Skip to content

Commit

Permalink
Backport a change from Harmattan to handle the fact that /etc is a sy…
Browse files Browse the repository at this point in the history 
…mlink in Scratchbox

Add a tool and instructions for updating the root CA store
Update the root CA store to match the Mozilla certdata.txt file from the mozilla-central repositiory at revision 64df3815df9c
  • Loading branch information
@jonwil
jonwil committed Feb 8, 2016
1 parent a61b2e1 commit 9076865
Show file tree
Hide file tree
Showing 110 changed files with 1,839 additions and 1,094 deletions.
10 changes: 8 additions & 2 deletions bin/cli/cmcli.c
View file
Expand Up @@ -751,7 +751,7 @@ usage(void)
"-a <cert-file [<cert-file>...]> -i <pkcs12-file>\n"
"-v <cert-file|hostname:port>\n"
"-k <fingerprint> -r <key-id> -b <file>\n"
"[-DL] -d{d}* [-fe]\n"
"[-DLl] -d{d}* [-fe]\n"
" -T to load CA certificates from one or more shared domains\n"
" -t to load CA certificates from one or more private domains\n"
" -c to open/create a shared domain for modifications\n"
Expand All @@ -766,10 +766,12 @@ usage(void)
" -K to list private\n"
" -d, -dd... to increase level of debug info shown\n"
" -f to force an operation despite warnings\n"
" -l to not resolve symlinks (needed in scratchbox)\n"
" -e to echo added certificate ids to stdout\n"
);
}

extern int resolve_symlinks;

/**
* \brief The main program
Expand Down Expand Up @@ -799,7 +801,7 @@ main(int argc, char* argv[])
}

while (1) {
a = getopt(argc, argv, "T:t:c:p:a:i:v:k:r:DLKdfhseA:?j");
a = getopt(argc, argv, "T:t:c:p:a:i:v:k:r:DLKdfhsleA:?j");
if (a < 0) {
break;
}
Expand Down Expand Up @@ -876,6 +878,10 @@ main(int argc, char* argv[])
inspect_certificate(optarg);
break;

case 'l':
resolve_symlinks = 0;
break;

case 'a':
if (!my_domain) {
fprintf(stderr, "ERROR: must specify domain first\n");
Expand Down
10 changes: 10 additions & 0 deletions debian/changelog
View file
@@ -1,3 +1,13 @@
maemo-security-certman (0.2.4) unstable; urgency=low

Backport a change from Harmattan to handle the fact that /etc is a symlink
in Scratchbox
Add a tool and instructions for updating the root CA store
Update the root CA store to match the Mozilla certdata.txt file from
the mozilla-central repositiory at revision 64df3815df9c

-- Jonathan Wilson <jfwfreo@tpgi.com.au> Mon, 8 Feb 2016 07:41:40 -0500

maemo-security-certman (0.2.3) unstable; urgency=low

Change the order of VerSign root certificates, so "newer" certificate
Expand Down
34 changes: 0 additions & 34 deletions etc/certs/blacklist/182aa2c8d47a3f7bad048bbd6f9e10461378719d-1.pem
View file

This file was deleted.

31 changes: 0 additions & 31 deletions etc/certs/blacklist/408f39269c4c862399c65109a6e6f2c1fea7f6b7.pem
View file

This file was deleted.

27 changes: 27 additions & 0 deletions etc/certs/blacklist/44a489ab145f3d6f203caa7cfa19aef4486005b5.pem
View file
@@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIESTMAjjANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJD
TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMTUwMzE5
MDYyMDA5WhcNMTUwNDAzMDYyMDA5WjA8MQswCQYDVQQGEwJFRzETMBEGA1UECgwK
TUNTSE9MRElORzEYMBYGA1UEAwwPTUNTSE9MRElORyBURVNUMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl1DAau7gwRzZYzTWvOwEoMPV3r0ksJf+dH
LKxxAPkIrzTxo2rH/OarztC+ys0qmJi50I4zSQdhINFaNM6DFAZ5jhq/2+SgODru
lLmjoFg6iRSsYD4D1MfNOxywmogaSRCpsLL95ejhBOLqgm3+DFFFka11Iq7/T5AL
wFNldz4ewla1NsbWhcwOgxozH3aZWyuXK4vX0RQVTJ1Z14AvpKKF1Yg2AmBVyljf
k/xKYgeW08T6v40BJ5cvplx08TpCbl15FDAxGjzZsldN4Lg/D2kxop1lmdnWMYe1
mCbf8Mu7FcAkE2JSGmvLRQeX48SUXskNRyzpz+n0j/414TLnMQIDAQABo4IBpDCC
AaAwdgYIKwYBBQUHAQEEajBoMCkGCCsGAQUFBzABhh1odHRwOi8vb2NzcGNubmlj
cm9vdC5jbm5pYy5jbjA7BggrBgEFBQcwAoYvaHR0cDovL3d3dy5jbm5pYy5jbi9k
b3dubG9hZC9jZXJ0L0NOTklDUk9PVC5jZXIwHwYDVR0jBBgwFoAUZfIxrSr3991S
lgrHAsEO76bVOxEwDwYDVR0TAQH/BAUwAwEB/zA/BgNVHSAEODA2MDQGCisGAQQB
gekMAQYwJjAkBggrBgEFBQcCARYYaHR0cDovL3d3dy5jbm5pYy5jbi9jcHMvMIGG
BgNVHR8EfzB9MEKgQKA+pDwwOjELMAkGA1UEBhMCQ04xDjAMBgNVBAoMBUNOTklD
MQwwCgYDVQQLDANjcmwxDTALBgNVBAMMBGNybDEwN6A1oDOGMWh0dHA6Ly9jcmwu
Y25uaWMuY24vZG93bmxvYWQvcm9vdHNoYTJjcmwvQ1JMMS5jcmwwCwYDVR0PBAQD
AgEGMB0GA1UdDgQWBBREpImrFF89byA8qnz6Ga70SGAFtTANBgkqhkiG9w0BAQsF
AAOCAQEAXLT1U5tPueCEiTG+ni7qniFLpY9toabzL0jr6dutHjGA0Hk7EO+aJPeT
GzXzGsLHwiwKf29b8V9zkQT7DXkN6RoG1oP9TmCdbJJDTOpkmESr1/tH0K8fZEzi
3XdoFsIsoaCBlwBCH34geOjGUB0LfxWTWVhAFITwp5BrNgVn6n8ibbvRpSZNszCk
WNRbtRqMUIy4DeGgB7MPWM7XBbV9NXlvotsMACpoJIx+nMF2Sbp8ZhHe8kfO/tDO
Vb4I2vJ5JioVOc5rGKbf2IcomZQOLWihms5SNpwr7LRos2wVrMtwQvLEQaXI/CF4
U3cyIKkhTHLi07LJdhsYWEILQpKz5A==
-----END CERTIFICATE-----
27 changes: 0 additions & 27 deletions etc/certs/blacklist/4c08c98d76f198c73edf3cd72f750db1767997cc.pem
View file

This file was deleted.

31 changes: 0 additions & 31 deletions etc/certs/blacklist/64fb1b863db84af24482f9563dea26c0f4e3b334.pem
View file

This file was deleted.

34 changes: 0 additions & 34 deletions etc/certs/blacklist/864945fc331933d404ed2761eee801c90c7f2f7e-1.pem
View file

This file was deleted.

34 changes: 0 additions & 34 deletions etc/certs/blacklist/864945fc331933d404ed2761eee801c90c7f2f7e-2.pem
View file

This file was deleted.

31 changes: 0 additions & 31 deletions etc/certs/blacklist/abf968dfcf4a37d77b458c5f72de4044c365bbc2-1.pem
View file

This file was deleted.

29 changes: 0 additions & 29 deletions etc/certs/blacklist/abf968dfcf4a37d77b458c5f72de4044c365bbc2.pem
View file

This file was deleted.

2 comments on commit 9076865

@freemangordon
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please, split that into several commits - one for parse-certdata-txt.c, one for harm backport and at least one for certs update.

@jonwil
Copy link
Contributor Author

@jonwil jonwil commented on 9076865 Feb 11, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does it need to be split up exactly?

Please sign in to comment.