From 4719a6a01138563c83081cb2f8d21a9d239b06a0 Mon Sep 17 00:00:00 2001
From: André Fabian Silva Delgado <emulatorman@parabola.nu>
Date: Fri, 5 Sep 2014 06:32:31 -0300
Subject: ca-certificates-cacert: add changes based on cacert-dot-org for the
 current ca-certificates compatibility

---
 libre/ca-certificates-cacert/PKGBUILD              | 20 +++++++------------
 .../ca-certificates-cacert.install                 | 23 ++++++++++++++++++----
 2 files changed, 26 insertions(+), 17 deletions(-)

diff --git a/libre/ca-certificates-cacert/PKGBUILD b/libre/ca-certificates-cacert/PKGBUILD
index 444cded6f..324aae0d1 100644
--- a/libre/ca-certificates-cacert/PKGBUILD
+++ b/libre/ca-certificates-cacert/PKGBUILD
@@ -1,32 +1,26 @@
 # $Id: PKGBUILD 220625 2014-08-24 14:47:59Z heftig $
 # Maintainer (Arch): Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
+# Maintainer: André Silva <emulatorman@parabola.nu>
 
 pkgname=ca-certificates-cacert
 pkgver=20140824
-pkgrel=0.1.parabola1 # build with 0.x only and keep this package on [libre] temporally until which Arch official package be moved from [testing] to some stable repo
+pkgrel=0.1.parabola2 # build with 0.x only and keep this package on [libre] temporally until which Arch official package be moved from [testing] to some stable repo
 pkgdesc="CAcert.org root certificates"
 arch=(any)
 url="https://www.cacert.org/index.php?id=3"
 license=('custom:RDL')
 depends=(ca-certificates)
 install=ca-certificates-cacert.install
-source=(CAcert.org_root.crt::http://www.cacert.org/certs/root.crt
-        CAcert.org_class3.crt::http://www.cacert.org/certs/class3.crt
+source=(http://www.cacert.org/certs/root.crt
+        http://www.cacert.org/certs/class3.crt
         LICENSE)
 sha256sums=('c0e0773a79dceb622ef6410577c19c1e177fb2eb9c623a49340de3c9f1de2560'
             'f5badaa5da1cc05b110a9492455a2c2790d00c7175dcf3a7bcb5441af71bf84f'
             '2d9007a467e72d437ecfa13cc605c371e98a469f1aac4c890be74f953559833c')
 
-build() {
-  printf "cacert/%s\n" *.crt > cacert.conf
-}
-
 package() {
-  local _certdir="$pkgdir/usr/share/ca-certificates/cacert"
-  install -d "$_certdir"
-  install -t "$_certdir" -m644 *.crt
-
-  install -Dm644 cacert.conf "$pkgdir/etc/ca-certificates/conf.d/cacert.conf"
+    [[ "$(openssl x509 -noout -fingerprint -in root.crt)" == "SHA1 Fingerprint=13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33" ]] && install -Dm644 root.crt "${pkgdir}/usr/share/ca-certificates/cacert.org/cacert.org_root.crt"
+    [[ "$(openssl verify -CAfile root.crt -verbose class3.crt)" == "class3.crt: OK" ]] && install -Dm644 class3.crt "${pkgdir}/usr/share/ca-certificates/cacert.org/cacert.org_class3.crt"
 
-  install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+    install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
 }
diff --git a/libre/ca-certificates-cacert/ca-certificates-cacert.install b/libre/ca-certificates-cacert/ca-certificates-cacert.install
index 0edbb0d72..eb11f6607 100644
--- a/libre/ca-certificates-cacert/ca-certificates-cacert.install
+++ b/libre/ca-certificates-cacert/ca-certificates-cacert.install
@@ -1,11 +1,26 @@
 post_install() {
-  usr/bin/update-ca-certificates --fresh &>/dev/null
+    #UPDATE FILE NAMES IN ca-certificates.conf IF THEY'RE OUT OF DATE
+    [[ `grep -c "mozilla/cacert.org" /etc/ca-certificates.conf` -gt 0 ]] && sed -i 's/mozilla\/cacert\.org/cacert\.org\/cacert\.org/g' /etc/ca-certificates.conf
+    [[ `grep -c "cacert.org/cacert.org-" /etc/ca-certificates.conf` -gt 0 ]] && sed -i 's/cacert\.org\/cacert\.org-/cacert\.org\/cacert\.org_/g' /etc/ca-certificates.conf
+
+    #ADD THE CERTIFICATES TO ca-certificates.conf IF THEY'RE MISSING
+    [[ `grep -c "cacert.org/cacert.org_root.crt" /etc/ca-certificates.conf` -eq 0 ]] && echo "cacert.org/cacert.org_root.crt" >> /etc/ca-certificates.conf
+    [[ `grep -c "cacert.org/cacert.org_class3.crt" /etc/ca-certificates.conf` -eq 0 ]] && echo "cacert.org/cacert.org_class3.crt" >> /etc/ca-certificates.conf
+
+    #UPDATE THE CERTIFICATES BASED ON ca-certificates.conf
+    update-ca-certificates --fresh
 }
 
 post_upgrade() {
-  post_install
+    post_install
 }
 
-pre_remove() {
-  post_install
+post_remove() {
+    grep -v "cacert.org" /etc/ca-certificates.conf > /dev/shm/ca-certificates.conf.tmp
+    if [[ -s /dev/shm/ca-certificates.conf.tmp ]]; then
+        mv /dev/shm/ca-certificates.conf.tmp /etc/ca-certificates.conf
+        update-ca-certificates --fresh
+    else
+        echo "An error occurred that prevented the cacert.org certificates from being removed from /etc/ca-certificates.conf, please remove them manually, then run update-ca-certificates --fresh"
+    fi
 }
-- 
cgit v1.2.3