public-mirrors/ca-certificates
1
0
Fork 0
mirror of https://git.launchpad.net/ubuntu/+source/ca-certificates synced 2025-04-13 09:38:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

20160104 (patches unapplied)

Browse source 
Imported using git-ubuntu import.
This commit is contained in:
Michael Shuler 2016-01-04 11:08:26 -06:00 committed by git-ubuntu importer
parent da14cb77ba
commit 1a5c9bbfd4
Notes: git-ubuntu importer 2020-07-14 23:30:48 +00:00 
  * debian/rules:
    Sort certificate list for reproducible builds.  Closes: #808711
  * mozilla/certdata2pem.py:
    Drop old CK*_NETSCAPE trust flag checks
3 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
debian/changelog vendored
View file

@ -1,3 +1,12 @@
ca-certificates (20160104) unstable; urgency=medium
* debian/rules:
Sort certificate list for reproducible builds. Closes: #808711
* mozilla/certdata2pem.py:
Drop old CK*_NETSCAPE trust flag checks
-- Michael Shuler <michael@pbandjelly.org> Mon, 04 Jan 2016 11:08:26 -0600
ca-certificates (20151214) unstable; urgency=medium
* Removed SPI CA. Closes: #796208

2
debian/rules vendored
View file

@ -44,7 +44,7 @@ install: build
$(MAKE) install DESTDIR=$(CURDIR)/debian/ca-certificates
(cd $(CURDIR)/debian/ca-certificates/usr/share/ca-certificates; \
crts=""; \
for crt in $$(find . -type f -name '*.crt' -print); \
for crt in $$(find . -type f -name '*.crt' -print | LC_ALL=C sort); \
do \
crt=$$(echo $$crt | sed -e 's/\.\///'); \
if test "$$crts" = ""; then \

11
mozilla/certdata2pem.py
View file

@ -98,18 +98,15 @@ if os.path.exists('blacklist.txt'):
# Build up trust database.
trust = dict()
for obj in objects:
if obj['CKA_CLASS'] not in ('CKO_NETSCAPE_TRUST', 'CKO_NSS_TRUST'):
if obj['CKA_CLASS'] != 'CKO_NSS_TRUST':
continue
if obj['CKA_LABEL'] in blacklist:
print("Certificate %s blacklisted, ignoring." % obj['CKA_LABEL'])
elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR',
'CKT_NSS_TRUSTED_DELEGATOR'):
elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_TRUSTED_DELEGATOR':
trust[obj['CKA_LABEL']] = True
elif obj['CKA_TRUST_EMAIL_PROTECTION'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR',
'CKT_NSS_TRUSTED_DELEGATOR'):
elif obj['CKA_TRUST_EMAIL_PROTECTION'] == 'CKT_NSS_TRUSTED_DELEGATOR':
trust[obj['CKA_LABEL']] = True
elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_UNTRUSTED',
'CKT_NSS_NOT_TRUSTED'):
elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_NOT_TRUSTED':
print('!'*74)
print("UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL'])
print('!'*74)