[pkg-java] r13591 - in tags/ca-certificates-java: . 20110425 20110425/debian
Torsten Werner
twerner at alioth.debian.org
Mon Apr 25 13:33:02 UTC 2011
Author: twerner
Date: 2011-04-25 13:33:01 +0000 (Mon, 25 Apr 2011)
New Revision: 13591
Added:
tags/ca-certificates-java/20110425/
tags/ca-certificates-java/20110425/UpdateCertificates.java
tags/ca-certificates-java/20110425/debian/NEWS
tags/ca-certificates-java/20110425/debian/README.Debian
tags/ca-certificates-java/20110425/debian/changelog
tags/ca-certificates-java/20110425/debian/copyright
tags/ca-certificates-java/20110425/debian/jks-keystore.hook
tags/ca-certificates-java/20110425/debian/postinst
Removed:
tags/ca-certificates-java/20110425/UpdateCertificates.java
tags/ca-certificates-java/20110425/debian/README.Debian
tags/ca-certificates-java/20110425/debian/changelog
tags/ca-certificates-java/20110425/debian/copyright
tags/ca-certificates-java/20110425/debian/jks-keystore.hook
tags/ca-certificates-java/20110425/debian/postinst
Log:
[svn-buildpackage] Tagging ca-certificates-java 20110425
Deleted: tags/ca-certificates-java/20110425/UpdateCertificates.java
===================================================================
--- trunk/ca-certificates-java/UpdateCertificates.java 2011-04-24 23:20:07 UTC (rev 13570)
+++ tags/ca-certificates-java/20110425/UpdateCertificates.java 2011-04-25 13:33:01 UTC (rev 13591)
@@ -1,149 +0,0 @@
-/*
- * Copyright (C) 2011 Torsten Werner <twerner at debian.org>
- *
- * This code is a re-implementation of the idea from Ludwig Nussel found in
- * http://gitorious.org/opensuse/ca-certificates/blobs/master/keystore.java
- * for the Debian operating system. It updates the global JVM keystore.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * version 2 as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
- */
-
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-
-public class UpdateCertificates {
- private static char[] password = null;
- private static KeyStore keystore = null;
- private static CertificateFactory certFactory = null;
-
- public static void main(String[] args) throws IOException, GeneralSecurityException {
- String passwordString = "changeit";
- if (args.length == 2 && args[0].equals("-storepass")) {
- passwordString = args[1];
- }
- else if (args.length > 0) {
- System.err.println("Usage: java UpdateCertificates [-storepass <password>]");
- System.exit(1);
- }
- password = passwordString.toCharArray();
- keystore = createKeyStore();
- certFactory = CertificateFactory.getInstance("X.509");
- processChanges(new InputStreamReader(System.in));
- writeKeyStore();
- }
-
- private static KeyStore createKeyStore() throws GeneralSecurityException, IOException {
- KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
- File certInputFile = new File ("/etc/ssl/certs/java/cacerts");
- FileInputStream certInputStream = null;
- if (certInputFile.canRead()) {
- certInputStream = new FileInputStream(certInputFile);
- }
- try {
- ks.load(certInputStream, password);
- }
- catch (IOException e) {
- System.err.println("Cannot open Java keystore. Is the password correct? Message:\n " +
- e.getMessage());
- System.exit(1);
- }
- if (certInputStream != null) {
- certInputStream.close();
- }
- return ks;
- }
-
- private static void processChanges(Reader reader)
- throws IOException, GeneralSecurityException {
- String line;
- BufferedReader bufferedStdinReader = new BufferedReader(reader);
- while((line = bufferedStdinReader.readLine()) != null) {
- parseLine(line);
- }
- }
-
- private static void deleteAlias(String alias) throws GeneralSecurityException {
- if (keystore.containsAlias(alias)) {
- System.out.println("Removing " + alias);
- keystore.deleteEntry(alias);
- }
- }
-
- private static void parseLine(String line)
- throws GeneralSecurityException, IOException {
- String path = line.substring(1);
- String filename = path.substring(path.lastIndexOf("/") + 1);
- String alias = "debian:" + filename;
- if(line.startsWith("+")) {
- Certificate cert = createCertificate(path);
- if (cert == null) {
- return;
- }
- if(keystore.containsAlias(alias)) {
- System.out.println("Replacing " + alias);
- keystore.deleteEntry(alias);
- }
- else {
- System.out.println("Adding " + alias);
- }
- keystore.setCertificateEntry(alias, cert);
- }
- else if (line.startsWith("-")) {
- deleteAlias(alias);
- // Remove old non-prefixed aliases, too. This code should be
- // removed after the release of Wheezy.
- deleteAlias(filename);
- }
- else {
- System.err.println("Unknown input: " + line);
- }
- }
-
- private static Certificate createCertificate(String path) {
- Certificate cert = null;
- try {
- FileInputStream certFile = new FileInputStream(path);
- cert = certFactory.generateCertificate(certFile);
- certFile.close();
- }
- catch (Exception e) {
- System.err.println("Warning: there was a problem reading the certificate file " +
- path + ". Message:\n " + e.getMessage());
- }
- return cert;
- }
-
- private static void writeKeyStore() throws GeneralSecurityException {
- try {
- FileOutputStream certOutputFile = new FileOutputStream("/etc/ssl/certs/java/cacerts");
- keystore.store(certOutputFile, password);
- certOutputFile.close();
- }
- catch (IOException e) {
- System.err.println("There was a problem saving the new Java keystore. Message:\n " +
- e.getMessage());
- System.exit(1);
- }
- }
-}
Copied: tags/ca-certificates-java/20110425/UpdateCertificates.java (from rev 13588, trunk/ca-certificates-java/UpdateCertificates.java)
===================================================================
--- tags/ca-certificates-java/20110425/UpdateCertificates.java (rev 0)
+++ tags/ca-certificates-java/20110425/UpdateCertificates.java 2011-04-25 13:33:01 UTC (rev 13591)
@@ -0,0 +1,150 @@
+/*
+ * Copyright (C) 2011 Torsten Werner <twerner at debian.org>
+ *
+ * This code is a re-implementation of the idea from Ludwig Nussel found in
+ * http://gitorious.org/opensuse/ca-certificates/blobs/master/keystore.java
+ * for the Debian operating system. It updates the global JVM keystore.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.Reader;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+
+public class UpdateCertificates {
+ private static char[] password = null;
+ private static KeyStore keystore = null;
+ private static CertificateFactory certFactory = null;
+
+ public static void main(String[] args) throws IOException, GeneralSecurityException {
+ String passwordString = "changeit";
+ if (args.length == 2 && args[0].equals("-storepass")) {
+ passwordString = args[1];
+ }
+ else if (args.length > 0) {
+ System.err.println("Usage: java UpdateCertificates [-storepass <password>]");
+ System.exit(1);
+ }
+ password = passwordString.toCharArray();
+ keystore = createKeyStore();
+ certFactory = CertificateFactory.getInstance("X.509");
+ processChanges(new InputStreamReader(System.in));
+ writeKeyStore();
+ }
+
+ private static KeyStore createKeyStore() throws GeneralSecurityException, IOException {
+ KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ File certInputFile = new File ("/etc/ssl/certs/java/cacerts");
+ FileInputStream certInputStream = null;
+ if (certInputFile.canRead()) {
+ certInputStream = new FileInputStream(certInputFile);
+ }
+ try {
+ ks.load(certInputStream, password);
+ }
+ catch (IOException e) {
+ System.err.println("Cannot open Java keystore. Is the password correct? Message:\n " +
+ e.getMessage());
+ System.exit(1);
+ }
+ if (certInputStream != null) {
+ certInputStream.close();
+ }
+ return ks;
+ }
+
+ private static void processChanges(Reader reader)
+ throws IOException, GeneralSecurityException {
+ String line;
+ BufferedReader bufferedStdinReader = new BufferedReader(reader);
+ while((line = bufferedStdinReader.readLine()) != null) {
+ parseLine(line);
+ }
+ }
+
+ private static void deleteAlias(String alias) throws GeneralSecurityException {
+ if (keystore.containsAlias(alias)) {
+ System.out.println("Removing " + alias);
+ keystore.deleteEntry(alias);
+ }
+ }
+
+ private static void parseLine(String line)
+ throws GeneralSecurityException, IOException {
+ String path = line.substring(1);
+ String filename = path.substring(path.lastIndexOf("/") + 1);
+ String alias = "debian:" + filename;
+ if(line.startsWith("+")) {
+ Certificate cert = createCertificate(path);
+ if (cert == null) {
+ return;
+ }
+ if(keystore.containsAlias(alias)) {
+ System.out.println("Replacing " + alias);
+ keystore.deleteEntry(alias);
+ }
+ else {
+ System.out.println("Adding " + alias);
+ }
+ keystore.setCertificateEntry(alias, cert);
+ }
+ else if (line.startsWith("-")) {
+ deleteAlias(alias);
+ // Remove old non-prefixed aliases, too. This code should be
+ // removed after the release of Wheezy.
+ deleteAlias(filename);
+ }
+ else {
+ System.err.println("Unknown input: " + line);
+ }
+ }
+
+ private static Certificate createCertificate(String path) {
+ Certificate cert = null;
+ try {
+ FileInputStream certFile = new FileInputStream(path);
+ cert = certFactory.generateCertificate(certFile);
+ certFile.close();
+ }
+ catch (Exception e) {
+ System.err.println("Warning: there was a problem reading the certificate file " +
+ path + ". Message:\n " + e.getMessage());
+ }
+ return cert;
+ }
+
+ private static void writeKeyStore() throws GeneralSecurityException {
+ try {
+ FileOutputStream certOutputFile = new FileOutputStream("/etc/ssl/certs/java/cacerts");
+ keystore.store(certOutputFile, password);
+ certOutputFile.close();
+ }
+ catch (IOException e) {
+ System.err.println("There was a problem saving the new Java keystore. Message:\n " +
+ e.getMessage());
+ System.exit(1);
+ }
+ }
+}
Copied: tags/ca-certificates-java/20110425/debian/NEWS (from rev 13589, trunk/ca-certificates-java/debian/NEWS)
===================================================================
--- tags/ca-certificates-java/20110425/debian/NEWS (rev 0)
+++ tags/ca-certificates-java/20110425/debian/NEWS 2011-04-25 13:33:01 UTC (rev 13591)
@@ -0,0 +1,8 @@
+ca-certificates-java (20110425) unstable; urgency=low
+
+ The package will add a prefix 'debian:' to the aliases in the keystore from
+ now on. Old entries will be removed during the update but other local
+ changes will be kept. A backup of the old keystore can be found in
+ /etc/ssl/certs/java/cacerts.dpkg-old.
+
+ -- Torsten Werner <twerner at debian.org> Mon, 25 Apr 2011 15:18:22 +0200
Deleted: tags/ca-certificates-java/20110425/debian/README.Debian
===================================================================
--- trunk/ca-certificates-java/debian/README.Debian 2011-04-24 23:20:07 UTC (rev 13570)
+++ tags/ca-certificates-java/20110425/debian/README.Debian 2011-04-25 13:33:01 UTC (rev 13591)
@@ -1,15 +0,0 @@
-ca-certificates-java for Debian
--------------------------------
-
-This package uses the hooks of the ca-certificates package to update the
-JKS keystore used for many java runtimes. The alias used to store the
-certificate is the basename without the trailing '.crt', with all uppercase
-letters translated to lowercase letters, and all repeated non alphanumeric
-characters replaced and squeezed by a single `_'.
-
-Could be part of ca-certificates, if openjdk is in main.
-
-ca-certificates-java doesn't automagically handle local certificates,
-although these are not overwritten on updates.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000
Copied: tags/ca-certificates-java/20110425/debian/README.Debian (from rev 13590, trunk/ca-certificates-java/debian/README.Debian)
===================================================================
--- tags/ca-certificates-java/20110425/debian/README.Debian (rev 0)
+++ tags/ca-certificates-java/20110425/debian/README.Debian 2011-04-25 13:33:01 UTC (rev 13591)
@@ -0,0 +1,15 @@
+ca-certificates-java for Debian
+-------------------------------
+
+This package uses the hooks of the ca-certificates package to update the JKS
+keystore /etc/ssl/certs/java/cacerts used for many java runtimes. The alias used
+to store the certificate is the basename prefixed with 'debian:'. It will import
+all *.pem files found in /etc/ssl/certs during its first installation.
+
+ca-certificates-java doesn't automagically handle local certificates,
+although these are not overwritten on updates.
+
+A full re-import can be triggered with the command 'update-ca-certificates -f'
+if needed.
+
+ -- Torsten Werner <twerner at debian.org> Mon, 25 Apr 2011 15:18:22 +0200
Deleted: tags/ca-certificates-java/20110425/debian/changelog
===================================================================
--- trunk/ca-certificates-java/debian/changelog 2011-04-24 23:20:07 UTC (rev 13570)
+++ tags/ca-certificates-java/20110425/debian/changelog 2011-04-25 13:33:01 UTC (rev 13591)
@@ -1,115 +0,0 @@
-ca-certificates-java (20110425) unstable; urgency=low
-
- UNRELEASED
- * Add Java code to update the keystore. (Closes: #623671)
- * Change Maintainer to Debian Java Maintainers and add myself to Uploaders.
- * Update Build-Depends.
- * Replace old inconsistent keystore aliases. (Closes: #623888)
-
- -- Torsten Werner <twerner at debian.org> Mon, 25 Apr 2011 01:17:00 +0200
-
-ca-certificates-java (20100412) unstable; urgency=low
-
- * Upload to unstable.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 12 Apr 2010 03:15:47 +0200
-
-ca-certificates-java (20100406ubuntu1) lucid; urgency=low
-
- * Make the installation and import of certificates more robust,
- if the NSS based security provider is disabled or not built.
-
- -- Matthias Klose <doko at ubuntu.com> Sun, 11 Apr 2010 20:54:43 +0200
-
-ca-certificates-java (20100406) unstable; urgency=low
-
- * Explicitely fail the installation, if /proc is not mounted.
- Currently required by the java tools, changed in OpenJDK7.
- Closes: #576453. LP: #556044.
- * Print name of JVM in case of errors.
- * Set priority to optional, set section to java. Closes: #566855.
- * Remove /etc/ssl/certs on package purge, if empty. Closes: #566853.
-
- -- Matthias Klose <doko at debian.org> Tue, 06 Apr 2010 21:41:39 +0200
-
-ca-certificates-java (20091021) unstable; urgency=low
-
- * Clarify output for keytool errors (although it shouldnn't be
- necessary anymore). Closes: #540490.
-
- -- Matthias Klose <doko at ubuntu.com> Wed, 21 Oct 2009 22:00:53 +0200
-
-ca-certificates-java (20090928) karmic; urgency=low
-
- * Rebuild with OpenJDK supporting PKCS11 cryptography, rebuild with
- ca-certificates 20090814.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 28 Sep 2009 16:47:09 +0200
-
-ca-certificates-java (20090629) unstable; urgency=low
-
- * debian/rules, debian/postinst, debian/jks-keystore.hook: Filter out
- SHA384withECDSA certificates since keytool won't support them.
- LP: #392104, closes: #534520.
- * Fix typo in hook. Closes: #534533.
- * Use java6-runtime-headless as alternative dependency. Closes: #512293.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 29 Jun 2009 11:27:59 +0200
-
-ca-certificates-java (20081028) unstable; urgency=low
-
- * Ignore LANG and LC_ALL setting when running keytool. LP: #289934.
-
- -- Matthias Klose <doko at debian.org> Tue, 28 Oct 2008 07:20:16 +0100
-
-ca-certificates-java (20081027) unstable; urgency=medium
-
- * Merge from Ubuntu:
- - Don't try to import certificates, which are listed in
- /etc/ca-certificates.conf, but not available on the system.
- Just warn about those. LP: #289091.
- - Need to run keytool, when the jre is unpacked, but not yet configured.
- Create a temporary jvm.cfg for the time in that postinst and the
- jks-keystore.hook are run, and remove it afterwards. LP: #289199.
-
- -- Matthias Klose <doko at debian.org> Mon, 27 Oct 2008 13:58:14 +0100
-
-ca-certificates-java (20081024) unstable; urgency=low
-
- * Install /etc/default/cacerts with mode 600.
-
- -- Matthias Klose <doko at debian.org> Fri, 24 Oct 2008 15:10:48 +0200
-
-ca-certificates-java (20081022) unstable; urgency=low
-
- * debian/jks-keystore.hook:
- - Don't stop after first error during the update. LP: #244412.
- Closes: #489748.
- - Call keytool with -noprompt.
- * On initial install, add locally added certificates. LP: #244410.
- Closes: #489748.
- * Install /etc/default/cacerts to set options:
- - storepass, holding the password for the keystore.
- - updates, to enable/disable updates of the keystore.
- * Only use the keytool command from OpenJDK or Sun Java. Closes: #496587.
-
- -- Matthias Klose <doko at ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200
-
-ca-certificates-java (20080712) unstable; urgency=low
-
- * Upload to main.
-
- -- Matthias Klose <doko at ubuntu.com> Sat, 12 Jul 2008 12:19:00 +0200
-
-ca-certificates-java (20080711) unstable; urgency=low
-
- * debian/jks-keystore.hook: Fix typo. Closes: #489747, LP: #244408.
-
- -- Matthias Klose <doko at ubuntu.com> Fri, 11 Jul 2008 20:38:04 +0200
-
-ca-certificates-java (20080514) unstable; urgency=low
-
- * Initial release.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000
-
Copied: tags/ca-certificates-java/20110425/debian/changelog (from rev 13590, trunk/ca-certificates-java/debian/changelog)
===================================================================
--- tags/ca-certificates-java/20110425/debian/changelog (rev 0)
+++ tags/ca-certificates-java/20110425/debian/changelog 2011-04-25 13:33:01 UTC (rev 13591)
@@ -0,0 +1,118 @@
+ca-certificates-java (20110425) unstable; urgency=low
+
+ * Add Java code to update the keystore and support UTF-8 encoded filenames.
+ (Closes: #607245, #623671)
+ * Change Maintainer to Debian Java Maintainers and add myself to Uploaders.
+ * Update Build-Depends.
+ * Replace old inconsistent keystore aliases. (Closes: #623888)
+ * Add support for openjdk-7 and remove support for old cacao VM.
+ * Add a NEWS file explaining the update.
+ * Update README.Debian.
+
+ -- Torsten Werner <twerner at debian.org> Mon, 25 Apr 2011 15:28:55 +0200
+
+ca-certificates-java (20100412) unstable; urgency=low
+
+ * Upload to unstable.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 12 Apr 2010 03:15:47 +0200
+
+ca-certificates-java (20100406ubuntu1) lucid; urgency=low
+
+ * Make the installation and import of certificates more robust,
+ if the NSS based security provider is disabled or not built.
+
+ -- Matthias Klose <doko at ubuntu.com> Sun, 11 Apr 2010 20:54:43 +0200
+
+ca-certificates-java (20100406) unstable; urgency=low
+
+ * Explicitely fail the installation, if /proc is not mounted.
+ Currently required by the java tools, changed in OpenJDK7.
+ Closes: #576453. LP: #556044.
+ * Print name of JVM in case of errors.
+ * Set priority to optional, set section to java. Closes: #566855.
+ * Remove /etc/ssl/certs on package purge, if empty. Closes: #566853.
+
+ -- Matthias Klose <doko at debian.org> Tue, 06 Apr 2010 21:41:39 +0200
+
+ca-certificates-java (20091021) unstable; urgency=low
+
+ * Clarify output for keytool errors (although it shouldnn't be
+ necessary anymore). Closes: #540490.
+
+ -- Matthias Klose <doko at ubuntu.com> Wed, 21 Oct 2009 22:00:53 +0200
+
+ca-certificates-java (20090928) karmic; urgency=low
+
+ * Rebuild with OpenJDK supporting PKCS11 cryptography, rebuild with
+ ca-certificates 20090814.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 28 Sep 2009 16:47:09 +0200
+
+ca-certificates-java (20090629) unstable; urgency=low
+
+ * debian/rules, debian/postinst, debian/jks-keystore.hook: Filter out
+ SHA384withECDSA certificates since keytool won't support them.
+ LP: #392104, closes: #534520.
+ * Fix typo in hook. Closes: #534533.
+ * Use java6-runtime-headless as alternative dependency. Closes: #512293.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 29 Jun 2009 11:27:59 +0200
+
+ca-certificates-java (20081028) unstable; urgency=low
+
+ * Ignore LANG and LC_ALL setting when running keytool. LP: #289934.
+
+ -- Matthias Klose <doko at debian.org> Tue, 28 Oct 2008 07:20:16 +0100
+
+ca-certificates-java (20081027) unstable; urgency=medium
+
+ * Merge from Ubuntu:
+ - Don't try to import certificates, which are listed in
+ /etc/ca-certificates.conf, but not available on the system.
+ Just warn about those. LP: #289091.
+ - Need to run keytool, when the jre is unpacked, but not yet configured.
+ Create a temporary jvm.cfg for the time in that postinst and the
+ jks-keystore.hook are run, and remove it afterwards. LP: #289199.
+
+ -- Matthias Klose <doko at debian.org> Mon, 27 Oct 2008 13:58:14 +0100
+
+ca-certificates-java (20081024) unstable; urgency=low
+
+ * Install /etc/default/cacerts with mode 600.
+
+ -- Matthias Klose <doko at debian.org> Fri, 24 Oct 2008 15:10:48 +0200
+
+ca-certificates-java (20081022) unstable; urgency=low
+
+ * debian/jks-keystore.hook:
+ - Don't stop after first error during the update. LP: #244412.
+ Closes: #489748.
+ - Call keytool with -noprompt.
+ * On initial install, add locally added certificates. LP: #244410.
+ Closes: #489748.
+ * Install /etc/default/cacerts to set options:
+ - storepass, holding the password for the keystore.
+ - updates, to enable/disable updates of the keystore.
+ * Only use the keytool command from OpenJDK or Sun Java. Closes: #496587.
+
+ -- Matthias Klose <doko at ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200
+
+ca-certificates-java (20080712) unstable; urgency=low
+
+ * Upload to main.
+
+ -- Matthias Klose <doko at ubuntu.com> Sat, 12 Jul 2008 12:19:00 +0200
+
+ca-certificates-java (20080711) unstable; urgency=low
+
+ * debian/jks-keystore.hook: Fix typo. Closes: #489747, LP: #244408.
+
+ -- Matthias Klose <doko at ubuntu.com> Fri, 11 Jul 2008 20:38:04 +0200
+
+ca-certificates-java (20080514) unstable; urgency=low
+
+ * Initial release.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000
+
Deleted: tags/ca-certificates-java/20110425/debian/copyright
===================================================================
--- trunk/ca-certificates-java/debian/copyright 2011-04-24 23:20:07 UTC (rev 13570)
+++ tags/ca-certificates-java/20110425/debian/copyright 2011-04-25 13:33:01 UTC (rev 13591)
@@ -1,15 +0,0 @@
-This package was debianized by Matthias Klose <doko at ubuntu.com>
-on Mon, 02 Jun 2008 14:52:46 +0000.
-
-Upstream Author:
-
- Matthias Klose <doko at ubuntu.com>
-
-Copyright:
-
- <Copyright (C) 2008 Canonical Ltd>
-
-License:
-
-The Debian package is (C) 2008, Canonical Ltd and
-is licensed under the GPL, see `/usr/share/common-licenses/GPL'.
Copied: tags/ca-certificates-java/20110425/debian/copyright (from rev 13588, trunk/ca-certificates-java/debian/copyright)
===================================================================
--- tags/ca-certificates-java/20110425/debian/copyright (rev 0)
+++ tags/ca-certificates-java/20110425/debian/copyright 2011-04-25 13:33:01 UTC (rev 13591)
@@ -0,0 +1,18 @@
+This package was debianized by Matthias Klose <doko at ubuntu.com>
+on Mon, 02 Jun 2008 14:52:46 +0000.
+
+Authors:
+
+ Matthias Klose <doko at ubuntu.com>
+ Torsten Werner <twerner at debian.org>
+
+Copyright:
+
+ Copyright (C) 2008 Canonical Ltd
+ Copyright (C) 2011 Torsten Werner <twerner at debian.org>
+
+License:
+
+The Debian package is (C) 2008, Canonical Ltd and (C) 2011, Torsten Werner
+<twerner at debian.org> and is licensed under the GPL, see
+`/usr/share/common-licenses/GPL'.
Deleted: tags/ca-certificates-java/20110425/debian/jks-keystore.hook
===================================================================
--- trunk/ca-certificates-java/debian/jks-keystore.hook 2011-04-24 23:20:07 UTC (rev 13570)
+++ tags/ca-certificates-java/20110425/debian/jks-keystore.hook 2011-04-25 13:33:01 UTC (rev 13591)
@@ -1,49 +0,0 @@
-#! /bin/sh
-
-set -e
-
-storepass='changeit'
-if [ -f /etc/default/cacerts ]; then
- . /etc/default/cacerts
-fi
-
-echo ""
-if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then
- echo "updates of cacerts keystore disabled."
- exit 0
-fi
-
-# Do we still need it? TODO: check that.
-if ! mountpoint -q /proc; then
- echo >&2 "the keytool command requires a mounted proc fs (/proc)."
- exit 1
-fi
-
-for jvm in java-6-openjdk java-7-openjdk java-6-sun; do
- if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
- break
- fi
-done
-export JAVA_HOME=/usr/lib/jvm/$jvm
-PATH=$JAVA_HOME/bin:$PATH
-
-temp_jvm_cfg=
-if [ ! -f /etc/$jvm/jvm.cfg ]; then
- # the jre is not yet configured, but jvm.cfg is needed to run it
- temp_jvm_cfg=/etc/$jvm/jvm.cfg
- mkdir -p /etc/$jvm
- printf -- "-server KNOWN\n" > $temp_jvm_cfg
-fi
-
-CLASSPATH=/usr/share/ca-certificates-java
-export CLASSPATH
-
-java UpdateCertificates -storepass "$storepass"
-
-[ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
-
-if [ $errors -gt 0 ]; then
- echo >&2 "failed (VM used: $jvm)."
- exit 1
-fi
-echo "done."
Copied: tags/ca-certificates-java/20110425/debian/jks-keystore.hook (from rev 13583, trunk/ca-certificates-java/debian/jks-keystore.hook)
===================================================================
--- tags/ca-certificates-java/20110425/debian/jks-keystore.hook (rev 0)
+++ tags/ca-certificates-java/20110425/debian/jks-keystore.hook 2011-04-25 13:33:01 UTC (rev 13591)
@@ -0,0 +1,44 @@
+#! /bin/sh
+
+set -e
+
+storepass='changeit'
+if [ -f /etc/default/cacerts ]; then
+ . /etc/default/cacerts
+fi
+
+echo ""
+if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then
+ echo "updates of cacerts keystore disabled."
+ exit 0
+fi
+
+if ! mountpoint -q /proc; then
+ echo >&2 "the keytool command requires a mounted proc fs (/proc)."
+ exit 1
+fi
+
+for jvm in java-6-openjdk java-7-openjdk java-6-sun; do
+ if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
+ break
+ fi
+done
+export JAVA_HOME=/usr/lib/jvm/$jvm
+PATH=$JAVA_HOME/bin:$PATH
+
+temp_jvm_cfg=
+if [ ! -f /etc/$jvm/jvm.cfg ]; then
+ # the jre is not yet configured, but jvm.cfg is needed to run it
+ temp_jvm_cfg=/etc/$jvm/jvm.cfg
+ mkdir -p /etc/$jvm
+ printf -- "-server KNOWN\n" > $temp_jvm_cfg
+fi
+
+CLASSPATH=/usr/share/ca-certificates-java
+export CLASSPATH
+
+java UpdateCertificates -storepass "$storepass"
+
+[ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
+
+echo "done."
Deleted: tags/ca-certificates-java/20110425/debian/postinst
===================================================================
--- trunk/ca-certificates-java/debian/postinst 2011-04-24 23:20:07 UTC (rev 13570)
+++ tags/ca-certificates-java/20110425/debian/postinst 2011-04-25 13:33:01 UTC (rev 13591)
@@ -1,92 +0,0 @@
-#!/bin/bash
-
-set -e
-
-storepass='changeit'
-if [ -f /etc/default/cacerts ]; then
- . /etc/default/cacerts
-fi
-
-setup_path()
-{
- for jvm in java-6-openjdk java-7-openjdk java-6-sun; do
- if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
- break
- fi
- done
- export JAVA_HOME=/usr/lib/jvm/$jvm
- PATH=$JAVA_HOME/bin:$PATH
-
- CLASSPATH=/usr/share/ca-certificates-java
- export CLASSPATH
-}
-
-first_install()
-{
- find /etc/ssl/certs -name \*.pem | \
- while read filename; do
- alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _)
- alias=${alias%*_}
- if [ -n "$FIXOLD" ]; then
- echo "-${alias}"
- echo "-${alias}_pem"
- fi
- echo "+${filename}"
- done | \
- java UpdateCertificates -storepass "$storepass"
- if [ $errors -gt 0 ]; then
- echo >&2 "failed (VM used: $jvm)."
- [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
- exit 1
- fi
- echo "done."
- )
-}
-
-case "$1" in
- configure)
- if dpkg --compare-versions "$2" le "20100412"; then
- FIXOLD="true"
- cp -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old
- fi
- if [ -z "$2" -o -n "$FIXOLD" ]; then
- setup_path
-
- # TODO: check if we really need it
- if ! mountpoint -q /proc; then
- echo >&2 "the keytool command requires a mounted proc fs (/proc)."
- exit 1
- fi
-
- if [ ! -f /etc/$jvm/jvm.cfg ]; then
- # the jre is not yet configured, but jvm.cfg is needed to run it
- temp_jvm_cfg=/etc/$jvm/jvm.cfg
- mkdir -p /etc/$jvm
- printf -- "-server KNOWN\n" > $temp_jvm_cfg
- fi
-
- # on first install, remove certs untrusted by the
- # user/admininstrator, add locally added certs
- echo "creating $KEYSTORE..."
- cp /usr/share/ca-certificates-java/cacerts $KEYSTORE
- first_install
-
- [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
- fi
- chmod 600 /etc/default/cacerts || true
- ;;
-
- abort-upgrade|abort-remove|abort-deconfigure)
- ;;
-
- *)
- echo "postinst called with unknown argument \`$1'" >&2
- exit 1
- ;;
-esac
-
-#DEBHELPER#
-
-exit 0
-
-
Copied: tags/ca-certificates-java/20110425/debian/postinst (from rev 13583, trunk/ca-certificates-java/debian/postinst)
===================================================================
--- tags/ca-certificates-java/20110425/debian/postinst (rev 0)
+++ tags/ca-certificates-java/20110425/debian/postinst 2011-04-25 13:33:01 UTC (rev 13591)
@@ -0,0 +1,81 @@
+#!/bin/bash
+
+set -e
+
+storepass='changeit'
+if [ -f /etc/default/cacerts ]; then
+ . /etc/default/cacerts
+fi
+
+setup_path()
+{
+ for jvm in java-6-openjdk java-7-openjdk java-6-sun; do
+ if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
+ break
+ fi
+ done
+ export JAVA_HOME=/usr/lib/jvm/$jvm
+ PATH=$JAVA_HOME/bin:$PATH
+
+ CLASSPATH=/usr/share/ca-certificates-java
+ export CLASSPATH
+}
+
+first_install()
+{
+ find /etc/ssl/certs -name \*.pem | \
+ while read filename; do
+ alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _)
+ alias=${alias%*_}
+ if [ -n "$FIXOLD" ]; then
+ echo "-${alias}"
+ echo "-${alias}_pem"
+ fi
+ echo "+${filename}"
+ done | \
+ java UpdateCertificates -storepass "$storepass"
+ echo "done."
+}
+
+case "$1" in
+ configure)
+ if dpkg --compare-versions "$2" le "20100412"; then
+ FIXOLD="true"
+ cp -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old
+ fi
+ if [ -z "$2" -o -n "$FIXOLD" ]; then
+ setup_path
+
+ if ! mountpoint -q /proc; then
+ echo >&2 "the keytool command requires a mounted proc fs (/proc)."
+ exit 1
+ fi
+
+ if [ ! -f /etc/$jvm/jvm.cfg ]; then
+ # the jre is not yet configured, but jvm.cfg is needed to run it
+ temp_jvm_cfg=/etc/$jvm/jvm.cfg
+ mkdir -p /etc/$jvm
+ printf -- "-server KNOWN\n" > $temp_jvm_cfg
+ fi
+
+ first_install
+
+ [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
+ fi
+ chmod 600 /etc/default/cacerts || true
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
+
+
More information about the pkg-java-commits
mailing list