Commit Graph

9 Commits

Author SHA1 Message Date
Martin Bark
27f0994067 package/ca-certificates: depend on host-python or host-python3
The ca-certificates build process runs a Python script that needs at
least Python 2.7. While Buildroot requires Python as a hard dependency
on the build system, we don't require Python >= 2.7.

So in order to ensure that a Python >= 2.7 is installed, this commit
makes the ca-certificates package depend either on host-python or
host-python3.

Fixes:

 http://autobuild.buildroot.net/results/a2a4fed293c836b9cf63ff2aaa463b0704dec07e/
 http://autobuild.buildroot.net/results/bbed4afa8e30382b8892062f31ba64cbb0ea14e4/
 http://autobuild.buildroot.net/results/1af5562be3c0d233cea81834a898f7ac6ae48271/

Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Martin Bark <martin@barkynet.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: rewrite commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-05 15:42:17 +02:00
Martin Bark
30e991a082 package/ca-certificates: bump version to 20160104
The following certificate authorities were added (+):
+ "CA WoSign ECC Root"
+ "Certification Authority of WoSign G2"
+ "Certinomis - Root CA"
+ "OISTE WISeKey Global Root GB CA"
+ "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
+ "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6"

The following certificate authorities were removed (-):
- "A-Trust-nQual-03"
- "Buypass Class 3 CA 1"
- "ComSign Secured CA"
- "Digital Signature Trust Co. Global CA 1"
- "Digital Signature Trust Co. Global CA 3"
- "SG TRUST SERVICES RACINE"
- "TC TrustCenter Class 2 CA II"
- "TC TrustCenter Universal CA I"
- "TURKTRUST Certificate Services Provider Root 1"
- "TURKTRUST Certificate Services Provider Root 2"
- "UTN DATACorp SGC Root CA"
- "Verisign Class 4 Public Primary Certification Authority - G3"

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-02-25 12:24:31 +01:00
Martin Bark
09071d4a03 package/ca-certificates: bump version to 20150426
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-06-09 22:42:16 +02:00
Yann E. MORIN
ea6b7bd545 package/ca-certificates: generate the bundle of certs
glib-networking wants to use the certificates bundle, not the individual
certificates.

Generating the bundle is usually done with update-ca-certificates, but
that does not support running out-of-tree.

Fortiunately, and as Gustavo put it, update-ca-certificates is jsut a
glorified 'cat'. It is supposed to be fed a config file stating which
certificate to add/remove to/from the bundle, otherwise nothing fancy
(Oh, yes, running hooks after updating the bundle).

Since we do not need any of this in Buidlroot, we jsut generate a bundle
with all certificates unconditionally.

Reported-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-03 15:39:39 +02:00
Karoly Kasza
ac09a36c70 package/ca-certificates: bump to 20141019, update snapshot date & hash
Signed-off-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-25 11:26:30 +02:00
Jerzy Grzegorek
c7f4b96471 package: remove the trailing slash sign from <PKG>_SITE variable
Since the trailing slash is stripped from $($(PKG)_SITE) by pkg-generic.mk:

$(call DOWNLOAD,$($(PKG)_SITE:/=)/$($(PKG)_SOURCE))

so it is redundant.
This patch removes it from $(PKG)_SITE variable for BR consistency.

Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-31 23:17:46 +02:00
Yann E. MORIN
0b2264d3d4 package/ca-certificates: add tarball's hashes
ca-certificates contains sensitive security-related information,
and we want to ensure the archive that we download has not been
compromised.

Add the sha1 and sha256 hashes from Debian's packaging.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Martin Bark <martin@barkynet.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-07-04 23:40:55 +02:00
Yann E. MORIN
1015a2e1f5 package/ca-certificates: security bump to 20140223
Some new CA added, some removed.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Cc: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-03-26 11:00:19 +01:00
Martin Bark
beb24ce2b0 ca-certificates: new package
CA certificates used for SSL based applications.  The package installs CA
certificates to /usr/share/ca-certificates and creates symbolic links under
/etc/ssl/certs.  For example, the existing libcurl package will use these
certificates for https urls.  Based on the debian ca-certifcates package.

[Peter: fixup comments as pointed out by Yann]
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-01-12 21:02:33 +01:00