commit ca-certificates for openSUSE:Factory

2020-10-08 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2020-10-08 13:07:33

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new.4249 (New)


Package is "ca-certificates"

Thu Oct  8 13:07:33 2020 rev:46 rq:839158 version:2+git20201002.34daf7f

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2020-04-23 18:29:29.259978692 +0200
+++ 
/work/SRC/openSUSE:Factory/.ca-certificates.new.4249/ca-certificates.changes
2020-10-08 13:08:47.774988394 +0200
@@ -1,0 +2,6 @@
+Fri Oct 02 12:53:48 UTC 2020 - lnus...@suse.de
+
+- Update to version 2+git20201002.34daf7f:
+  * Use relative symlink for /etc/ssl/certs (boo#1175340)
+
+---

Old:

  ca-certificates-2+git20200129.d1a437d.tar.xz

New:

  ca-certificates-2+git20201002.34daf7f.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.m9VDgK/_old  2020-10-08 13:08:48.478989032 +0200
+++ /var/tmp/diff_new_pack.m9VDgK/_new  2020-10-08 13:08:48.482989035 +0200
@@ -28,7 +28,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:2+git20200129.d1a437d
+Version:2+git20201002.34daf7f
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0-or-later
@@ -75,7 +75,7 @@
 install -d -m 555 %{buildroot}/var/lib/ca-certificates/pem
 install -d -m 555 %{buildroot}/var/lib/ca-certificates/openssl
 install -d -m 755 %{buildroot}/%{_prefix}/lib/systemd/system
-ln -s /var/lib/ca-certificates/pem %{buildroot}%{sslcerts}
+ln -s ../../var/lib/ca-certificates/pem %{buildroot}%{sslcerts}
 %if %{with cabundle}
 install -D -m 644 /dev/null %{buildroot}/%{cabundle}
 ln -s %{cabundle} %{buildroot}%{ssletcdir}/ca-bundle.pem

++ _servicedata ++
--- /var/tmp/diff_new_pack.m9VDgK/_old  2020-10-08 13:08:48.566989112 +0200
+++ /var/tmp/diff_new_pack.m9VDgK/_new  2020-10-08 13:08:48.566989112 +0200
@@ -1,4 +1,4 @@
 
 
 http://github.com/openSUSE/ca-certificates.git
-  f43b65956825ea1332e2145bcca2972541730f69
\ No newline at end of file
+  34daf7f649d3f21dff3ecaabcc8315534eacd7d2
\ No newline at end of file

++ ca-certificates-2+git20200129.d1a437d.tar.xz -> 
ca-certificates-2+git20201002.34daf7f.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-2+git20200129.d1a437d/etc_ssl.run 
new/ca-certificates-2+git20201002.34daf7f/etc_ssl.run
--- old/ca-certificates-2+git20200129.d1a437d/etc_ssl.run   2020-01-29 
17:58:00.0 +0100
+++ new/ca-certificates-2+git20201002.34daf7f/etc_ssl.run   2020-10-02 
14:52:37.0 +0200
@@ -48,10 +48,10 @@
 trust extract --purpose=server-auth --filter=ca-anchors 
--format=pem-directory-hash -f "$pemdir"
 
 # fix up /etc/ssl/certs if it's not a link pointing to 
/var/lib/ca-certificates/pem
-if ! [ -L "$etccertsdir" -a "`readlink $etccertsdir`" = "$pemdir" ]; then
-echo "Warning: $etccertsdir needs to be a link to $pemdir, fixing" >&2
+if ! [ -L "$etccertsdir" -a "`readlink $etccertsdir`" = "../..$pemdir" ]; then
+echo "Warning: $etccertsdir needs to be a link to ../..$pemdir, fixing" >&2
 if [ -d "$etccertsdir" ]; then
mv -Tv --backup=numbered "$etccertsdir" "$etccertsdir.old"
 fi
-ln -Tsv --backup=numbered "$pemdir" "$etccertsdir"
+ln -Tsv --backup=numbered "../..$pemdir" "$etccertsdir"
 fi




commit ca-certificates for openSUSE:Factory

2020-04-23 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2020-04-23 18:29:20

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new.2738 (New)


Package is "ca-certificates"

Thu Apr 23 18:29:20 2020 rev:45 rq:796051 version:2+git20200129.d1a437d

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2020-02-25 16:00:37.259969148 +0100
+++ 
/work/SRC/openSUSE:Factory/.ca-certificates.new.2738/ca-certificates.changes
2020-04-23 18:29:29.259978692 +0200
@@ -1,0 +2,7 @@
+Wed Apr 15 09:35:06 UTC 2020 - Thorsten Kukuk 
+
+- Remove old migration code, we don't support migration from such
+  old products anymore.
+- Use file requires to support busybox container if possible
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.hRYIwI/_old  2020-04-23 18:29:29.811979748 +0200
+++ /var/tmp/diff_new_pack.hRYIwI/_new  2020-04-23 18:29:29.815979756 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -35,20 +35,16 @@
 Group:  Productivity/Networking/Security
 Source0:ca-certificates-%{version}.tar.xz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
-Url:https://github.com/openSUSE/ca-certificates
+URL:https://github.com/openSUSE/ca-certificates
 #
-Requires:   coreutils
+Requires:   /usr/bin/readlink
 Requires:   findutils
 Requires:   p11-kit
 Requires:   p11-kit-tools >= 0.23.1
 Requires:   openssl(cli)
 # needed for post
-Requires(post): coreutils findutils p11-kit-tools
+Requires(post): p11-kit-tools findutils /usr/bin/readlink
 Recommends: ca-certificates-mozilla
-# we need to obsolete openssl-certs to make sure it's files are
-# gone when a package providing actual certificates gets
-# installed (bnc#594434).
-Obsoletes:  openssl-certs
 # no need for a separate Java package anymore. The bundle is
 # created by C code.
 Obsoletes:  java-ca-certificates = 1
@@ -94,51 +90,10 @@
 mv %{buildroot}/%{_prefix}/lib/ca-certificates/update.d/{,99}certbundle.run
 
 %pre
-# migrate /etc/ssl/certs to a symlink
-if [ "$1" -ne 0 -a -d %{sslcerts} -a ! -L %{sslcerts} ]; then
-   # copy custom pem files to new location (bnc#875647)
-   mkdir -p /etc/pki/trust/anchors
-   for cert in %{sslcerts}/*.pem; do
-   test -f "$cert" -a ! -L "$cert" || continue
-   read firstline < "$cert"
-   # skip package provided certificates (bnc#875647)
-   if test "${firstline#\# generated by }" != "${firstline}" || 
rpm -qf "$cert" > /dev/null; then
-   continue
-   fi
-   # create a p11-kit header that set the label of
-   # the certificate to the file name. That ensures
-   # that the certificate gets the same name in
-   # /etc/ssl/certs as before
-   bn="${cert##*/}"
-   (
-   cat <<-EOF
-   # created by update-ca-certificates from
-   # $cert
-   [p11-kit-object-v1]
-   class: certificate
-   label: "${bn%.pem}"
-   trusted: true
-   EOF
-   cat $cert
-   ) > "/etc/pki/trust/$bn"
-   done
-   mv -T --backup=numbered %{sslcerts} %{sslcerts}.rpmsave && ln -s 
/var/lib/ca-certificates/pem %{sslcerts}
-fi
 %service_add_pre ca-certificates.path ca-certificates.service
 
 %post
-if [ -s /etc/ca-certificates.conf ]; then
-   while read line; do
-   [ ${line#\!} != "$line"  ] || continue
-   cert="${line#\!*/}"
-   ln -s /usr/share/ca-certificates/anchors/"$cert" 
%{trustdir_cfg}/blacklist
-   done < /etc/ca-certificates.conf
-   echo "/etc/ca-certificates.conf converted and saved as 
/etc/ca-certificates.conf.rpmsave"
-   mv /etc/ca-certificates.conf /etc/ca-certificates.conf.rpmsave
-fi
 # force rebuilding all certificate stores.
-# This also makes sure we update the hash links in /etc/ssl/certs
-# as openssl changed the hash format between 0.9.8 and 1.0
 update-ca-certificates -f || true
 %service_add_post ca-certificates.path ca-certificates.service
 




commit ca-certificates for openSUSE:Factory

2020-02-25 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2020-02-25 16:00:31

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new.26092 (New)


Package is "ca-certificates"

Tue Feb 25 16:00:31 2020 rev:44 rq:777924 version:2+git20200129.d1a437d

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2018-10-01 09:02:47.516029090 +0200
+++ 
/work/SRC/openSUSE:Factory/.ca-certificates.new.26092/ca-certificates.changes   
2020-02-25 16:00:37.259969148 +0100
@@ -1,0 +2,8 @@
+Wed Jan 29 16:58:22 UTC 2020 - lnus...@suse.de
+
+- Update to version 2+git20200129.d1a437d:
+  * rewrite in bash
+  * java.run: don't set LANG=en_US
+- no longer require openssl, it's all done by p11-kit
+
+---

Old:

  ca-certificates-2+git20170807.10b2785.tar.xz

New:

  ca-certificates-2+git20200129.d1a437d.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.rQSYgJ/_old  2020-02-25 16:00:38.803973767 +0100
+++ /var/tmp/diff_new_pack.rQSYgJ/_new  2020-02-25 16:00:38.803973767 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -22,14 +22,13 @@
 # on top of gnutls that we have to live with the bundle for now
 %bcond_without cabundle
 
-BuildRequires:  openssl
 BuildRequires:  p11-kit-devel
 
 Name:   ca-certificates
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:2+git20170807.10b2785
+Version:2+git20200129.d1a437d
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0-or-later
@@ -38,11 +37,13 @@
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 Url:https://github.com/openSUSE/ca-certificates
 #
+Requires:   coreutils
+Requires:   findutils
 Requires:   p11-kit
 Requires:   p11-kit-tools >= 0.23.1
 Requires:   openssl(cli)
 # needed for post
-Requires(post): coreutils openssl p11-kit-tools
+Requires(post): coreutils findutils p11-kit-tools
 Recommends: ca-certificates-mozilla
 # we need to obsolete openssl-certs to make sure it's files are
 # gone when a package providing actual certificates gets
@@ -165,6 +166,7 @@
 %dir %{trustdir_static}
 %dir %{trustdir_static}/anchors
 %dir %{trustdir_static}/blacklist
+%dir %ssletcdir
 %sslcerts
 %ghost /var/lib/ca-certificates/java-cacerts
 %dir /etc/ca-certificates

++ _servicedata ++
--- /var/tmp/diff_new_pack.rQSYgJ/_old  2020-02-25 16:00:38.883974006 +0100
+++ /var/tmp/diff_new_pack.rQSYgJ/_new  2020-02-25 16:00:38.887974018 +0100
@@ -1,4 +1,4 @@
 
 
 http://github.com/openSUSE/ca-certificates.git
-  10b278586d2378e25d5cc9463be84c29725aa918
\ No newline at end of file
+  f43b65956825ea1332e2145bcca2972541730f69
\ No newline at end of file

++ ca-certificates-2+git20170807.10b2785.tar.xz -> 
ca-certificates-2+git20200129.d1a437d.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-2+git20170807.10b2785/etc_ssl.run 
new/ca-certificates-2+git20200129.d1a437d/etc_ssl.run
--- old/ca-certificates-2+git20170807.10b2785/etc_ssl.run   2017-08-07 
15:57:31.0 +0200
+++ new/ca-certificates-2+git20200129.d1a437d/etc_ssl.run   2020-01-29 
17:58:00.0 +0100
@@ -1,7 +1,8 @@
-#!/usr/bin/perl -w
-# vim:syntax=perl
+#!/bin/bash -e
+# vim:syntax=sh
 #
 # Copyright (c) 2010,2013 SUSE Linux Products GmbH
+# Copyright (c) 2020 SUSE LLC
 # Author: Ludwig Nussel
 #
 # update /etc/ssl/certs for compatibility with legacy applications
@@ -22,114 +23,35 @@
 # USA.
 #
 
-use strict;
+etccertsdir="/etc/ssl/certs"
+pemdir="/var/lib/ca-certificates/pem"
 
-use File::Basename;
-use Getopt::Long;
-
-my $etccertsdir = "/etc/ssl/certs";
-my $pemdir = "/var/lib/ca-certificates/pem";
-my $foundignored;
-
-my (%added, %removed);
-
-my %options;
-
-sub startswith($$)
-{
-   return $_[1] eq substr($_[0], 0, length($_[1]));
-}
-
-sub targetfilename($)
-{
-   my $t = $etccertsdir.'/'.basename($_[0]);
-   return $t;
-}
-
-sub addcert($)
-{
-   my $f = $_[0];
-   my $t = targetfilename($f);
-   if (-l $t) {
-   my $d = readlink($t);
-   return if ($d && $d eq 

commit ca-certificates for openSUSE:Factory

2018-10-01 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2018-10-01 09:02:45

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Mon Oct  1 09:02:45 2018 rev:43 rq:637028 version:2+git20170807.10b2785

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2018-03-24 16:11:53.767033003 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2018-10-01 09:02:47.516029090 +0200
@@ -1,0 +2,6 @@
+Thu Sep 20 18:23:03 UTC 2018 - Jason Sikes 
+
+- Changed "openssl" requirement to "openssl(cli)"
+  * (bsc#1101470)
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.sOed4H/_old  2018-10-01 09:02:48.064028614 +0200
+++ /var/tmp/diff_new_pack.sOed4H/_new  2018-10-01 09:02:48.068028610 +0200
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
@@ -38,9 +38,9 @@
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 Url:https://github.com/openSUSE/ca-certificates
 #
-Requires:   openssl
 Requires:   p11-kit
 Requires:   p11-kit-tools >= 0.23.1
+Requires:   openssl(cli)
 # needed for post
 Requires(post): coreutils openssl p11-kit-tools
 Recommends: ca-certificates-mozilla




commit ca-certificates for openSUSE:Factory

2018-03-24 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2018-03-24 16:11:52

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Sat Mar 24 16:11:52 2018 rev:42 rq:589226 version:2+git20170807.10b2785

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2017-12-23 12:17:13.754186727 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2018-03-24 16:11:53.767033003 +0100
@@ -1,0 +2,5 @@
+Tue Mar 20 13:39:33 CET 2018 - ku...@suse.de
+
+- Use %license instead of %doc [bsc#1082318]
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.rRghkK/_old  2018-03-24 16:11:54.547004886 +0100
+++ /var/tmp/diff_new_pack.rRghkK/_new  2018-03-24 16:11:54.551004743 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -32,7 +32,7 @@
 Version:2+git20170807.10b2785
 Release:0
 Summary:Utilities for system wide CA certificate installation
-License:GPL-2.0+
+License:GPL-2.0-or-later
 Group:  Productivity/Networking/Security
 Source0:ca-certificates-%{version}.tar.xz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
@@ -155,7 +155,8 @@
 
 %files
 %defattr(-, root, root)
-%doc COPYING README
+%license COPYING
+%doc README
 %dir %{pkidir_cfg}
 %dir %{trustdir_cfg}
 %dir %{trustdir_cfg}/anchors




commit ca-certificates for openSUSE:Factory

2017-12-23 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2017-12-23 12:17:12

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Sat Dec 23 12:17:12 2017 rev:41 rq:557981 version:2+git20170807.10b2785

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2017-12-09 20:25:27.979326713 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2017-12-23 12:17:13.754186727 +0100
@@ -1,0 +2,6 @@
+Thu Dec 14 17:22:55 CET 2017 - ku...@suse.de
+
+- Revert last change since we fixed systemd-preset-branding and
+  this requires is no longer needed.
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.FUZK0r/_old  2017-12-23 12:17:14.454152597 +0100
+++ /var/tmp/diff_new_pack.FUZK0r/_new  2017-12-23 12:17:14.458152402 +0100
@@ -53,7 +53,6 @@
 Obsoletes:  java-ca-certificates = 1
 Provides:   java-ca-certificates = %version-%release
 BuildArch:  noarch
-%{?systemd_requires}
 
 %description
 Update-ca-certificates is intended to keep the certificate stores of




commit ca-certificates for openSUSE:Factory

2017-12-09 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2017-12-09 20:25:24

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Sat Dec  9 20:25:24 2017 rev:40 rq:555175 version:2+git20170807.10b2785

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2017-11-30 12:41:25.238580384 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2017-12-09 20:25:27.979326713 +0100
@@ -1,0 +2,6 @@
+Fri Dec  8 07:20:49 UTC 2017 - ku...@suse.com
+
+- Re-add systemd requires, else package will be installed to early
+  and services never enabled [bsc#1071776].
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.2jdxIa/_old  2017-12-09 20:25:28.571298518 +0100
+++ /var/tmp/diff_new_pack.2jdxIa/_new  2017-12-09 20:25:28.575298327 +0100
@@ -53,6 +53,7 @@
 Obsoletes:  java-ca-certificates = 1
 Provides:   java-ca-certificates = %version-%release
 BuildArch:  noarch
+%{?systemd_requires}
 
 %description
 Update-ca-certificates is intended to keep the certificate stores of




commit ca-certificates for openSUSE:Factory

2017-11-30 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2017-11-30 12:41:22

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Thu Nov 30 12:41:22 2017 rev:39 rq:545252 version:2+git20170807.10b2785

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2017-08-12 20:01:24.132922080 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2017-11-30 12:41:25.238580384 +0100
@@ -1,0 +2,8 @@
+Thu Nov 23 16:03:55 CET 2017 - ku...@suse.de
+
+- Don't require systemd, since we could be used in environments
+  like container images, where we don't have systemd. If systemd
+  is installed the systemd units will be used, else they are not
+  needed.
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.ZlvEpi/_old  2017-11-30 12:41:26.462535883 +0100
+++ /var/tmp/diff_new_pack.ZlvEpi/_new  2017-11-30 12:41:26.470535592 +0100
@@ -53,7 +53,6 @@
 Obsoletes:  java-ca-certificates = 1
 Provides:   java-ca-certificates = %version-%release
 BuildArch:  noarch
-%{?systemd_requires}
 
 %description
 Update-ca-certificates is intended to keep the certificate stores of




commit ca-certificates for openSUSE:Factory

2017-08-12 Thread root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2017-08-12 20:01:20

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Sat Aug 12 20:01:20 2017 rev:38 rq:515015 version:2+git20170807.10b2785

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2015-11-17 14:20:24.0 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2017-08-12 20:01:24.132922080 +0200
@@ -1,0 +2,14 @@
+Mon Aug 07 13:58:01 UTC 2017 - lnus...@suse.de
+
+- Update to version 2+git20170807.10b2785:
+  * Check TRANSACTIONAL_UPDATE is set (boo#1045942)
+  * Add systemd units
+
+---
+Mon Jun 19 13:31:02 CEST 2017 - ku...@suse.de
+
+- Run update-ca-certificate by systemd unit when the content of
+  one of the paths changes. Needed for read-only root and/or
+  transactional updates.
+
+---

Old:

  ca-certificates-2+git20151110.c15593c.tar.xz

New:

  ca-certificates-2+git20170807.10b2785.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.oJhPne/_old  2017-08-12 20:01:25.188774181 +0200
+++ /var/tmp/diff_new_pack.oJhPne/_new  2017-08-12 20:01:25.208771380 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:2+git20151110.c15593c
+Version:2+git20170807.10b2785
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+
@@ -53,9 +53,12 @@
 Obsoletes:  java-ca-certificates = 1
 Provides:   java-ca-certificates = %version-%release
 BuildArch:  noarch
+%{?systemd_requires}
 
 %description
-Utilities for system wide CA certificate installation
+Update-ca-certificates is intended to keep the certificate stores of
+SSL libraries like OpenSSL or GnuTLS in sync with the system's CA
+certificate store that is managed by p11-kit.
 
 %prep
 %setup -q
@@ -67,6 +70,7 @@
 rm -f certbundle.run
 %endif
 %make_install
+ln -s service %{buildroot}%{_sbindir}/rcca-certificates
 install -d -m 755 %{buildroot}%{trustdir_cfg}/{anchors,blacklist}
 install -d -m 755 %{buildroot}%{trustdir_static}/{anchors,blacklist}
 install -d -m 755 %{buildroot}%{ssletcdir}
@@ -74,6 +78,7 @@
 install -d -m 755 %{buildroot}%{_prefix}/lib/ca-certificates/update.d
 install -d -m 555 %{buildroot}/var/lib/ca-certificates/pem
 install -d -m 555 %{buildroot}/var/lib/ca-certificates/openssl
+install -d -m 755 %{buildroot}/%{_prefix}/lib/systemd/system
 ln -s /var/lib/ca-certificates/pem %{buildroot}%{sslcerts}
 %if %{with cabundle}
 install -D -m 644 /dev/null %{buildroot}/%{cabundle}
@@ -119,6 +124,7 @@
done
mv -T --backup=numbered %{sslcerts} %{sslcerts}.rpmsave && ln -s 
/var/lib/ca-certificates/pem %{sslcerts}
 fi
+%service_add_pre ca-certificates.path ca-certificates.service
 
 %post
 if [ -s /etc/ca-certificates.conf ]; then
@@ -134,11 +140,16 @@
 # This also makes sure we update the hash links in /etc/ssl/certs
 # as openssl changed the hash format between 0.9.8 and 1.0
 update-ca-certificates -f || true
+%service_add_post ca-certificates.path ca-certificates.service
+
+%preun
+%service_del_preun ca-certificates.path ca-certificates.service
 
 %postun
 if [ "$1" -eq 0 ]; then
rm -rf /var/lib/ca-certificates/pem /var/lib/ca-certificates/openssl
 fi
+%service_del_postun ca-certificates.path ca-certificates.service
 
 %clean
 rm -rf %{buildroot}
@@ -160,9 +171,11 @@
 %dir /etc/ca-certificates/update.d
 %dir %{_prefix}/lib/ca-certificates
 %dir %{_prefix}/lib/ca-certificates/update.d
+ %{_prefix}/lib/systemd/system/*
 %dir /var/lib/ca-certificates
 %dir /var/lib/ca-certificates/pem
 %dir /var/lib/ca-certificates/openssl
+%{_sbindir}/rcca-certificates
 %{_sbindir}/update-ca-certificates
 %{_mandir}/man8/update-ca-certificates.8*
 %{_prefix}/lib/ca-certificates/update.d/*java.run

++ _servicedata ++
--- /var/tmp/diff_new_pack.oJhPne/_old  2017-08-12 20:01:25.392745609 +0200
+++ /var/tmp/diff_new_pack.oJhPne/_new  2017-08-12 20:01:25.392745609 +0200
@@ -1,4 +1,4 @@
 
 
 http://github

commit ca-certificates for openSUSE:Factory

2015-11-17 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2015-11-17 14:20:22

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2015-03-25 21:04:40.0 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2015-11-17 14:20:24.0 +0100
@@ -1,0 +2,6 @@
+Wed Nov 11 08:18:47 UTC 2015 - lnus...@suse.de
+
+- Update to version 2+git20151110.c15593c:
+  + set proper umask (boo#948724)
+
+---

Old:

  ca-certificates-2+git20150324.e3ee392.tar.xz

New:

  ca-certificates-2+git20151110.c15593c.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.KyGmYY/_old  2015-11-17 14:20:25.0 +0100
+++ /var/tmp/diff_new_pack.KyGmYY/_new  2015-11-17 14:20:25.0 +0100
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:2+git20150324.e3ee392
+Version:2+git20151110.c15593c
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+

++ _servicedata ++
--- /var/tmp/diff_new_pack.KyGmYY/_old  2015-11-17 14:20:25.0 +0100
+++ /var/tmp/diff_new_pack.KyGmYY/_new  2015-11-17 14:20:25.0 +0100
@@ -1,4 +1,4 @@
 
 
 http://github.com/openSUSE/ca-certificates.git
-  e3ee3929d97e90f81a0b8aea77513def30817f2f
\ No newline at end of file
+  c15593c0a7022a63dcc723f29327d87d14c6b99e
\ No newline at end of file

++ ca-certificates-2+git20150324.e3ee392.tar.xz -> 
ca-certificates-2+git20151110.c15593c.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/ca-certificates-2+git20150324.e3ee392/update-ca-certificates 
new/ca-certificates-2+git20151110.c15593c/update-ca-certificates
--- old/ca-certificates-2+git20150324.e3ee392/update-ca-certificates
2015-03-24 11:30:20.0 +0100
+++ new/ca-certificates-2+git20151110.c15593c/update-ca-certificates
2015-11-11 09:18:47.0 +0100
@@ -51,6 +51,9 @@
exit 0;
 }
 
+# set sane umask
+umask 0222;
+
 my @args;
 push @args, '-f' if $options{fresh};
 push @args, '-v' if $options{verbose};




commit ca-certificates for openSUSE:Factory

2015-03-25 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2015-03-25 21:04:39

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-11-15 12:13:25.0 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2015-03-25 21:04:40.0 +0100
@@ -1,0 +2,12 @@
+Wed Mar 25 08:12:28 UTC 2015 - lnus...@suse.de
+
+- require p11-kit-tools >= 0.23.1
+
+---
+Tue Mar 24 10:30:21 UTC 2015 - lnus...@suse.de
+
+- Update to version 2+git20150324.e3ee392:
+  + p11-kit 0.23.1 supports pem-directory-hash now
+- use service file to generate tarball
+
+---

Old:

  ca-certificates-1_201403302107.tar.xz

New:

  _service
  _servicedata
  ca-certificates-2+git20150324.e3ee392.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.qYWwyl/_old  2015-03-25 21:04:40.0 +0100
+++ /var/tmp/diff_new_pack.qYWwyl/_new  2015-03-25 21:04:40.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:1_201403302107
+Version:2+git20150324.e3ee392
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+
@@ -40,7 +40,7 @@
 #
 Requires:   openssl
 Requires:   p11-kit
-Requires:   p11-kit-tools >= 0.19.3
+Requires:   p11-kit-tools >= 0.23.1
 # needed for post
 Requires(post): coreutils openssl p11-kit-tools
 Recommends: ca-certificates-mozilla

++ _service ++

  
2
2+git%cd.%h
http://github.com/openSUSE/ca-certificates.git
git
enable
  
  
xz
*.tar
  
  
ca-certificates.spec
  

++ _servicedata ++


http://github.com/openSUSE/ca-certificates.git
  e3ee3929d97e90f81a0b8aea77513def30817f2f--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-11-15 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-11-15 11:40:46

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-08-05 21:11:14.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-11-15 12:13:25.0 +0100
@@ -1,0 +2,5 @@
+Sat Nov 08 04:32:00 UTC 2014 - Led 
+
+- fix bashism in postun script
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.t9U2F6/_old  2014-11-15 12:13:26.0 +0100
+++ /var/tmp/diff_new_pack.t9U2F6/_new  2014-11-15 12:13:26.0 +0100
@@ -137,7 +137,7 @@
 
 %postun
 if [ "$1" -eq 0 ]; then
-   rm -rf /var/lib/ca-certificates/{pem,openssl}
+   rm -rf /var/lib/ca-certificates/pem /var/lib/ca-certificates/openssl
 fi
 
 %clean

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-08-05 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-08-05 21:11:04

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-07-31 10:04:22.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-08-05 21:11:14.0 +0200
@@ -1,0 +2,13 @@
+Tue Aug  5 11:09:24 UTC 2014 - lnus...@suse.de
+
+- use rpm -qf to determine if a ssl cert is owned by some other
+  package and therefore doesn't need to be migrated (related to
+  bnc#890205).
+
+---
+Mon Aug  4 15:35:27 UTC 2014 - lnus...@suse.de
+
+- add p11 kit header to set label of migrated certificates to the
+  file name of the previous one (bnc#890205)
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.qGb5X2/_old  2014-08-05 21:11:16.0 +0200
+++ /var/tmp/diff_new_pack.qGb5X2/_new  2014-08-05 21:11:16.0 +0200
@@ -91,16 +91,33 @@
 %pre
 # migrate /etc/ssl/certs to a symlink
 if [ "$1" -ne 0 -a -d %{sslcerts} -a ! -L %{sslcerts} ]; then
-   mv -T --backup=numbered %{sslcerts} %{sslcerts}.rpmsave && ln -s 
/var/lib/ca-certificates/pem %{sslcerts}
# copy custom pem files to new location (bnc#875647)
mkdir -p /etc/pki/trust/anchors
-   for cert in %{sslcerts}.rpmsave/*.pem; do
+   for cert in %{sslcerts}/*.pem; do
test -f "$cert" -a ! -L "$cert" || continue
read firstline < "$cert"
# skip package provided certificates (bnc#875647)
-   test "$firstline" != "# generated by openssl-certs, do not 
edit" || continue
-   cp -v -n "$cert" /etc/pki/trust/anchors/
+   if test "${firstline#\# generated by }" != "${firstline}" || 
rpm -qf "$cert" > /dev/null; then
+   continue
+   fi
+   # create a p11-kit header that set the label of
+   # the certificate to the file name. That ensures
+   # that the certificate gets the same name in
+   # /etc/ssl/certs as before
+   bn="${cert##*/}"
+   (
+   cat <<-EOF
+   # created by update-ca-certificates from
+   # $cert
+   [p11-kit-object-v1]
+   class: certificate
+   label: "${bn%.pem}"
+   trusted: true
+   EOF
+   cat $cert
+   ) > "/etc/pki/trust/$bn"
done
+   mv -T --backup=numbered %{sslcerts} %{sslcerts}.rpmsave && ln -s 
/var/lib/ca-certificates/pem %{sslcerts}
 fi
 
 %post

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-07-31 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-07-31 10:04:11

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-07-21 10:35:28.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-07-31 10:04:22.0 +0200
@@ -1,0 +2,6 @@
+Wed Jul 30 11:45:54 UTC 2014 - lnus...@suse.de
+
+- removed the version in the Obsoletes. The package in SLE11 got
+  version updated (bnc#887099).
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.7cr5Hq/_old  2014-07-31 10:04:24.0 +0200
+++ /var/tmp/diff_new_pack.7cr5Hq/_new  2014-07-31 10:04:24.0 +0200
@@ -47,7 +47,7 @@
 # we need to obsolete openssl-certs to make sure it's files are
 # gone when a package providing actual certificates gets
 # installed (bnc#594434).
-Obsoletes:  openssl-certs < 0.9.9
+Obsoletes:  openssl-certs
 # no need for a separate Java package anymore. The bundle is
 # created by C code.
 Obsoletes:  java-ca-certificates = 1

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-07-21 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-07-21 10:35:27

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-07-08 13:01:49.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-07-21 10:35:28.0 +0200
@@ -1,0 +2,6 @@
+Thu Jul 17 09:51:16 UTC 2014 - meiss...@suse.com
+
+- clarify the start order of the generators, as certbundle.run 
+  semi-depends on etc_ssl.run via a timestamp. (bnc#883386)
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.v8Cxbk/_old  2014-07-21 10:35:29.0 +0200
+++ /var/tmp/diff_new_pack.v8Cxbk/_new  2014-07-21 10:35:29.0 +0200
@@ -81,6 +81,13 @@
 %endif
 install -D -m 644 /dev/null %{buildroot}/var/lib/ca-certificates/java-cacerts
 
+# should be done in git.
+mv %{buildroot}/%{_prefix}/lib/ca-certificates/update.d/{,50}java.run
+mv %{buildroot}/%{_prefix}/lib/ca-certificates/update.d/{,70}openssl.run
+mv %{buildroot}/%{_prefix}/lib/ca-certificates/update.d/{,80}etc_ssl.run
+# certbundle.run must be run after etc_ssl.run as it uses a timestamp from it
+mv %{buildroot}/%{_prefix}/lib/ca-certificates/update.d/{,99}certbundle.run
+
 %pre
 # migrate /etc/ssl/certs to a symlink
 if [ "$1" -ne 0 -a -d %{sslcerts} -a ! -L %{sslcerts} ]; then
@@ -141,14 +148,14 @@
 %dir /var/lib/ca-certificates/openssl
 %{_sbindir}/update-ca-certificates
 %{_mandir}/man8/update-ca-certificates.8*
-%{_prefix}/lib/ca-certificates/update.d/java.run
-%{_prefix}/lib/ca-certificates/update.d/etc_ssl.run
-%{_prefix}/lib/ca-certificates/update.d/openssl.run
+%{_prefix}/lib/ca-certificates/update.d/*java.run
+%{_prefix}/lib/ca-certificates/update.d/*etc_ssl.run
+%{_prefix}/lib/ca-certificates/update.d/*openssl.run
 #
 %if %{with cabundle}
 %{ssletcdir}/ca-bundle.pem
 %ghost %{cabundle}
-%{_prefix}/lib/ca-certificates/update.d/certbundle.run
+%{_prefix}/lib/ca-certificates/update.d/*certbundle.run
 %endif
 
 %changelog

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-07-08 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-07-08 13:01:48

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-06-18 10:59:22.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-07-08 13:01:49.0 +0200
@@ -1,0 +2,5 @@
+Mon Jun 23 15:24:13 UTC 2014 - lnus...@suse.de
+
+- fix directory permissions for real this time (bnc#871639)
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.hRGtF1/_old  2014-07-08 13:01:50.0 +0200
+++ /var/tmp/diff_new_pack.hRGtF1/_new  2014-07-08 13:01:50.0 +0200
@@ -67,13 +67,13 @@
 rm -f certbundle.run
 %endif
 %make_install
-install -d m 755 %{buildroot}%{trustdir_cfg}/{anchors,blacklist}
-install -d m 755 %{buildroot}%{trustdir_static}/{anchors,blacklist}
-install -d m 755 %{buildroot}%{ssletcdir}
-install -d m 755 %{buildroot}/etc/ca-certificates/update.d
-install -d m 755 %{buildroot}%{_prefix}/lib/ca-certificates/update.d
-install -d m 555 %{buildroot}/var/lib/ca-certificates/pem
-install -d m 555 %{buildroot}/var/lib/ca-certificates/openssl
+install -d -m 755 %{buildroot}%{trustdir_cfg}/{anchors,blacklist}
+install -d -m 755 %{buildroot}%{trustdir_static}/{anchors,blacklist}
+install -d -m 755 %{buildroot}%{ssletcdir}
+install -d -m 755 %{buildroot}/etc/ca-certificates/update.d
+install -d -m 755 %{buildroot}%{_prefix}/lib/ca-certificates/update.d
+install -d -m 555 %{buildroot}/var/lib/ca-certificates/pem
+install -d -m 555 %{buildroot}/var/lib/ca-certificates/openssl
 ln -s /var/lib/ca-certificates/pem %{buildroot}%{sslcerts}
 %if %{with cabundle}
 install -D -m 644 /dev/null %{buildroot}/%{cabundle}

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-06-18 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-06-18 10:59:15

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-05-10 08:32:46.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-06-18 10:59:22.0 +0200
@@ -1,0 +2,5 @@
+Wed Jun  4 11:10:24 UTC 2014 - lnus...@suse.de
+
+- don't keep certificates with marker (bnc#875647)
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.raIksr/_old  2014-06-18 10:59:23.0 +0200
+++ /var/tmp/diff_new_pack.raIksr/_new  2014-06-18 10:59:23.0 +0200
@@ -87,8 +87,13 @@
mv -T --backup=numbered %{sslcerts} %{sslcerts}.rpmsave && ln -s 
/var/lib/ca-certificates/pem %{sslcerts}
# copy custom pem files to new location (bnc#875647)
mkdir -p /etc/pki/trust/anchors
-   find %{sslcerts}.rpmsave -maxdepth 1 -name '*.pem' -type f -print0 | \
-   xargs -0 --no-run-if-empty -n1 -I FILE cp -v -n FILE 
/etc/pki/trust/anchors/
+   for cert in %{sslcerts}.rpmsave/*.pem; do
+   test -f "$cert" -a ! -L "$cert" || continue
+   read firstline < "$cert"
+   # skip package provided certificates (bnc#875647)
+   test "$firstline" != "# generated by openssl-certs, do not 
edit" || continue
+   cp -v -n "$cert" /etc/pki/trust/anchors/
+   done
 fi
 
 %post

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-05-09 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-05-10 08:32:28

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-04-09 13:01:14.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-05-10 08:32:46.0 +0200
@@ -1,0 +2,6 @@
+Thu May  8 15:41:43 UTC 2014 - lnus...@suse.de
+
+- copy custom pem files in /etc/ssl/certs to /etc/pki/anchors on
+  update (bnc#875647)
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.ztxoQU/_old  2014-05-10 08:32:47.0 +0200
+++ /var/tmp/diff_new_pack.ztxoQU/_new  2014-05-10 08:32:47.0 +0200
@@ -41,7 +41,7 @@
 Requires:   openssl
 Requires:   p11-kit
 Requires:   p11-kit-tools >= 0.19.3
-# needed for %post
+# needed for post
 Requires(post): coreutils openssl p11-kit-tools
 Recommends: ca-certificates-mozilla
 # we need to obsolete openssl-certs to make sure it's files are
@@ -85,6 +85,10 @@
 # migrate /etc/ssl/certs to a symlink
 if [ "$1" -ne 0 -a -d %{sslcerts} -a ! -L %{sslcerts} ]; then
mv -T --backup=numbered %{sslcerts} %{sslcerts}.rpmsave && ln -s 
/var/lib/ca-certificates/pem %{sslcerts}
+   # copy custom pem files to new location (bnc#875647)
+   mkdir -p /etc/pki/trust/anchors
+   find %{sslcerts}.rpmsave -maxdepth 1 -name '*.pem' -type f -print0 | \
+   xargs -0 --no-run-if-empty -n1 -I FILE cp -v -n FILE 
/etc/pki/trust/anchors/
 fi
 
 %post

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-04-09 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-04-09 13:01:11

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2014-04-06 09:56:18.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-04-09 13:01:14.0 +0200
@@ -1,0 +2,5 @@
+Mon Apr  7 15:07:44 UTC 2014 - lnus...@suse.de
+
+- Fix typo in man page
+
+---

Old:

  ca-certificates-1_201312061005.tar.xz

New:

  ca-certificates-1_201403302107.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.H5zQM7/_old  2014-04-09 13:01:15.0 +0200
+++ /var/tmp/diff_new_pack.H5zQM7/_new  2014-04-09 13:01:15.0 +0200
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:1_201312061005
+Version:1_201403302107
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+

++ ca-certificates-1_201312061005.tar.xz -> 
ca-certificates-1_201403302107.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201312061005/README 
new/ca-certificates-1_201403302107/README
--- old/ca-certificates-1_201312061005/README   2013-12-06 10:05:00.0 
+0100
+++ new/ca-certificates-1_201403302107/README   2014-03-30 21:07:42.0 
+0200
@@ -35,7 +35,7 @@
 
 
 - Packages are expected to install their CA certificates in
-  /usr/share/pki/trust/anchors or /usr/share/pki/trust (no extra subdir) intead
+  /usr/share/pki/trust/anchors or /usr/share/pki/trust (no extra subdir) 
instead
   of /usr/share/ca-certificates/ now. The anchors subdirectory is for
   regular pem files, the directory one above for pem files in
   openssl's 'trusted' format.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/ca-certificates-1_201312061005/update-ca-certificates.8 
new/ca-certificates-1_201403302107/update-ca-certificates.8
--- old/ca-certificates-1_201312061005/update-ca-certificates.8 2013-12-06 
10:05:00.0 +0100
+++ new/ca-certificates-1_201403302107/update-ca-certificates.8 2014-03-30 
21:07:42.0 +0200
@@ -59,7 +59,7 @@
 .I /etc/pki/trust/anchors
 Directory of CA certificate trust anchors for use by the admin
 .TP
-.I /etc/pki/trust/anchors
+.I /etc/pki/trust/blacklist
 Directory of blacklisted CA certificates for use by the admin
 .SH SEE ALSO
 .BR c_rehash (1),

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2014-04-06 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2014-04-06 09:56:17

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2013-12-17 10:00:33.0 +0100
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2014-04-06 09:56:18.0 +0200
@@ -1,0 +2,5 @@
+Fri Apr  4 11:38:17 UTC 2014 - lnus...@suse.de
+
+- package correct permissions of generated  directories (bnc#871639)
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.dNXpMK/_old  2014-04-06 09:56:19.0 +0200
+++ /var/tmp/diff_new_pack.dNXpMK/_new  2014-04-06 09:56:19.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -72,8 +72,8 @@
 install -d m 755 %{buildroot}%{ssletcdir}
 install -d m 755 %{buildroot}/etc/ca-certificates/update.d
 install -d m 755 %{buildroot}%{_prefix}/lib/ca-certificates/update.d
-install -d m 755 %{buildroot}/var/lib/ca-certificates/pem
-install -d m 755 %{buildroot}/var/lib/ca-certificates/openssl
+install -d m 555 %{buildroot}/var/lib/ca-certificates/pem
+install -d m 555 %{buildroot}/var/lib/ca-certificates/openssl
 ln -s /var/lib/ca-certificates/pem %{buildroot}%{sslcerts}
 %if %{with cabundle}
 install -D -m 644 /dev/null %{buildroot}/%{cabundle}

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2013-12-17 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2013-12-17 10:00:31

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2013-10-17 13:59:30.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2013-12-17 10:00:33.0 +0100
@@ -1,0 +2,6 @@
+Fri Dec  6 09:16:11 UTC 2013 - lnus...@suse.de
+
+- etc_ssl.run: fix typo
+- turn /etc/ssl/certs into a symlink to /var/lib/ca-certificates/pem
+
+---

Old:

  ca-certificates-1_201310161709.tar.xz

New:

  ca-certificates-1_201312061005.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.6ffsMF/_old  2013-12-17 10:00:34.0 +0100
+++ /var/tmp/diff_new_pack.6ffsMF/_new  2013-12-17 10:00:34.0 +0100
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:1_201310161709
+Version:1_201312061005
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+
@@ -69,17 +69,24 @@
 %make_install
 install -d m 755 %{buildroot}%{trustdir_cfg}/{anchors,blacklist}
 install -d m 755 %{buildroot}%{trustdir_static}/{anchors,blacklist}
-install -d m 755 %{buildroot}/etc/ssl/certs
+install -d m 755 %{buildroot}%{ssletcdir}
 install -d m 755 %{buildroot}/etc/ca-certificates/update.d
 install -d m 755 %{buildroot}%{_prefix}/lib/ca-certificates/update.d
 install -d m 755 %{buildroot}/var/lib/ca-certificates/pem
 install -d m 755 %{buildroot}/var/lib/ca-certificates/openssl
+ln -s /var/lib/ca-certificates/pem %{buildroot}%{sslcerts}
 %if %{with cabundle}
 install -D -m 644 /dev/null %{buildroot}/%{cabundle}
 ln -s %{cabundle} %{buildroot}%{ssletcdir}/ca-bundle.pem
 %endif
 install -D -m 644 /dev/null %{buildroot}/var/lib/ca-certificates/java-cacerts
 
+%pre
+# migrate /etc/ssl/certs to a symlink
+if [ "$1" -ne 0 -a -d %{sslcerts} -a ! -L %{sslcerts} ]; then
+   mv -T --backup=numbered %{sslcerts} %{sslcerts}.rpmsave && ln -s 
/var/lib/ca-certificates/pem %{sslcerts}
+fi
+
 %post
 if [ -s /etc/ca-certificates.conf ]; then
while read line; do
@@ -114,7 +121,7 @@
 %dir %{trustdir_static}
 %dir %{trustdir_static}/anchors
 %dir %{trustdir_static}/blacklist
-%dir /etc/ssl/certs
+%sslcerts
 %ghost /var/lib/ca-certificates/java-cacerts
 %dir /etc/ca-certificates
 %dir /etc/ca-certificates/update.d

++ ca-certificates-1_201310161709.tar.xz -> 
ca-certificates-1_201312061005.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201310161709/etc_ssl.run 
new/ca-certificates-1_201312061005/etc_ssl.run
--- old/ca-certificates-1_201310161709/etc_ssl.run  2013-10-16 
17:09:27.0 +0200
+++ new/ca-certificates-1_201312061005/etc_ssl.run  2013-12-06 
10:05:00.0 +0100
@@ -84,8 +84,13 @@
"help|h",
 ) or die "$!\n";
 
+$ENV{'P11_KIT_PEMDIR_HASH'} = 1;
 system("trust", "extract", "--purpose=server-auth", "--filter=ca-anchors", 
"--format=pem-directory", "-f", $pemdir) == 0 or die;
 
+# we are done if /etc/ssl/certs is a link pointing to 
/var/lib/ca-certificates/pem
+exit 0 if (-l $etccertsdir && readlink($etccertsdir) eq $pemdir);
+warn "Warning: $etccertsdir should be a link to $pemdir!\n";
+
 for my $f (<"$pemdir/*.pem">) {
addcert($f);
 }
@@ -127,5 +132,5 @@
 if ($foundignored)
 {
print STDERR "\n* = CA Certificates in /etc/ssl/certs are only seen by 
some legacy applications.
-To install CA-Certificates globally move them to /etc/pki/trust/ancors 
instead!\n";
+To install CA-Certificates globally move them to /etc/pki/trust/anchors 
instead!\n";
 }

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2013-10-17 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2013-10-17 13:59:29

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2013-08-30 11:32:51.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2013-10-17 13:59:30.0 +0200
@@ -1,0 +2,6 @@
+Wed Oct 16 15:11:26 UTC 2013 - lnus...@suse.de
+
+- fix typo in README (bnc#845500)
+- remove old extractcerts.pl
+
+---

Old:

  ca-certificates-1_201308271454.tar.xz

New:

  ca-certificates-1_201310161709.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.WmtQER/_old  2013-10-17 13:59:32.0 +0200
+++ /var/tmp/diff_new_pack.WmtQER/_new  2013-10-17 13:59:32.0 +0200
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:1_201308271454
+Version:1_201310161709
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+

++ ca-certificates-1_201308271454.tar.xz -> 
ca-certificates-1_201310161709.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201308271454/README 
new/ca-certificates-1_201310161709/README
--- old/ca-certificates-1_201308271454/README   2013-08-27 14:54:33.0 
+0200
+++ new/ca-certificates-1_201310161709/README   2013-10-16 17:09:27.0 
+0200
@@ -7,9 +7,9 @@
 various components in sync with the system CA certificates.
 
 The canonical source of CA certificates is what p11-kit knows about.
-By default p11-kit looks into /usr/share/pki/anchors
-resp /etc/pki/trust/anchors but there could be other plugins that
-serve as source for certificates as well.
+By default p11-kit looks into /usr/share/pki/trust/ resp
+/etc/pki/trust/ but there could be other plugins that serve as
+source for certificates as well.
 
 Supported Certificate Stores
 
@@ -35,8 +35,10 @@
 
 
 - Packages are expected to install their CA certificates in
-  /usr/share/pki/anchors/ (no extra subdir) intead of
-  /usr/share/ca-certificates/ now.
+  /usr/share/pki/trust/anchors or /usr/share/pki/trust (no extra subdir) intead
+  of /usr/share/ca-certificates/ now. The anchors subdirectory is for
+  regular pem files, the directory one above for pem files in
+  openssl's 'trusted' format.
 
 - /etc/ca-certificates.conf is no longer supported. Just symlink the
   certificates you don't want to /etc/pki/trust/blacklist.

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2013-08-30 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2013-08-30 11:32:49

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2013-08-24 10:14:38.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2013-08-30 11:32:51.0 +0200
@@ -1,0 +2,11 @@
+Tue Aug 27 12:53:44 UTC 2013 - lnus...@suse.de
+
+- re-enable the CA bundle again for glib-networking (bnc#825903)
+
+---
+Tue Aug 27 07:11:04 UTC 2013 - lnus...@suse.de
+
+- make sure we have p11-kit >= 0.19.3 which has the 'trust' command
+  (bnc#836560)
+
+---

Old:

  ca-certificates-1_201308051322.tar.xz

New:

  ca-certificates-1_201308271454.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.nbLuEO/_old  2013-08-30 11:32:52.0 +0200
+++ /var/tmp/diff_new_pack.nbLuEO/_new  2013-08-30 11:32:52.0 +0200
@@ -17,10 +17,10 @@
 
 
 # the ca bundle file was meant as compat option for e.g.
-# proprietary packages. Now that I see it abused in free software
-# packages that can be trivially patched to do the right thing I'm
-# disabling this for now again.
-%bcond_with cabundle
+# proprietary packages. It's not meant to be used at all.
+# unfortunately glib-networking has such a complicated abstraction
+# on top of gnutls that we have to live with the bundle for now
+%bcond_without cabundle
 
 BuildRequires:  openssl
 BuildRequires:  p11-kit-devel
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:1_201308051322
+Version:1_201308271454
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+
@@ -40,7 +40,7 @@
 #
 Requires:   openssl
 Requires:   p11-kit
-Requires:   p11-kit-tools
+Requires:   p11-kit-tools >= 0.19.3
 # needed for %post
 Requires(post): coreutils openssl p11-kit-tools
 Recommends: ca-certificates-mozilla

++ ca-certificates-1_201308051322.tar.xz -> 
ca-certificates-1_201308271454.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201308051322/certbundle.run 
new/ca-certificates-1_201308271454/certbundle.run
--- old/ca-certificates-1_201308051322/certbundle.run   2013-08-05 
13:22:58.0 +0200
+++ new/ca-certificates-1_201308271454/certbundle.run   2013-08-27 
14:54:33.0 +0200
@@ -28,7 +28,7 @@
 # functions that know the operating system defaults instead:
 #
 # - openssl: SSL_CTX_set_default_verify_paths()
-# - gnutls: gnutls_x509_trust_list_add_system_trust()
+# - gnutls: gnutls_certificate_set_x509_system_trust(cred)
 #
 EOF
 trust extract --format=pem-bundle --purpose=server-auth --filter=ca-anchors 
$cafile.tmp
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201308051322/extractcerts.pl 
new/ca-certificates-1_201308271454/extractcerts.pl
--- old/ca-certificates-1_201308051322/extractcerts.pl  2013-08-05 
13:22:58.0 +0200
+++ new/ca-certificates-1_201308271454/extractcerts.pl  1970-01-01 
01:00:00.0 +0100
@@ -1,217 +0,0 @@
-#!/usr/bin/perl -w
-# 
-# * BEGIN LICENSE BLOCK *
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are

commit ca-certificates for openSUSE:Factory

2013-08-24 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2013-08-24 10:14:37

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2013-07-03 10:11:38.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2013-08-24 10:14:38.0 +0200
@@ -1,0 +2,6 @@
+Mon Aug  5 11:24:04 UTC 2013 - lnus...@suse.de
+
+- don't remove symlinks to other locations in /etc/ssl/certs
+- use the trust binary instead of p11-kit to extract trust
+
+---

Old:

  ca-certificates-1_201307011044.tar.xz

New:

  ca-certificates-1_201308051322.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.gFmEYm/_old  2013-08-24 10:14:39.0 +0200
+++ /var/tmp/diff_new_pack.gFmEYm/_new  2013-08-24 10:14:39.0 +0200
@@ -29,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:1_201307011044
+Version:1_201308051322
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+

++ ca-certificates-1_201307011044.tar.xz -> 
ca-certificates-1_201308051322.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201307011044/certbundle.run 
new/ca-certificates-1_201308051322/certbundle.run
--- old/ca-certificates-1_201307011044/certbundle.run   2013-07-01 
10:44:11.0 +0200
+++ new/ca-certificates-1_201308051322/certbundle.run   2013-08-05 
13:22:58.0 +0200
@@ -31,7 +31,7 @@
 # - gnutls: gnutls_x509_trust_list_add_system_trust()
 #
 EOF
-p11-kit extract --format=pem-bundle --purpose=server-auth --filter=ca-anchors 
$cafile.tmp
+trust extract --format=pem-bundle --purpose=server-auth --filter=ca-anchors 
$cafile.tmp
 cat $cafile.tmp >> $cafile.new
 rm -f $cafile.tmp
 mv "$cafile.new" "$cafile"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201307011044/etc_ssl.run 
new/ca-certificates-1_201308051322/etc_ssl.run
--- old/ca-certificates-1_201307011044/etc_ssl.run  2013-07-01 
10:44:11.0 +0200
+++ new/ca-certificates-1_201308051322/etc_ssl.run  2013-08-05 
13:22:58.0 +0200
@@ -84,7 +84,7 @@
"help|h",
 ) or die "$!\n";
 
-system("p11-kit", "extract", "--purpose=server-auth", "--filter=ca-anchors", 
"--format=pem-directory", "-f", $pemdir) == 0 or die;
+system("trust", "extract", "--purpose=server-auth", "--filter=ca-anchors", 
"--format=pem-directory", "-f", $pemdir) == 0 or die;
 
 for my $f (<"$pemdir/*.pem">) {
addcert($f);
@@ -93,7 +93,7 @@
 # clean dangling symlinks
 for my $f (<"$etccertsdir/*.pem">) {
unless (-l $f) {
-   print STDERR "$f is wrong here *)\n";
+   print STDERR "$f is in the wrong location *)\n";
$foundignored = 1;
next;
}
@@ -101,11 +101,12 @@
my $d = readlink($f);
unless ($d && startswith($d, $pemdir)) {
# don't warn about the symlinks we had in the distro 
before
-   unless (startswith($d, "/usr/share/ca-certificates/")) {
-   print STDERR "wrong symlink $f removed *)\n";
+   if (startswith($d, "/usr/share/ca-certificates/")) {
+   unlink $f;
+   } else {
+   print STDERR "$f is in the wrong location *)\n";
$foundignored = 1;
}
-   unlink $f
}
} else {
$removed{$f} = 1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ca-certificates-1_201307011044/java.run 
new/ca-certificates-1_201308051322/java.run
--- old/ca-certificates-1_201307011044/java.run 2013-07-01 10:44:11.0 
+0200
+++ new/ca-certificates-1_201308051322/java.run 2013-08-05 13:22:58.0 
+0200
@@ -19,6 +19,6 @@
 done
 
 [ -z "$verbose" ] || echo "creating $cafile ..."
-p11-kit extract --format=java-cacerts --purpose=server-auth 
--filter=ca-anchors --overwrite $cafile
+trust extract --format=java-cacerts --purpose=server-auth --filter=ca-anchors 
--overwrite $cafile
 
 # vim: syntax=sh
diff -urN '--exclude=CVS' '--exclude=.cvsignore'

commit ca-certificates for openSUSE:Factory

2013-07-03 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2013-07-03 10:11:35

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2013-06-25 17:20:12.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2013-07-03 10:11:38.0 +0200
@@ -1,0 +2,6 @@
+Thu Jun 27 16:17:51 UTC 2013 - lnus...@suse.de
+
+- disable generating ca-bundle for now again so people don't submit
+  new packages that use this file.
+
+---
@@ -5,0 +12,5 @@
+
+---
+Mon Jun 24 12:46:30 UTC 2013 - lnus...@suse.de
+
+- update manpage

Old:

  ca-certificates-1_201306200949.tar.xz

New:

  ca-certificates-1_201307011044.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.BydYCo/_old  2013-07-03 10:11:38.0 +0200
+++ /var/tmp/diff_new_pack.BydYCo/_new  2013-07-03 10:11:38.0 +0200
@@ -16,6 +16,12 @@
 #
 
 
+# the ca bundle file was meant as compat option for e.g.
+# proprietary packages. Now that I see it abused in free software
+# packages that can be trivially patched to do the right thing I'm
+# disabling this for now again.
+%bcond_with cabundle
+
 BuildRequires:  openssl
 BuildRequires:  p11-kit-devel
 
@@ -23,7 +29,7 @@
 %define ssletcdir %{_sysconfdir}/ssl
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define sslcerts  %{ssletcdir}/certs
-Version:1_201306200949
+Version:1_201307011044
 Release:0
 Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+
@@ -57,6 +63,9 @@
 %build
 
 %install
+%if %{without cabundle}
+rm -f certbundle.run
+%endif
 %make_install
 install -d m 755 %{buildroot}%{trustdir_cfg}/{anchors,blacklist}
 install -d m 755 %{buildroot}%{trustdir_static}/{anchors,blacklist}
@@ -65,9 +74,11 @@
 install -d m 755 %{buildroot}%{_prefix}/lib/ca-certificates/update.d
 install -d m 755 %{buildroot}/var/lib/ca-certificates/pem
 install -d m 755 %{buildroot}/var/lib/ca-certificates/openssl
+%if %{with cabundle}
 install -D -m 644 /dev/null %{buildroot}/%{cabundle}
-install -D -m 644 /dev/null %{buildroot}/var/lib/ca-certificates/java-cacerts
 ln -s %{cabundle} %{buildroot}%{ssletcdir}/ca-bundle.pem
+%endif
+install -D -m 644 /dev/null %{buildroot}/var/lib/ca-certificates/java-cacerts
 
 %post
 if [ -s /etc/ca-certificates.conf ]; then
@@ -104,8 +115,6 @@
 %dir %{trustdir_static}/anchors
 %dir %{trustdir_static}/blacklist
 %dir /etc/ssl/certs
-%{ssletcdir}/ca-bundle.pem
-%ghost %{cabundle}
 %ghost /var/lib/ca-certificates/java-cacerts
 %dir /etc/ca-certificates
 %dir /etc/ca-certificates/update.d
@@ -117,8 +126,13 @@
 %{_sbindir}/update-ca-certificates
 %{_mandir}/man8/update-ca-certificates.8*
 %{_prefix}/lib/ca-certificates/update.d/java.run
-%{_prefix}/lib/ca-certificates/update.d/certbundle.run
 %{_prefix}/lib/ca-certificates/update.d/etc_ssl.run
 %{_prefix}/lib/ca-certificates/update.d/openssl.run
+#
+%if %{with cabundle}
+%{ssletcdir}/ca-bundle.pem
+%ghost %{cabundle}
+%{_prefix}/lib/ca-certificates/update.d/certbundle.run
+%endif
 
 %changelog

++ ca-certificates-1_201306200949.tar.xz -> 
ca-certificates-1_201307011044.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/ca-certificates-1_201306200949/update-ca-certificates.8 
new/ca-certificates-1_201307011044/update-ca-certificates.8
--- old/ca-certificates-1_201306200949/update-ca-certificates.8 2013-06-20 
09:49:53.0 +0200
+++ new/ca-certificates-1_201307011044/update-ca-certificates.8 2013-07-01 
10:44:11.0 +0200
@@ -21,24 +21,22 @@
 .B update-ca-certificates
 .RI [ options ]
 .SH DESCRIPTION
-\fBupdate-ca-certificates\fP updates the directory
-/etc/ssl/certs to hold SSL certificates and generates /etc/ssl/ca-bundle.pem,
-a concatenated single-file list of certificates.
+\fBupdate-ca-certificates\fP is intended to keep the certificate stores of
+various components in sync with the system CA certificates.
 .PP
-It reads the file /etc/ca-certificates.conf. Each line gives a pathname of
-a CA certificate under /usr/share/ca-certificates that should be trusted.
-Lines that begin with "#" are comment lines and thus ignored.
-Lines that begin with "!" are deselected, causing the deactivation
-of the CA certificate in question. All certificates are implicitly
-trusted if no trusted certificates are listed.
+The canon

commit ca-certificates for openSUSE:Factory

2013-06-25 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2013-06-25 17:13:48

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2013-06-25 14:38:53.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2013-06-25 17:20:12.0 +0200
@@ -1,0 +2,6 @@
+Mon Jun 24 21:09:16 UTC 2013 - hrvoje.sen...@gmail.com
+
+- Explicitly require p11-kit, otherwise trusted certificates won't
+  be generated
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.mX2Yew/_old  2013-06-25 17:20:13.0 +0200
+++ /var/tmp/diff_new_pack.mX2Yew/_new  2013-06-25 17:20:13.0 +0200
@@ -33,6 +33,7 @@
 Url:https://github.com/openSUSE/ca-certificates
 #
 Requires:   openssl
+Requires:   p11-kit
 Requires:   p11-kit-tools
 # needed for %post
 Requires(post): coreutils openssl p11-kit-tools

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2013-06-25 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2013-06-25 09:36:53

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates"

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2012-05-08 12:25:45.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2013-06-25 14:38:53.0 +0200
@@ -1,0 +2,5 @@
+Thu Jun 20 09:15:52 UTC 2013 - lnus...@suse.de
+
+- use p11-kit to generate the files
+
+---

Old:

  GPL-2.0.txt
  certbundle.run
  java.run
  keystore.java
  update-ca-certificates
  update-ca-certificates.8

New:

  ca-certificates-1_201306200949.tar.xz



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.p3QIV1/_old  2013-06-25 14:38:54.0 +0200
+++ /var/tmp/diff_new_pack.p3QIV1/_new  2013-06-25 14:38:54.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,154 +15,109 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-# norootforbuild
-
-%bcond_without java
 
 BuildRequires:  openssl
-%if %{with java}
-BuildRequires:  gcc-java
-BuildRequires:  fastjar
-%endif
+BuildRequires:  p11-kit-devel
 
 Name:   ca-certificates
 %define ssletcdir %{_sysconfdir}/ssl
-%define etccadir  %{ssletcdir}/certs
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
-%define usrcadir  %{_datadir}/ca-certificates
+%define sslcerts  %{ssletcdir}/certs
+Version:1_201306200949
+Release:0
+Summary:Utilities for system wide CA certificate installation
 License:GPL-2.0+
 Group:  Productivity/Networking/Security
-Version:1
-Release:12
-Summary:Utilities for system wide CA certificate installation
-Source0:update-ca-certificates
-Source1:update-ca-certificates.8
-Source2:GPL-2.0.txt
-Source3:certbundle.run
-Source4:keystore.java
-Source5:java.run
+Source0:ca-certificates-%{version}.tar.xz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
-Url:http://gitorious.org/opensuse/ca-certificates
+Url:https://github.com/openSUSE/ca-certificates
 #
 Requires:   openssl
+Requires:   p11-kit-tools
 # needed for %post
-Requires:   coreutils
+Requires(post): coreutils openssl p11-kit-tools
 Recommends: ca-certificates-mozilla
 # we need to obsolete openssl-certs to make sure it's files are
 # gone when a package providing actual certificates gets
 # installed (bnc#594434).
 Obsoletes:  openssl-certs < 0.9.9
+# no need for a separate Java package anymore. The bundle is
+# created by C code.
+Obsoletes:  java-ca-certificates = 1
+Provides:   java-ca-certificates = %version-%release
 BuildArch:  noarch
 
-%if %{with java}
-
-%package -n java-ca-certificates
-License:GPL-2.0+
-Group:  Productivity/Networking/Security
-Summary:Utilities CA certificate import to gcj
-Requires(post): ca-certificates
-Supplements:packageand(gcj-compat:ca-certificates)
-Supplements:packageand(java-1_6_0-openjdk:ca-certificates)
-Supplements:packageand(java-1_6_0-sun:ca-certificates)
-%endif
-
 %description
 Utilities for system wide CA certificate installation
 
-%if %{with java}
-
-%description -n java-ca-certificates
-Utilities for CA certificate installation for gcj and openjdk Java
-%endif
-
 %prep
-%setup -qcT
-install -m 755 %{SOURCE0} .
-install -m 644 %{SOURCE1} .
-install -m 644 %{SOURCE2} COPYING
+%setup -q
 
 %build
-%if %{with java}
-gcj -C %SOURCE4 -d .
-# emulate -e option of jar for fastjar
-cat < MANIFEST.MF
-Manifest-Version: 1.0
-Created-By: 0.98
-Main-Class: keystore
-EOF
-fastjar cfm keystore.jar MANIFEST.MF keystore*.class
-%endif
 
 %install
-mkdir -p %{buildroot}/%{etccadir}
-mkdir -p %{buildroot}/%{usrcadir}
-mkdir -p %{buildroot}/%{_sbindir}
-mkdir -p %{buildroot}/%{_mandir}/man8
-mkdir -p %{buildroot}/etc/ca-certificates/update.d
-mkdir -p %{buildroot}%{_prefix}/lib/ca-certificates/update.d
+%make_install
+install -d m 755 %{buildroot}%{trustdir_cfg}/{anchors,blacklist}
+install -d m 755 %{buildroot}%{trustdir_static}/{anchors,blacklist}
+install -d m 755 %{buildroot}/etc/ssl/certs
+install -d m 755 %{bui

commit ca-certificates for openSUSE:Factory

2012-05-08 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2012-05-08 12:25:42

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates", Maintainer is ""

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2011-10-25 15:48:14.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2012-05-08 12:25:45.0 +0200
@@ -1,0 +2,5 @@
+Fri May  4 11:55:14 UTC 2012 - lnus...@suse.de
+
+- give hint about SSL_CTX_set_default_verify_paths in cert bundle
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.38LMPa/_old  2012-05-08 12:25:46.0 +0200
+++ /var/tmp/diff_new_pack.38LMPa/_new  2012-05-08 12:25:46.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package ca-certificates
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed

++ certbundle.run ++
--- /var/tmp/diff_new_pack.38LMPa/_old  2012-05-08 12:25:46.0 +0200
+++ /var/tmp/diff_new_pack.38LMPa/_new  2012-05-08 12:25:46.0 +0200
@@ -21,8 +21,12 @@
 cat > "$cafile.new" <

commit ca-certificates for openSUSE:Factory

2011-12-06 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2011-12-06 18:02:19

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates", Maintainer is ""

Changes:




Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.mfTMTF/_old  2011-12-06 18:04:16.0 +0100
+++ /var/tmp/diff_new_pack.mfTMTF/_new  2011-12-06 18:04:16.0 +0100
@@ -30,7 +30,7 @@
 %define etccadir  %{ssletcdir}/certs
 %define cabundle  /var/lib/ca-certificates/ca-bundle.pem
 %define usrcadir  %{_datadir}/ca-certificates
-License:GPLv2+
+License:GPL-2.0+
 Group:  Productivity/Networking/Security
 Version:1
 Release:12
@@ -57,7 +57,7 @@
 %if %{with java}
 
 %package -n java-ca-certificates
-License:GPLv2+
+License:GPL-2.0+
 Group:  Productivity/Networking/Security
 Summary:Utilities CA certificate import to gcj
 Requires(post): ca-certificates

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2011-10-25 Thread h_root
Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory 
checked in at 2011-10-25 15:48:09

Comparing /work/SRC/openSUSE:Factory/ca-certificates (Old)
 and  /work/SRC/openSUSE:Factory/.ca-certificates.new (New)


Package is "ca-certificates", Maintainer is ""

Changes:

--- /work/SRC/openSUSE:Factory/ca-certificates/ca-certificates.changes  
2011-09-23 01:53:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.ca-certificates.new/ca-certificates.changes 
2011-10-25 15:48:14.0 +0200
@@ -1,0 +2,5 @@
+Mon Oct 24 11:57:53 UTC 2011 - co...@suse.com
+
+- require coreutils for %post script
+
+---



Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.mMCIcU/_old  2011-10-25 15:48:16.0 +0200
+++ /var/tmp/diff_new_pack.mMCIcU/_new  2011-10-25 15:48:16.0 +0200
@@ -45,6 +45,8 @@
 Url:http://gitorious.org/opensuse/ca-certificates
 #
 Requires:   openssl
+# needed for %post
+Requires:   coreutils
 Recommends: ca-certificates-mozilla
 # we need to obsolete openssl-certs to make sure it's files are
 # gone when a package providing actual certificates gets

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit ca-certificates for openSUSE:Factory

2011-06-21 Thread h_root

Hello community,

here is the log from the commit of package ca-certificates for openSUSE:Factory
checked in at Tue Jun 21 09:21:37 CEST 2011.




--- ca-certificates/ca-certificates.changes 2010-09-27 16:58:22.0 
+0200
+++ /mounts/work_src_done/STABLE/ca-certificates/ca-certificates.changes
2011-06-20 15:24:04.0 +0200
@@ -1,0 +2,6 @@
+Mon Jun 20 12:49:52 UTC 2011 - lnus...@suse.de
+
+- fix spurious rpm warning if no java exists (bnc#634793)
+- move java.run to java-ca-certificates
+
+---

calling whatdependson for head-i586




Other differences:
--
++ ca-certificates.spec ++
--- /var/tmp/diff_new_pack.7fTCoG/_old  2011-06-21 09:14:13.0 +0200
+++ /var/tmp/diff_new_pack.7fTCoG/_new  2011-06-21 09:14:13.0 +0200
@@ -1,7 +1,7 @@
 #
-# spec file for package ca-certificates (Version 1)
+# spec file for package ca-certificates
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -33,7 +33,7 @@
 License:GPLv2+
 Group:  Productivity/Networking/Security
 Version:1
-Release:8
+Release:12
 Summary:Utilities for system wide CA certificate installation
 Source0:update-ca-certificates
 Source1:update-ca-certificates.8
@@ -147,7 +147,7 @@
 %dir %{_prefix}/lib/ca-certificates
 %dir %{_prefix}/lib/ca-certificates/update.d
 %dir /var/lib/ca-certificates
-%{_prefix}/lib/ca-certificates/update.d/*
+%{_prefix}/lib/ca-certificates/update.d/certbundle.run
 %{_sbindir}/update-ca-certificates
 %{_mandir}/man8/update-ca-certificates.8*
 %ghost /var/lib/ca-certificates/ca-bundle.pem
@@ -157,6 +157,7 @@
 %files -n java-ca-certificates
 %defattr(-, root, root)
 %dir %{_prefix}/lib/ca-certificates/java
+%{_prefix}/lib/ca-certificates/update.d/java.run
 %{_prefix}/lib/ca-certificates/java/keystore.jar
 %ghost /var/lib/ca-certificates/java-cacerts
 %ghost /var/lib/ca-certificates/gcj-cacerts

++ java.run ++
--- /var/tmp/diff_new_pack.7fTCoG/_old  2011-06-21 09:14:13.0 +0200
+++ /var/tmp/diff_new_pack.7fTCoG/_new  2011-06-21 09:14:13.0 +0200
@@ -35,11 +35,13 @@
 if [ -n "$JAVA_HOME" ]; then
java="$JAVA_HOME/bin/java"
 else
-   java=`which java`
-fi
-
-if [[ $(readlink -f "${java}") =~ gij ]]; then
-java=""
+   java=`type -P java`
+   if [ -n "$java" -a -L "$java" ]; then
+   java=`readlink -f "$java"`
+   if [ "${java//gij}" != "$java" ]; then
+   java=
+   fi
+   fi
 fi
 
 if [ ! -e "$libexecdir"/keystore.jar ]; then
@@ -73,7 +75,7 @@
fi
 done
 
-if [ -x "$java" ]; then
+if [ -n "$java" -a -x "$java" ]; then
echo "creating $cafile ..."
$java -jar $libexecdir/keystore.jar -keystore "$cafile" -cadir "$cadir" 
"$@"
 fi






Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org