the Fink project is an effort to port
popular Unix programs to Mac OS X
Package: ca-roots
Version: 1.1
Epoch: 1
Revision: 1
BuildDepends: fink (>= 0.24.12-1)
Depends: multi-c-rehash
RuntimeVars: SSL_CERT_DIR: %p/etc/ssl/certs
Source: ftp://ftp.ring.gr.jp/pub/net/www/mozilla/firefox/releases/3.0.7/source/firefox-3.0.7-source.tar.bz2
Source-MD5: 9875c9237b532009df8e91c3785539a3
SourceDirectory: mozilla
PatchFile: %n.patch
PatchFile-MD5: 1972d6f2958b92c975528a13adf2cd74
CompileScript: cd %n && make
InstallScript: <<
install -m 755 -d %i/etc/ssl/certs
install -m 644 %n/firefox-builtin.pem %i/etc/ssl/certs/
<<
PostInstScript: multi_c_rehash -certonly %p/etc/ssl/certs
PostRmScript: test -d %p/etc/ssl/certs && multi_c_rehash -certonly %p/etc/ssl/certs
DocFiles: %n/README.fink.txt
Description: List of SSL CA root certificates
DescDetail: <<
This package simply contains a list of SSL Certificate Authority root
certificates. Such a list performs a similar role for SSL Certificate
verfication that the root cache does for DNS servers.
Currently the list came from the Mozilla Firefox distribution.
<<
License: OSI-Approved
Maintainer: AIDA Shinra
diff -Nru mozilla.orig/ca-roots/Makefile mozilla/ca-roots/Makefile
--- mozilla.orig/ca-roots/Makefile Thu Jan 1 09:00:00 1970
+++ mozilla/ca-roots/Makefile Thu Mar 31 01:27:38 2005
@@ -0,0 +1,12 @@
+CERTDATA = ../security/nss/lib/ckfw/builtins/certdata.txt
+
+all: firefox-builtin.pem
+
+firefox-builtin.pem: mozconv.awk oct2bin $(CERTDATA)
+ awk -f mozconv.awk $(CERTDATA) > $@
+
+oct2bin: oct2bin.c
+ gcc -Wall -o $@ $<
+
+clean:
+ rm -f *.tmp oct2bin firefox-builtin.pem
diff -Nru mozilla.orig/ca-roots/README.fink.txt mozilla/ca-roots/README.fink.txt
--- mozilla.orig/ca-roots/README.fink.txt Thu Jan 1 09:00:00 1970
+++ mozilla/ca-roots/README.fink.txt Thu Mar 31 01:28:14 2005
@@ -0,0 +1,14 @@
+The "ca-roots" package contains a list of SSL Certificate Authority root
+certificates. Such a list performs a similar role for SSL Certificate
+verfication that the root cache does for DNS servers.
+
+Currently this package contains only the list came from the Mozilla Firefox
+distribution. Possibly I should have included other lists such as Brazillian
+Government Certificate. Debian's "ca-certificates" package contains extra
+lists in addition to Mozilla Suite's. However, their license is not clear.
+More precisely, it is not clear even whether they are softwares protected
+by copyright. In contrast, Fink Package Policy demands to make package's
+licence clear. That is why I included only Firefox's certificates,
+which explicitly claims MPL/GPL.
+
+AIDA Shinra
diff -Nru mozilla.orig/ca-roots/mozconv.awk mozilla/ca-roots/mozconv.awk
--- mozilla.orig/ca-roots/mozconv.awk Thu Jan 1 09:00:00 1970
+++ mozilla/ca-roots/mozconv.awk Thu Mar 31 01:31:35 2005
@@ -0,0 +1,39 @@
+#! /usr/bin/awk -f
+BEGIN {
+ octtmp="oct.tmp"
+ bintmp="bin.tmp"
+ # 0: normal 1: reading certdata
+ mode=0
+ system("rm -f " octtmp " " bintmp)
+}
+
+/^ *#/ { print $0; next }
+
+/^ *$/ { print $0; next }
+
+/^CVS_ID / { gsub(/\$/,""); print "#" $0; next }
+
+/^CKA_VALUE MULTILINE_OCTAL$/ { mode=1; next }
+
+/^END$/ {
+ if (mode == 1) {
+ close(octtmp)
+ print "-----BEGIN CERTIFICATE-----"
+ if (system("./oct2bin < " octtmp " > " bintmp))
+ exit(1)
+ if (system("uuencode -m " bintmp " foo | sed '1d;$d'"))
+ exit(1)
+ if (system("rm " octtmp " " bintmp))
+ exit(1)
+ print "-----END CERTIFICATE-----"
+ }
+ mode=0
+ next
+}
+
+mode == 1 {
+ # Don't add last newline
+ printf $0 >> octtmp
+ next
+}
+
diff -Nru mozilla.orig/ca-roots/oct2bin.c mozilla/ca-roots/oct2bin.c
--- mozilla.orig/ca-roots/oct2bin.c Thu Jan 1 09:00:00 1970
+++ mozilla/ca-roots/oct2bin.c Thu Mar 31 01:27:38 2005
@@ -0,0 +1,25 @@
+#include
+
+int main(void) {
+ char buf[4];
+ while (fread(buf, 1, 4, stdin) == 4) {
+ int val = 0;
+ if (buf[0] != '\\')
+ goto fail;
+ if (buf[1] < '0' || buf[1] > '3')
+ goto fail;
+ val |= ((int)buf[1] - '0') << 6;
+ if (buf[2] < '0' || buf[2] > '7')
+ goto fail;
+ val |= ((int)buf[2] - '0') << 3;
+ if (buf[3] < '0' || buf[3] > '7')
+ goto fail;
+ val |= ((int)buf[3] - '0');
+ putchar(val);
+ }
+ if (feof(stdin))
+ return 0;
+fail:
+ fputs("oct2bin: bad input\n", stderr);
+ return 1;
+}