mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-08 22:45:43 +00:00
core/nss to 3.49.1-2
This commit is contained in:
parent
90abb2a4cd
commit
1567362cc5
2 changed files with 20 additions and 5 deletions
|
@ -7,18 +7,18 @@
|
|||
pkgbase=nss
|
||||
pkgname=(nss ca-certificates-mozilla)
|
||||
pkgver=3.49.1
|
||||
pkgrel=1
|
||||
pkgrel=2
|
||||
pkgdesc="Network Security Services"
|
||||
url="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
|
||||
arch=(x86_64)
|
||||
license=(MPL GPL)
|
||||
_nsprver=4.20
|
||||
depends=("nspr>=${_nsprver}" sqlite zlib sh p11-kit)
|
||||
_nsprver=4.24
|
||||
depends=("nspr>=${_nsprver}" sqlite zlib sh 'p11-kit>=0.23.19')
|
||||
makedepends=(perl python gyp)
|
||||
source=("https://ftp.mozilla.org/pub/security/nss/releases/NSS_${pkgver//./_}_RTM/src/nss-${pkgver}.tar.gz"
|
||||
certdata2pem.py bundle.sh)
|
||||
sha256sums=('d9aa42e49e02bb0dc0a2f164604cfc718e11a2a06ddb266cd676376ac21b026e'
|
||||
'0be02cecc27a6e55e1cad1783033b147f502b26f9fb1bb5a53e7a43bbcb68fa0'
|
||||
'd2a1579dae05fd16175fac27ef08b54731ecefdf414085c610179afcf62b096c'
|
||||
'3bfadf722da6773bdabdd25bdf78158648043d1b7e57615574f189a88ca865dd'
|
||||
'8372d34fdeeebd23e1daa7ee1f67510f050cba30c884f81e067dba46f94d1dcf')
|
||||
|
||||
|
@ -90,7 +90,7 @@ package_nss() {
|
|||
|
||||
package_ca-certificates-mozilla() {
|
||||
pkgdesc="Mozilla's set of trusted CA certificates"
|
||||
depends=(ca-certificates-utils)
|
||||
depends=('ca-certificates-utils>=20181109-3')
|
||||
|
||||
install -Dm644 ca-bundle.trust.p11-kit \
|
||||
"$pkgdir/usr/share/ca-certificates/trust-source/mozilla.trust.p11-kit"
|
||||
|
|
|
@ -177,6 +177,11 @@ openssl_trust = {
|
|||
"CKA_TRUST_EMAIL_PROTECTION": "emailProtection",
|
||||
}
|
||||
|
||||
cert_distrust_types = {
|
||||
"CKA_NSS_SERVER_DISTRUST_AFTER": "nss-server-distrust-after",
|
||||
"CKA_NSS_EMAIL_DISTRUST_AFTER": "nss-email-distrust-after",
|
||||
}
|
||||
|
||||
for tobj in objects:
|
||||
if tobj['CKA_CLASS'] == 'CKO_NSS_TRUST':
|
||||
key = tobj['CKA_LABEL'] + printable_serial(tobj)
|
||||
|
@ -369,6 +374,16 @@ for tobj in objects:
|
|||
f.write("nss-mozilla-ca-policy: true\n")
|
||||
f.write("modifiable: false\n");
|
||||
|
||||
# requires p11-kit >= 0.23.19
|
||||
for t in list(cert_distrust_types.keys()):
|
||||
if t in obj:
|
||||
value = obj[t]
|
||||
if value == 'CK_FALSE':
|
||||
value = bytearray(1)
|
||||
f.write(cert_distrust_types[t] + ": \"")
|
||||
f.write(urllib.parse.quote(value));
|
||||
f.write("\"\n")
|
||||
|
||||
f.write("-----BEGIN CERTIFICATE-----\n")
|
||||
temp_encoded_b64 = base64.b64encode(obj['CKA_VALUE'])
|
||||
temp_wrapped = textwrap.wrap(temp_encoded_b64.decode(), 64)
|
||||
|
|
Loading…
Reference in a new issue