From: Philipp Kern Date: Mon, 16 Jun 2008 15:19:52 +0000 (+0200) Subject: Remove debian/config from version tracking. X-Git-Url: https://git.donarmstrong.com/?p=ca-certificates.git;a=commitdiff_plain;h=c1b2b542650d11ee70ba638e2948c8d61472e259 Remove debian/config from version tracking. --- diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a09409b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +debian/config diff --git a/debian/config b/debian/config deleted file mode 100755 index 3658338..0000000 --- a/debian/config +++ /dev/null @@ -1,169 +0,0 @@ -#!/bin/sh -# $1 = action ('configure' or 'reconfigure') -# $2 = current-installed-version -set -e - -action="$1" -cur_version="$2" -this_version='20080411' - -if test -f /etc/ca-certificates.conf; then - CERTSCONF=/etc/ca-certificates.conf -else - CERTSCONF=/dev/null -fi - -# CERTS_DISABLED: certs that user dont trust -CERTS_DISABLED=$(sed -ne 's/^!\(.*\)/\1/p' $CERTSCONF) - -# CERTS_TRUST: certs that user already trust -CERTS_TRUST=$(sed -e '/^#/d' -e '/^!/d' $CERTSCONF) - - -# CERTS_AVAILABLE: certs that user can choices -CERTS_AVAILABLE="" - -# CERTS_ENABLED: certs that user already trusted -CERTS_ENABLED="" - -# CERTS_LIST: certs that will be installed -CERTS_LIST="cacert.org/root.crt, cacert.org/class3.crt, telesec.de/deutsche-telekom-root-ca-2.crt, quovadis.bm/QuoVadis_Root_Certification_Authority.crt, brasil.gov.br/brasil.gov.br.crt, signet.pl/signet_pca2_pem.crt, signet.pl/signet_ca1_pem.crt, signet.pl/signet_ca3_pem.crt, signet.pl/signet_ca2_pem.crt, signet.pl/signet_rootca_pem.crt, signet.pl/signet_ocspklasa3_pem.crt, signet.pl/signet_ocspklasa2_pem.crt, signet.pl/signet_pca3_pem.crt, signet.pl/signet_tsa1_pem.crt, debconf.org/ca.crt, spi-inc.org/SPI_CA_2006-cacert.crt, spi-inc.org/spi-ca.crt, spi-inc.org/SPI2007-ca.crt, mozilla/Firmaprofesional_Root_CA.crt, mozilla/Comodo_AAA_Services_root.crt, mozilla/NetLock_Qualified_=Class_QA=_Root.crt, mozilla/SwissSign_Gold_CA_-_G2.crt, mozilla/Thawte_Personal_Freemail_CA.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt, mozilla/thawte_Primary_Root_CA.crt, mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt, mozilla/Thawte_Personal_Basic_CA.crt, mozilla/StartCom_Certification_Authority.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt, mozilla/Equifax_Secure_eBusiness_CA_1.crt, mozilla/Entrust.net_Global_Secure_Server_CA.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority.crt, mozilla/IPS_CLASE1_root.crt, mozilla/QuoVadis_Root_CA_2.crt, mozilla/Baltimore_CyberTrust_Root.crt, mozilla/America_Online_Root_Certification_Authority_1.crt, mozilla/NetLock_Notary_=Class_A=_Root.crt, mozilla/TURKTRUST_Certificate_Services_Provider_Root_2.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt, mozilla/GlobalSign_Root_CA.crt, mozilla/AddTrust_External_Root.crt, mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt, mozilla/Certplus_Class_2_Primary_CA.crt, mozilla/AOL_Time_Warner_Root_Certification_Authority_1.crt, mozilla/TC_TrustCenter__Germany__Class_2_CA.crt, mozilla/GeoTrust_Global_CA_2.crt, mozilla/Thawte_Time_Stamping_CA.crt, mozilla/AOL_Time_Warner_Root_Certification_Authority_2.crt, mozilla/GeoTrust_Universal_CA.crt, mozilla/COMODO_Certification_Authority.crt, mozilla/ValiCert_Class_2_VA.crt, mozilla/RSA_Root_Certificate_1.crt, mozilla/GTE_CyberTrust_Global_Root.crt, mozilla/Swisscom_Root_CA_1.crt, mozilla/AddTrust_Public_Services_Root.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt, mozilla/RSA_Security_2048_v3.crt, mozilla/SwissSign_Silver_CA_-_G2.crt, mozilla/Wells_Fargo_Root_CA.crt, mozilla/GeoTrust_Primary_Certification_Authority.crt, mozilla/Entrust.net_Secure_Personal_CA.crt, mozilla/Camerfirma_Global_Chambersign_Root.crt, mozilla/DigiCert_Assured_ID_Root_CA.crt, mozilla/Entrust.net_Global_Secure_Personal_CA.crt, mozilla/beTRUSTed_Root_CA-Baltimore_Implementation.crt, mozilla/Comodo_Trusted_Services_root.crt, mozilla/RSA_Security_1024_v3.crt, mozilla/Entrust.net_Secure_Server_CA.crt, mozilla/Secure_Global_CA.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_2.crt, mozilla/beTRUSTed_Root_CA.crt, mozilla/UTN_USERFirst_Object_Root_CA.crt, mozilla/Security_Communication_Root_CA.crt, mozilla/Camerfirma_Chambers_of_Commerce_Root.crt, mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt, mozilla/GTE_CyberTrust_Root_CA.crt, mozilla/Thawte_Premium_Server_CA.crt, mozilla/Verisign_RSA_Secure_Server_CA.crt, mozilla/AddTrust_Low-Value_Services_Root.crt, mozilla/SecureTrust_CA.crt, mozilla/Certum_Root_CA.crt, mozilla/Visa_International_Global_Root_2.crt, mozilla/GeoTrust_Global_CA.crt, mozilla/QuoVadis_Root_CA_3.crt, mozilla/beTRUSTed_Root_CA_-_Entrust_Implementation.crt, mozilla/UTN_USERFirst_Hardware_Root_CA.crt, mozilla/IPS_CLASEA3_root.crt, mozilla/Equifax_Secure_eBusiness_CA_2.crt, mozilla/TURKTRUST_Certificate_Services_Provider_Root_1.crt, mozilla/Comodo_Secure_Services_root.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt, mozilla/XRamp_Global_CA_Root.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Time_Stamping_Authority_CA.crt, mozilla/NetLock_Business_=Class_B=_Root.crt, mozilla/Staat_der_Nederlanden_Root_CA.crt, mozilla/beTRUSTed_Root_CA_-_RSA_Implementation.crt, mozilla/Equifax_Secure_CA.crt, mozilla/GlobalSign_Root_CA_-_R2.crt, mozilla/DigiCert_High_Assurance_EV_Root_CA.crt, mozilla/StartCom_Ltd..crt, mozilla/IPS_CLASEA1_root.crt, mozilla/UTN-USER_First-Network_Applications.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.crt, mozilla/IPS_Timestamping_root.crt, mozilla/AddTrust_Qualified_Certificates_Root.crt, mozilla/DST_Root_CA_X3.crt, mozilla/Sonera_Class_2_Root_CA.crt, mozilla/Thawte_Personal_Premium_CA.crt, mozilla/TDC_OCES_Root_CA.crt, mozilla/DST_ACES_CA_X6.crt, mozilla/America_Online_Root_Certification_Authority_2.crt, mozilla/ValiCert_Class_1_VA.crt, mozilla/Visa_eCommerce_Root.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt, mozilla/Equifax_Secure_Global_eBusiness_CA.crt, mozilla/SwissSign_Platinum_CA_-_G2.crt, mozilla/Thawte_Server_CA.crt, mozilla/TC_TrustCenter__Germany__Class_3_CA.crt, mozilla/Go_Daddy_Class_2_CA.crt, mozilla/IPS_Chained_CAs_root.crt, mozilla/TDC_Internet_Root_CA.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt, mozilla/DigiCert_Global_Root_CA.crt, mozilla/UTN_DATACorp_SGC_Root_CA.crt, mozilla/Starfield_Class_2_CA.crt, mozilla/Entrust_Root_Certification_Authority.crt, mozilla/QuoVadis_Root_CA.crt, mozilla/Sonera_Class_1_Root_CA.crt, mozilla/GeoTrust_Universal_CA_2.crt, mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt, mozilla/NetLock_Express_=Class_C=_Root.crt, mozilla/IPS_CLASE3_root.crt, mozilla/IPS_Servidores_root.crt, mozilla/UTN_USERFirst_Email_Root_CA.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_4.crt, mozilla/Taiwan_GRCA.crt" - -# CERTS_NEW: new certificates that will be installed -CERTS_NEW="" - -members() -{ - echo "$1" | tr ',' '\n' | sed -e 's/^[[:space:]]*//' | while read ca - do - if echo "$2" | grep -q "$ca" > /dev/null 2>&1; then - echo match - fi - done | grep -q match -} - -. /usr/share/debconf/confmodule || exit -db_version 2.0 -db_capb multiselect - -db_title "ca-certificates configuration" -db_input medium ca-certificates/trust_new_crts || true -db_go - -trust_new="yes" -if db_get ca-certificates/trust_new_crts; then - trust_new="$RET" -fi - -seen=false -if db_fget ca-certificates/enable_crts seen; then - seen="$RET" -fi -# XXX: in case reconfigure, force to select all available certificates -if test "$action" = "reconfigure" || test "$DEBCONF_RECONFIGURE" = "1"; then - seen=false - trust_new=no -fi - -if test -d /usr/share/ca-certificates; then - cd /usr/share/ca-certificates - crts=$( (find . -type f -name '*.crt' -print | sed -e 's/^\.\///'; \ - echo "$CERTS_LIST" | tr ',' '\n' | sed -e 's/^[[:space:]]*//') | \ - sort | uniq) - for crt in $crts - do - if test "$CERTS_AVAILABLE" = ""; then - CERTS_AVAILABLE="$crt" - else - CERTS_AVAILABLE="$CERTS_AVAILABLE, $crt" - fi - if echo "$CERTS_DISABLED" | grep -F -q -x "$crt" > /dev/null 2>&1; then - : # echo "I: ignore $crt" - elif echo "$CERTS_TRUST" | grep -F -q -x "$crt" > /dev/null 2>&1; then - # already trusted - if test "$CERTS_ENABLED" = ""; then - CERTS_ENABLED="$crt" - else - CERTS_ENABLED="$CERTS_ENABLED, $crt" - fi - else - # new certs? - if test "$trust_new" = "yes"; then - if test "$CERTS_ENABLED" = ""; then - CERTS_ENABLED="$crt" - else - CERTS_ENABLED="$CERTS_ENABLED, $crt" - fi - elif test "$trust_new" = "ask"; then - if test "$CERTS_NEW" = ""; then - CERTS_NEW="$crt" - else - CERTS_NEW="$CERTS_NEW, $crt" - fi - else - : # trust_new=no, default disabled - fi - fi - done -else - # initial installation - CERTS_AVAILABLE="$CERTS_LIST" - CERTS_ENABLED="$CERTS_AVAILABLE" - # XXX: ca-certificates/enable_crts should be used, so no need to ask new - # in this session - trust_new="yes" - CERTS_NEW="" -fi - -enable_crts="" -if db_get ca-certificates/enable_crts; then - enable_crts="$RET" -fi - -new_seen=false -if dpkg --compare-versions "$cur_version" lt 20040808; then - db_fset ca-certificates/new_crts seen false -fi -if db_fget ca-certificates/new_crts seen; then - new_seen="$RET" -fi -if members "$CERTS_NEW" "$enable_crts"; then - # already selected new_crts? - new_seen=true -fi -db_subst ca-certificates/new_crts new_crts "$CERTS_NEW" - -if test "$trust_new" = "ask" && test "$new_seen" = "true"; then - # XXX: run this again in postinst - CERTS_ENABLED="$enable_crts" -fi - -if test "$trust_new" = "ask" && test "$CERTS_NEW" != "" && test "$new_seen" = "false"; then - # New certificates added - db_fset ca-certificates/new_crts seen false - db_title "ca-certificates configuration" - db_input critical ca-certificates/new_crts || true - db_go - - if db_get ca-certificates/new_crts; then - if test "$CERTS_ENABLED" = ""; then - CERTS_ENABLED="$RET" - else - CERTS_ENABLED="$CERTS_ENABLED, $RET" - fi - fi - # XXX: old certificates keep current state? - seen=true -fi -# mark seen true, so that dont ask again while postinst -db_fset ca-certificates/new_crts seen true - -db_set ca-certificates/enable_crts "$CERTS_ENABLED" -db_subst ca-certificates/enable_crts enable_crts "$CERTS_AVAILABLE" -if test "$seen" != true; then - db_fset ca-certificates/enable_crts seen false -fi -db_title "ca-certificates configuration" -db_input low ca-certificates/enable_crts || true -db_go -exit 0