parent
9019823f3e
commit
0b4c559941
@ -0,0 +1 @@
|
||||
DIST ca-espdrt-certificates-2022.11.25_root.cer 1017 BLAKE2B 06a22b5e1038d8df25b719f108ca42cd4db1585659bb398d824f26eb88798274ad3d18594be94e323a6420b65e524db73f5bc217cd0ca27726fe439a88554ca8 SHA512 b56f40cc45f6683c2fa3242bb7c51bb0ce0fd58acd3065c24c4054aab482f1477c295cc8c1437abb4664fa215e3057ec23912c49b5256ba629142cfdd142880b
|
@ -0,0 +1,96 @@
|
||||
# Copyright 1999-2022 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
EAPI=7
|
||||
|
||||
DESCRIPTION="Установка корневого сертификата для проекта ЕСПД Цифровая экономика"
|
||||
HOMEPAGE="https://espd.wifi.rt.ru/settings/cert-install"
|
||||
|
||||
SRC_URI="
|
||||
https://espd.wifi.rt.ru/docs/ca-root.crt -> ${P}_root.cer
|
||||
"
|
||||
|
||||
LICENSE=""
|
||||
SLOT="0"
|
||||
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
|
||||
IUSE=""
|
||||
|
||||
RESTRICT="bindist mirror strip"
|
||||
|
||||
S="${WORKDIR}"
|
||||
|
||||
CA=usr/local/share/ca-certificates
|
||||
ESPD_TR_R=${P}_root.crt
|
||||
|
||||
ESPD_TR_R_NAME=" CA Root Social Objects - PJSC \"Rostelecom\""
|
||||
|
||||
## Ассоциативный массив {имя сертификата:файл}
|
||||
declare -A massiv
|
||||
massiv[${ESPD_TR_R_NAME}]=${ESPD_TR_R}
|
||||
|
||||
src_prepare() {
|
||||
mkdir -p ${CA} || die
|
||||
default
|
||||
}
|
||||
|
||||
src_install() {
|
||||
mv * "${D}" || die
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
if [[ -d "/usr/local/share/ca-certificates" ]] ; then
|
||||
# If the user has local certs, we need to rebuild again
|
||||
# to include their stuff in the db.
|
||||
# However it's too overzealous when the user has custom certs in place.
|
||||
# --fresh is to clean up dangling symlinks
|
||||
/usr/sbin/update-ca-certificates --root "${ROOT}"
|
||||
fi
|
||||
|
||||
|
||||
# Установка для браузеров
|
||||
|
||||
# Создаём базу nssdb для системы
|
||||
mkdir -p /etc/pki/nssdb || die
|
||||
|
||||
nssdir=$(find /home/ -name "cert9.db")
|
||||
nssdir+=$'\n/etc/pki/nssdb/cert9.db'
|
||||
|
||||
for certDB in ${nssdir}
|
||||
do
|
||||
certdir=$(dirname ${certDB});
|
||||
|
||||
for k in "${!massiv[@]}"; do
|
||||
certutil -A -n "${k}" -t "CTu,Cu,Cu" -i /${CA}/${massiv[$k]} -d sql:${certdir};
|
||||
done
|
||||
done
|
||||
|
||||
if [[ -n "$(find -L /etc/ssl/certs/ -type l)" ]] ; then
|
||||
ewarn "Removing the following broken symlinks:"
|
||||
ewarn "$(find -L /etc/ssl/certs/ -type l -printf '%p -> %l\n' -delete)"
|
||||
fi
|
||||
}
|
||||
|
||||
pkg_prerm() {
|
||||
# Удаляем сертификаты
|
||||
rm -f /usr/local/share/ca-certificates/${P}_{root}.crt
|
||||
|
||||
if [[ -d "/usr/local/share/ca-certificates" ]] ; then
|
||||
# If the user has local certs, we need to rebuild again
|
||||
# to include their stuff in the db.
|
||||
# However it's too overzealous when the user has custom certs in place.
|
||||
# --fresh is to clean up dangling symlinks
|
||||
/usr/sbin/update-ca-certificates --root "${ROOT}"
|
||||
fi
|
||||
|
||||
nssdir=$(find /home/ -name "cert9.db")
|
||||
nssdir+=$'\n/etc/pki/nssdb/cert9.db'
|
||||
|
||||
for certDB in ${nssdir}
|
||||
do
|
||||
certdir=$(dirname ${certDB});
|
||||
|
||||
for k in "${!massiv[@]}"; do
|
||||
certutil -D -n /${CA}"${k}" -d sql:${certdir};
|
||||
done
|
||||
done
|
||||
}
|
Loading…
Reference in new issue