Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/ca-certificates-java +Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/ca-certificates-java/ + +Package: ca-certificates-java +Architecture: all +Depends: ca-certificates (>= 20090814), openjdk-6-jre-headless (>= 6b16-1.6.1-2) | java6-runtime-headless, ${misc:Depends}, libnss3-1d (>= 3.12.10-2~) +# We need a versioned Depends due to multiarch changes (bug #635571). +#Recommends: libnss3-1d +Description: Common CA certificates (JKS keystore) + This package uses the hooks of the ca-certificates package to update the + cacerts JKS keystore used for many java runtimes. Deleted: tags/ca-certificates-java/20110816/debian/jks-keystore.hook =================================================================== --- trunk/ca-certificates-java/debian/jks-keystore.hook 2011-08-16 04:24:16 UTC (rev 14195) +++ tags/ca-certificates-java/20110816/debian/jks-keystore.hook 2011-08-16 09:04:53 UTC (rev 14200) @@ -1,63 +0,0 @@ -#! /bin/sh - -set -e - -storepass='changeit' -if [ -f /etc/default/cacerts ]; then - . /etc/default/cacerts -fi - -echo "" -if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then - echo "updates of cacerts keystore disabled." - exit 0 -fi - -if ! mountpoint -q /proc; then - echo >&2 "the keytool command requires a mounted proc fs (/proc)." - exit 1 -fi - -for jvm in java-6-openjdk java-7-openjdk java-6-sun; do - if [ -x /usr/lib/jvm/$jvm/bin/java ]; then - break - fi -done -export JAVA_HOME=/usr/lib/jvm/$jvm -PATH=$JAVA_HOME/bin:$PATH - -temp_jvm_cfg= -if [ ! -f /etc/$jvm/jvm.cfg ]; then - # the jre is not yet configured, but jvm.cfg is needed to run it - temp_jvm_cfg=/etc/$jvm/jvm.cfg - mkdir -p /etc/$jvm - printf -- "-server KNOWN\n" > $temp_jvm_cfg -fi - -if which dpkg-query --version >/dev/null; then - nsspkg=$(dpkg-query -L libnss3 | sed -n 's,\(.*\)/libnss3\.so$,\1,p') - nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/$jvm/security/nss.cfg) - if [ "$nsspkg" != "$nssjdk" ]; then - ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so - fi -fi - -do_cleanup() -{ - [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg - if [ "$nsspkg" != "$nssjdk" ]; then - rm -f $nssjdk/libnss3.so - fi -} - -CLASSPATH=/usr/share/ca-certificates-java -export CLASSPATH - -if java UpdateCertificates -storepass "$storepass"; then - do_cleanup -else - do_cleanup - exit 1 -fi - -echo "done." Copied: tags/ca-certificates-java/20110816/debian/jks-keystore.hook (from rev 14198, trunk/ca-certificates-java/debian/jks-keystore.hook) =================================================================== --- tags/ca-certificates-java/20110816/debian/jks-keystore.hook (rev 0) +++ tags/ca-certificates-java/20110816/debian/jks-keystore.hook 2011-08-16 09:04:53 UTC (rev 14200) @@ -0,0 +1,68 @@ +#! /bin/sh + +set -e + +# use the locale C.UTF-8 +unset LC_ALL +LC_CTYPE=C.UTF-8 +export LC_CTYPE + +storepass='changeit' +if [ -f /etc/default/cacerts ]; then + . /etc/default/cacerts +fi + +echo "" +if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then + echo "updates of cacerts keystore disabled." + exit 0 +fi + +if ! mountpoint -q /proc; then + echo >&2 "the keytool command requires a mounted proc fs (/proc)." + exit 1 +fi + +for jvm in java-6-openjdk java-7-openjdk java-6-sun; do + if [ -x /usr/lib/jvm/$jvm/bin/java ]; then + break + fi +done +export JAVA_HOME=/usr/lib/jvm/$jvm +PATH=$JAVA_HOME/bin:$PATH + +temp_jvm_cfg= +if [ ! -f /etc/$jvm/jvm.cfg ]; then + # the jre is not yet configured, but jvm.cfg is needed to run it + temp_jvm_cfg=/etc/$jvm/jvm.cfg + mkdir -p /etc/$jvm + printf -- "-server KNOWN\n" > $temp_jvm_cfg +fi + +if which dpkg-query --version >/dev/null; then + nsspkg=$(dpkg-query -L libnss3 | sed -n 's,\(.*\)/libnss3\.so$,\1,p') + nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/$jvm/security/nss.cfg) + if [ "$nsspkg" != "$nssjdk" ]; then + ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so + fi +fi + +do_cleanup() +{ + [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg + if [ "$nsspkg" != "$nssjdk" ]; then + rm -f $nssjdk/libnss3.so + fi +} + +CLASSPATH=/usr/share/ca-certificates-java +export CLASSPATH + +if java UpdateCertificates -storepass "$storepass"; then + do_cleanup +else + do_cleanup + exit 1 +fi + +echo "done." _______________________________________________ pkg-java-commits mailing list pkg-java-comm...@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits