[pkg-java] r17146 - in tags/ca-certificates-java: . 20130815 20130815/debian
Damien Raude-Morvan
drazzib at alioth.debian.org
Thu Aug 15 12:46:11 UTC 2013
Author: drazzib
Date: 2013-08-15 12:46:11 +0000 (Thu, 15 Aug 2013)
New Revision: 17146
Added:
tags/ca-certificates-java/20130815/
tags/ca-certificates-java/20130815/UpdateCertificatesTest.java
tags/ca-certificates-java/20130815/debian/ca-certificates-java.triggers
tags/ca-certificates-java/20130815/debian/changelog
tags/ca-certificates-java/20130815/debian/control
tags/ca-certificates-java/20130815/debian/jks-keystore.hook.in
tags/ca-certificates-java/20130815/debian/postinst.in
Removed:
tags/ca-certificates-java/20130815/UpdateCertificatesTest.java
tags/ca-certificates-java/20130815/debian/changelog
tags/ca-certificates-java/20130815/debian/control
tags/ca-certificates-java/20130815/debian/jks-keystore.hook.in
tags/ca-certificates-java/20130815/debian/postinst.in
Log:
[svn-buildpackage] Tagging ca-certificates-java 20130815
Deleted: tags/ca-certificates-java/20130815/UpdateCertificatesTest.java
===================================================================
--- trunk/ca-certificates-java/UpdateCertificatesTest.java 2013-08-13 21:42:16 UTC (rev 17144)
+++ tags/ca-certificates-java/20130815/UpdateCertificatesTest.java 2013-08-15 12:46:11 UTC (rev 17146)
@@ -1,221 +0,0 @@
-/*
- * Copyright (C) 2012 Damien Raude-Morvan <drazzib at debian.org>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- */
-
-import java.io.File;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-
-import junit.framework.Assert;
-
-import org.junit.Before;
-import org.junit.Test;
-
-/**
- * Tests for {@link UpdateCertificates}.
- *
- * @author Damien Raude-Morvan
- */
-public class UpdateCertificatesTest {
-
- private static final String ALIAS_CACERT = "debian:cacert.org.crt";
- private static final String INVALID_CACERT = "x/usr/share/ca-certificates/cacert.org/cacert.org.crt";
- private static final String REMOVE_CACERT = "-/usr/share/ca-certificates/cacert.org/cacert.org.crt";
- private static final String ADD_CACERT = "+/usr/share/ca-certificates/cacert.org/cacert.org.crt";
-
- private String ksFilename = null;
- private String ksPassword = null;
-
- @Before
- public void start() {
- this.ksFilename = "./tests-cacerts";
- this.ksPassword = "changeit";
- // Delete any previous file
- File keystore = new File(this.ksFilename);
- keystore.delete();
- }
-
- /**
- * Test a simple open then write without any modification.
- */
- @Test
- public void testNoop() throws IOException, GeneralSecurityException,
- Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- uc.writeKeyStore();
- }
-
- /**
- * Test a to open a keystore and write without any modification
- * and then try to open it again with wrong password : will throw a
- * InvalidKeystorePassword
- */
- @Test
- public void testWriteThenOpenWrongPwd() throws IOException,
- GeneralSecurityException, Exceptions.UnableToSaveKeystore {
- try {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- uc.writeKeyStore();
- } catch (Exceptions.InvalidKeystorePassword e) {
- Assert.fail();
- }
-
- try {
- UpdateCertificates uc = new UpdateCertificates("wrongpassword",
- this.ksFilename);
- Assert.fail();
- uc.writeKeyStore();
- } catch (Exceptions.InvalidKeystorePassword e) {
- Assert.assertEquals(
- "Cannot open Java keystore. Is the password correct?",
- e.getMessage());
- }
- }
-
- /**
- * Test a to open a keystore then remove its backing File (and replace it
- * with a directory with the same name) and try to write in to disk :
- * will throw an UnableToSaveKeystore
- */
- @Test
- public void testDeleteThenWrite() throws IOException,
- GeneralSecurityException, Exceptions.InvalidKeystorePassword {
- try {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
-
- // Replace actual file by a directory !
- File keystore = new File(this.ksFilename);
- keystore.delete();
- keystore.mkdir();
-
- // Will fail with some IOException
- uc.writeKeyStore();
- Assert.fail();
- } catch (Exceptions.UnableToSaveKeystore e) {
- Assert.assertEquals(
- "There was a problem saving the new Java keystore.",
- e.getMessage());
- }
- }
-
- /**
- * Try to send an invalid command ("x") in parseLine : throw UnknownInput
- */
- @Test
- public void testWrongCommand() throws IOException,
- GeneralSecurityException, Exceptions.InvalidKeystorePassword {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- try {
- uc.parseLine(INVALID_CACERT);
- Assert.fail();
- } catch (Exceptions.UnknownInput e) {
- Assert.assertEquals(INVALID_CACERT, e.getMessage());
- }
- }
-
- /**
- * Test to insert a valid certificate and then check if it's really in KS.
- */
- @Test
- public void testAdd() throws IOException, GeneralSecurityException,
- Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
- Exceptions.UnableToSaveKeystore {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- uc.parseLine(ADD_CACERT);
- uc.writeKeyStore();
-
- Assert.assertEquals(true, uc.contains(ALIAS_CACERT));
- }
-
- /**
- * Test to insert a invalide certificate : no exception, but check there
- * is no alias created with that name
- */
- @Test
- public void testAddInvalidCert() throws IOException,
- GeneralSecurityException, Exceptions.UnknownInput,
- Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- uc.parseLine("+/usr/share/ca-certificates/null.crt");
- uc.writeKeyStore();
-
- Assert.assertEquals(false, uc.contains("debian:null.crt"));
- }
-
- /**
- * Try to add same certificate multiple time : we replace it and
- * there is only one alias.
- */
- @Test
- public void testReplace() throws IOException, GeneralSecurityException,
- Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
- Exceptions.UnableToSaveKeystore {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- uc.parseLine(ADD_CACERT);
- uc.parseLine(ADD_CACERT);
- uc.writeKeyStore();
-
- Assert.assertEquals(true, uc.contains(ALIAS_CACERT));
- }
-
- /**
- * Try to remove a non-existant certificate : it's a no-op.
- */
- @Test
- public void testRemove() throws IOException, GeneralSecurityException,
- Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
- Exceptions.UnableToSaveKeystore {
- UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- uc.parseLine(REMOVE_CACERT);
- uc.writeKeyStore();
-
- // We start with empty KS, so it shouldn't do anything
- Assert.assertEquals(false, uc.contains(ALIAS_CACERT));
- }
-
- /**
- * Try to add cert, write to disk, then open keystore again and remove.
- */
- @Test
- public void testAddThenRemove() throws IOException,
- GeneralSecurityException, Exceptions.UnknownInput,
- Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
- UpdateCertificates ucAdd = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- ucAdd.parseLine(ADD_CACERT);
- ucAdd.writeKeyStore();
-
- Assert.assertEquals(true, ucAdd.contains(ALIAS_CACERT));
-
- UpdateCertificates ucRemove = new UpdateCertificates(this.ksPassword,
- this.ksFilename);
- ucRemove.parseLine(REMOVE_CACERT);
- ucRemove.writeKeyStore();
-
- Assert.assertEquals(false, ucRemove.contains(ALIAS_CACERT));
- }
-
-}
Copied: tags/ca-certificates-java/20130815/UpdateCertificatesTest.java (from rev 17145, trunk/ca-certificates-java/UpdateCertificatesTest.java)
===================================================================
--- tags/ca-certificates-java/20130815/UpdateCertificatesTest.java (rev 0)
+++ tags/ca-certificates-java/20130815/UpdateCertificatesTest.java 2013-08-15 12:46:11 UTC (rev 17146)
@@ -0,0 +1,221 @@
+/*
+ * Copyright (C) 2012 Damien Raude-Morvan <drazzib at debian.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+import java.io.File;
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+
+import junit.framework.Assert;
+
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Tests for {@link UpdateCertificates}.
+ *
+ * @author Damien Raude-Morvan
+ */
+public class UpdateCertificatesTest {
+
+ private static final String ALIAS_CACERT = "debian:cacert.org_class3.crt";
+ private static final String INVALID_CACERT = "x/usr/share/ca-certificates/cacert.org/cacert.org_class3.crt";
+ private static final String REMOVE_CACERT = "-/usr/share/ca-certificates/cacert.org/cacert.org_class3.crt";
+ private static final String ADD_CACERT = "+/usr/share/ca-certificates/cacert.org/cacert.org_class3.crt";
+
+ private String ksFilename = null;
+ private String ksPassword = null;
+
+ @Before
+ public void start() {
+ this.ksFilename = "./tests-cacerts";
+ this.ksPassword = "changeit";
+ // Delete any previous file
+ File keystore = new File(this.ksFilename);
+ keystore.delete();
+ }
+
+ /**
+ * Test a simple open then write without any modification.
+ */
+ @Test
+ public void testNoop() throws IOException, GeneralSecurityException,
+ Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.writeKeyStore();
+ }
+
+ /**
+ * Test a to open a keystore and write without any modification
+ * and then try to open it again with wrong password : will throw a
+ * InvalidKeystorePassword
+ */
+ @Test
+ public void testWriteThenOpenWrongPwd() throws IOException,
+ GeneralSecurityException, Exceptions.UnableToSaveKeystore {
+ try {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.writeKeyStore();
+ } catch (Exceptions.InvalidKeystorePassword e) {
+ Assert.fail();
+ }
+
+ try {
+ UpdateCertificates uc = new UpdateCertificates("wrongpassword",
+ this.ksFilename);
+ Assert.fail();
+ uc.writeKeyStore();
+ } catch (Exceptions.InvalidKeystorePassword e) {
+ Assert.assertEquals(
+ "Cannot open Java keystore. Is the password correct?",
+ e.getMessage());
+ }
+ }
+
+ /**
+ * Test a to open a keystore then remove its backing File (and replace it
+ * with a directory with the same name) and try to write in to disk :
+ * will throw an UnableToSaveKeystore
+ */
+ @Test
+ public void testDeleteThenWrite() throws IOException,
+ GeneralSecurityException, Exceptions.InvalidKeystorePassword {
+ try {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+
+ // Replace actual file by a directory !
+ File keystore = new File(this.ksFilename);
+ keystore.delete();
+ keystore.mkdir();
+
+ // Will fail with some IOException
+ uc.writeKeyStore();
+ Assert.fail();
+ } catch (Exceptions.UnableToSaveKeystore e) {
+ Assert.assertEquals(
+ "There was a problem saving the new Java keystore.",
+ e.getMessage());
+ }
+ }
+
+ /**
+ * Try to send an invalid command ("x") in parseLine : throw UnknownInput
+ */
+ @Test
+ public void testWrongCommand() throws IOException,
+ GeneralSecurityException, Exceptions.InvalidKeystorePassword {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ try {
+ uc.parseLine(INVALID_CACERT);
+ Assert.fail();
+ } catch (Exceptions.UnknownInput e) {
+ Assert.assertEquals(INVALID_CACERT, e.getMessage());
+ }
+ }
+
+ /**
+ * Test to insert a valid certificate and then check if it's really in KS.
+ */
+ @Test
+ public void testAdd() throws IOException, GeneralSecurityException,
+ Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
+ Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine(ADD_CACERT);
+ uc.writeKeyStore();
+
+ Assert.assertEquals(true, uc.contains(ALIAS_CACERT));
+ }
+
+ /**
+ * Test to insert a invalide certificate : no exception, but check there
+ * is no alias created with that name
+ */
+ @Test
+ public void testAddInvalidCert() throws IOException,
+ GeneralSecurityException, Exceptions.UnknownInput,
+ Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine("+/usr/share/ca-certificates/null.crt");
+ uc.writeKeyStore();
+
+ Assert.assertEquals(false, uc.contains("debian:null.crt"));
+ }
+
+ /**
+ * Try to add same certificate multiple time : we replace it and
+ * there is only one alias.
+ */
+ @Test
+ public void testReplace() throws IOException, GeneralSecurityException,
+ Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
+ Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine(ADD_CACERT);
+ uc.parseLine(ADD_CACERT);
+ uc.writeKeyStore();
+
+ Assert.assertEquals(true, uc.contains(ALIAS_CACERT));
+ }
+
+ /**
+ * Try to remove a non-existant certificate : it's a no-op.
+ */
+ @Test
+ public void testRemove() throws IOException, GeneralSecurityException,
+ Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
+ Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine(REMOVE_CACERT);
+ uc.writeKeyStore();
+
+ // We start with empty KS, so it shouldn't do anything
+ Assert.assertEquals(false, uc.contains(ALIAS_CACERT));
+ }
+
+ /**
+ * Try to add cert, write to disk, then open keystore again and remove.
+ */
+ @Test
+ public void testAddThenRemove() throws IOException,
+ GeneralSecurityException, Exceptions.UnknownInput,
+ Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
+ UpdateCertificates ucAdd = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ ucAdd.parseLine(ADD_CACERT);
+ ucAdd.writeKeyStore();
+
+ Assert.assertEquals(true, ucAdd.contains(ALIAS_CACERT));
+
+ UpdateCertificates ucRemove = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ ucRemove.parseLine(REMOVE_CACERT);
+ ucRemove.writeKeyStore();
+
+ Assert.assertEquals(false, ucRemove.contains(ALIAS_CACERT));
+ }
+
+}
Copied: tags/ca-certificates-java/20130815/debian/ca-certificates-java.triggers (from rev 17145, trunk/ca-certificates-java/debian/ca-certificates-java.triggers)
===================================================================
--- tags/ca-certificates-java/20130815/debian/ca-certificates-java.triggers (rev 0)
+++ tags/ca-certificates-java/20130815/debian/ca-certificates-java.triggers 2013-08-15 12:46:11 UTC (rev 17146)
@@ -0,0 +1 @@
+activate update-ca-certificates
Deleted: tags/ca-certificates-java/20130815/debian/changelog
===================================================================
--- trunk/ca-certificates-java/debian/changelog 2013-08-13 21:42:16 UTC (rev 17144)
+++ tags/ca-certificates-java/20130815/debian/changelog 2013-08-15 12:46:11 UTC (rev 17146)
@@ -1,246 +0,0 @@
-ca-certificates-java (20120721) unstable; urgency=low
-
- * Fix jks-keystore and postinst to work on multi-arch system.
- Use dpkg-query -L package:arch. (Closes: #680618).
- * As libnss3-1d is a transitional package on both Debian and Ubuntu,
- upgrade Depends to use libnss3.
-
- -- Damien Raude-Morvan <drazzib at debian.org> Sat, 21 Jul 2012 01:06:32 +0200
-
-ca-certificates-java (20120608) unstable; urgency=low
-
- [ James Page ]
- * Switch primary JRE dependency from openjdk-6 to openjdk-7 to support
- demotion of openjdk-6 to universe in Ubuntu:
- - d/control, rules: Generate primary JRE dependency at build time to
- allow differentiation between Ubuntu and Debian.
- * Added myself to uploaders.
-
- [ Damien Raude-Morvan ]
- * Update to unstable.
- * Set DMUA flag for James Page.
-
- -- James Page <james.page at ubuntu.com> Fri, 08 Jun 2012 09:44:58 +0100
-
-ca-certificates-java (20120603) unstable; urgency=low
-
- * Use javahelper as buildsystem:
- - d/control: Add Build-Depends on javahelper.
- - d/rules: Use jh_build to call javac.
- * Create a testsuite for this package:
- - Refactor UpdateCertificates code to send exceptions instead of
- System.exit(1).
- - New testsuite: UpdateCertificatesTest.
- - d/control: Build-Depends on junit4.
- - d/rules: Launch junit after build and handle "nocheck" option in
- DEB_BUILD_OPTIONS.
-
- -- Damien Raude-Morvan <drazzib at debian.org> Sun, 03 Jun 2012 12:10:26 +0200
-
-ca-certificates-java (20120524) unstable; urgency=low
-
- [ Marc Deslauriers ]
- * debian/preinst, debian/postinst: remove the 20110912ubuntu1 work-around
- since it is no longer needed.
- * debian/postinst: don't put a symlink in / if jvm doesn't contain nss
- configuration. (Closes: #665754, #665749).
- * debian/postinst: force migration to new alias names again. The
- migration was supposed to occur on upgrades to Oneiric, but failed
- because of an NSS error.
- * debian/postinst: forcibly remove diginotar cert. It could be left
- behind under certain circumstances. (LP: #920758)
- * debian/postinst: also look for jvm in multiarch locations (LP: #962378)
- * debian/postinst: retrigger first_install to properly get cert store.
-
- [ James Page ]
- * d/rules: Ensure java is built with source/target == 1.6 for backwards
- compatibility with openjdk-6.
-
- [ Damien Raude-Morvan ]
- * Sync handling of nss.cfg between debian/jks-keystore.hook.in and
- debian/postinst.in.
- * Merge changes from Ubuntu (Thanks to James Page and Marc Deslauriers).
- * Improve handling of certificate with UTF-8 filenames:
- - UpdateCertificates: Force read System.in with UTF-8
- - debian/postinst: Set LC_CTYPE to C.UTF-8
-
- -- Damien Raude-Morvan <drazzib at debian.org> Tue, 22 May 2012 23:41:41 +0200
-
-ca-certificates-java (20120225) unstable; urgency=low
-
- [ Steve Langasek ]
- * debian/jks-keystore.hook: If we *don't* find libnss3 / libnss3-1d,
- don't remove files from the filesystem in do_cleanup(),
- since this has a nasty tendency of nuking system libraries.
- LP: #855171.
- * debian/preinst, debian/postinst: when upgrading from version
- 20110912ubuntu1, disable the buggy hook script early to prevent it from
- being run before our new version is configured; and re-enable the script
- in the postinst. LP: #855246.
-
- [ Matthias Klose ]
- * Mark as Multi-Arch: foreign.
- * Adjust the libnss3-1d versioned dependency.
-
- [ Damien Raude-Morvan ]
- * Add myself to Uploaders.
- * Use dh_gencontrol and dpkg-vendor to allow:
- - New substvar ${nss:Depends} for libnss3-1d versionning.
- - New @NSS_LIB@ parameter for debian/*.in files.
- * Bump Standards-Version to 3.9.3:
- - Add recommended build-arch / build-indep targets.
-
- -- Damien Raude-Morvan <drazzib at debian.org> Sat, 25 Feb 2012 15:06:32 +0100
-
-ca-certificates-java (20111223) unstable; urgency=low
-
- * Support new multiarch JRE packages in postinst.
-
- -- Torsten Werner <twerner at debian.org> Fri, 23 Dec 2011 13:46:15 +0100
-
-ca-certificates-java (20110912) unstable; urgency=low
-
- * Support new multiarch JRE packages in jks-keystore. (Closes: #641306)
- * Support OpenJDK 7. (Closes: #641305)
-
- -- Torsten Werner <twerner at debian.org> Mon, 12 Sep 2011 21:23:22 +0200
-
-ca-certificates-java (20110816) unstable; urgency=low
-
- * Upgrade Recommends: libnss3-1d to a versioned Depends due to multiarch
- changes. (Closes: #635571)
- * Use the locale C.UTF-8 for the hook script to be more robust.
-
- -- Torsten Werner <twerner at debian.org> Tue, 16 Aug 2011 11:00:33 +0200
-
-ca-certificates-java (20110531) unstable; urgency=low
-
- * Prepare for multiarch libnss3 update.
-
- -- Matthias Klose <doko at ubuntu.com> Tue, 31 May 2011 15:20:52 +0200
-
-ca-certificates-java (20110426) unstable; urgency=low
-
- * Test for existing file in postinst before copying it. (Closes: #624152)
- * Add Vcs headers to debian/control.
-
- -- Torsten Werner <twerner at debian.org> Tue, 26 Apr 2011 09:23:03 +0200
-
-ca-certificates-java (20110425) unstable; urgency=low
-
- * Add Java code to update the keystore and support UTF-8 encoded filenames.
- (Closes: #607245, #623671)
- * Change Maintainer to Debian Java Maintainers and add myself to Uploaders.
- * Update Build-Depends.
- * Replace old inconsistent keystore aliases. (Closes: #623888)
- * Add support for openjdk-7 and remove support for old cacao VM.
- * Add a NEWS file explaining the update.
- * Update README.Debian.
-
- -- Torsten Werner <twerner at debian.org> Mon, 25 Apr 2011 15:28:55 +0200
-
-ca-certificates-java (20100412) unstable; urgency=low
-
- * Upload to unstable.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 12 Apr 2010 03:15:47 +0200
-
-ca-certificates-java (20100406ubuntu1) lucid; urgency=low
-
- * Make the installation and import of certificates more robust,
- if the NSS based security provider is disabled or not built.
-
- -- Matthias Klose <doko at ubuntu.com> Sun, 11 Apr 2010 20:54:43 +0200
-
-ca-certificates-java (20100406) unstable; urgency=low
-
- * Explicitely fail the installation, if /proc is not mounted.
- Currently required by the java tools, changed in OpenJDK7.
- Closes: #576453. LP: #556044.
- * Print name of JVM in case of errors.
- * Set priority to optional, set section to java. Closes: #566855.
- * Remove /etc/ssl/certs on package purge, if empty. Closes: #566853.
-
- -- Matthias Klose <doko at debian.org> Tue, 06 Apr 2010 21:41:39 +0200
-
-ca-certificates-java (20091021) unstable; urgency=low
-
- * Clarify output for keytool errors (although it shouldnn't be
- necessary anymore). Closes: #540490.
-
- -- Matthias Klose <doko at ubuntu.com> Wed, 21 Oct 2009 22:00:53 +0200
-
-ca-certificates-java (20090928) karmic; urgency=low
-
- * Rebuild with OpenJDK supporting PKCS11 cryptography, rebuild with
- ca-certificates 20090814.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 28 Sep 2009 16:47:09 +0200
-
-ca-certificates-java (20090629) unstable; urgency=low
-
- * debian/rules, debian/postinst, debian/jks-keystore.hook: Filter out
- SHA384withECDSA certificates since keytool won't support them.
- LP: #392104, closes: #534520.
- * Fix typo in hook. Closes: #534533.
- * Use java6-runtime-headless as alternative dependency. Closes: #512293.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 29 Jun 2009 11:27:59 +0200
-
-ca-certificates-java (20081028) unstable; urgency=low
-
- * Ignore LANG and LC_ALL setting when running keytool. LP: #289934.
-
- -- Matthias Klose <doko at debian.org> Tue, 28 Oct 2008 07:20:16 +0100
-
-ca-certificates-java (20081027) unstable; urgency=medium
-
- * Merge from Ubuntu:
- - Don't try to import certificates, which are listed in
- /etc/ca-certificates.conf, but not available on the system.
- Just warn about those. LP: #289091.
- - Need to run keytool, when the jre is unpacked, but not yet configured.
- Create a temporary jvm.cfg for the time in that postinst and the
- jks-keystore.hook are run, and remove it afterwards. LP: #289199.
-
- -- Matthias Klose <doko at debian.org> Mon, 27 Oct 2008 13:58:14 +0100
-
-ca-certificates-java (20081024) unstable; urgency=low
-
- * Install /etc/default/cacerts with mode 600.
-
- -- Matthias Klose <doko at debian.org> Fri, 24 Oct 2008 15:10:48 +0200
-
-ca-certificates-java (20081022) unstable; urgency=low
-
- * debian/jks-keystore.hook:
- - Don't stop after first error during the update. LP: #244412.
- Closes: #489748.
- - Call keytool with -noprompt.
- * On initial install, add locally added certificates. LP: #244410.
- Closes: #489748.
- * Install /etc/default/cacerts to set options:
- - storepass, holding the password for the keystore.
- - updates, to enable/disable updates of the keystore.
- * Only use the keytool command from OpenJDK or Sun Java. Closes: #496587.
-
- -- Matthias Klose <doko at ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200
-
-ca-certificates-java (20080712) unstable; urgency=low
-
- * Upload to main.
-
- -- Matthias Klose <doko at ubuntu.com> Sat, 12 Jul 2008 12:19:00 +0200
-
-ca-certificates-java (20080711) unstable; urgency=low
-
- * debian/jks-keystore.hook: Fix typo. Closes: #489747, LP: #244408.
-
- -- Matthias Klose <doko at ubuntu.com> Fri, 11 Jul 2008 20:38:04 +0200
-
-ca-certificates-java (20080514) unstable; urgency=low
-
- * Initial release.
-
- -- Matthias Klose <doko at ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000
-
Copied: tags/ca-certificates-java/20130815/debian/changelog (from rev 17145, trunk/ca-certificates-java/debian/changelog)
===================================================================
--- tags/ca-certificates-java/20130815/debian/changelog (rev 0)
+++ tags/ca-certificates-java/20130815/debian/changelog 2013-08-15 12:46:11 UTC (rev 17146)
@@ -0,0 +1,281 @@
+ca-certificates-java (20130815) unstable; urgency=low
+
+ * Acknowledge NMU done by Don Armstrong and Andreas Beckmann.
+ * Fix tests to works with new cacert certificates names (Closes:
+ #713138).
+ * d/control: Use canonical value for Vcs-* fields.
+ * d/control: Remove deprecated DMUA flag.
+ * d/control: Bump Standards-Version to 3.9.4 (no changes needed).
+
+ -- Damien Raude-Morvan <drazzib at debian.org> Thu, 15 Aug 2013 13:52:46 +0200
+
+ca-certificates-java (20121112+nmu2) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * postinst, jks-keystore.hook: Do not fail if nss.cfg does not (yet) exist,
+ i.e. if openjdk-?-jre-headless is unpacked but not yet configured.
+ (Closes: #694888)
+ * Set urgency to medium for RC bugfix.
+
+ -- Andreas Beckmann <anbe at debian.org> Sun, 27 Jan 2013 14:19:41 +0100
+
+ca-certificates-java (20121112+nmu1) unstable; urgency=low
+
+ * Non-maintainer upload
+ * Fix test for dpkg-query in postinst; there was an extraneous --version
+ here. [Probably don't even need to bother to check for dpkg-query, but
+ why not.] (Closes: #690204)
+ * Library path for softokn3pkg and nsspkg is potentially wrong if there
+ are multiple different paths; fix it.
+ * Do not run the hook if ca-certificates-java has been removed but not
+ purged.
+ * Use the new trigger support provided by ca-certificates (>=20121114).
+
+ -- Don Armstrong <don at debian.org> Mon, 12 Nov 2012 15:45:50 -0800
+
+ca-certificates-java (20120721) unstable; urgency=low
+
+ * Fix jks-keystore and postinst to work on multi-arch system.
+ Use dpkg-query -L package:arch. (Closes: #680618).
+ * As libnss3-1d is a transitional package on both Debian and Ubuntu,
+ upgrade Depends to use libnss3.
+
+ -- Damien Raude-Morvan <drazzib at debian.org> Sat, 21 Jul 2012 01:06:32 +0200
+
+ca-certificates-java (20120608) unstable; urgency=low
+
+ [ James Page ]
+ * Switch primary JRE dependency from openjdk-6 to openjdk-7 to support
+ demotion of openjdk-6 to universe in Ubuntu:
+ - d/control, rules: Generate primary JRE dependency at build time to
+ allow differentiation between Ubuntu and Debian.
+ * Added myself to uploaders.
+
+ [ Damien Raude-Morvan ]
+ * Update to unstable.
+ * Set DMUA flag for James Page.
+
+ -- James Page <james.page at ubuntu.com> Fri, 08 Jun 2012 09:44:58 +0100
+
+ca-certificates-java (20120603) unstable; urgency=low
+
+ * Use javahelper as buildsystem:
+ - d/control: Add Build-Depends on javahelper.
+ - d/rules: Use jh_build to call javac.
+ * Create a testsuite for this package:
+ - Refactor UpdateCertificates code to send exceptions instead of
+ System.exit(1).
+ - New testsuite: UpdateCertificatesTest.
+ - d/control: Build-Depends on junit4.
+ - d/rules: Launch junit after build and handle "nocheck" option in
+ DEB_BUILD_OPTIONS.
+
+ -- Damien Raude-Morvan <drazzib at debian.org> Sun, 03 Jun 2012 12:10:26 +0200
+
+ca-certificates-java (20120524) unstable; urgency=low
+
+ [ Marc Deslauriers ]
+ * debian/preinst, debian/postinst: remove the 20110912ubuntu1 work-around
+ since it is no longer needed.
+ * debian/postinst: don't put a symlink in / if jvm doesn't contain nss
+ configuration. (Closes: #665754, #665749).
+ * debian/postinst: force migration to new alias names again. The
+ migration was supposed to occur on upgrades to Oneiric, but failed
+ because of an NSS error.
+ * debian/postinst: forcibly remove diginotar cert. It could be left
+ behind under certain circumstances. (LP: #920758)
+ * debian/postinst: also look for jvm in multiarch locations (LP: #962378)
+ * debian/postinst: retrigger first_install to properly get cert store.
+
+ [ James Page ]
+ * d/rules: Ensure java is built with source/target == 1.6 for backwards
+ compatibility with openjdk-6.
+
+ [ Damien Raude-Morvan ]
+ * Sync handling of nss.cfg between debian/jks-keystore.hook.in and
+ debian/postinst.in.
+ * Merge changes from Ubuntu (Thanks to James Page and Marc Deslauriers).
+ * Improve handling of certificate with UTF-8 filenames:
+ - UpdateCertificates: Force read System.in with UTF-8
+ - debian/postinst: Set LC_CTYPE to C.UTF-8
+
+ -- Damien Raude-Morvan <drazzib at debian.org> Tue, 22 May 2012 23:41:41 +0200
+
+ca-certificates-java (20120225) unstable; urgency=low
+
+ [ Steve Langasek ]
+ * debian/jks-keystore.hook: If we *don't* find libnss3 / libnss3-1d,
+ don't remove files from the filesystem in do_cleanup(),
+ since this has a nasty tendency of nuking system libraries.
+ LP: #855171.
+ * debian/preinst, debian/postinst: when upgrading from version
+ 20110912ubuntu1, disable the buggy hook script early to prevent it from
+ being run before our new version is configured; and re-enable the script
+ in the postinst. LP: #855246.
+
+ [ Matthias Klose ]
+ * Mark as Multi-Arch: foreign.
+ * Adjust the libnss3-1d versioned dependency.
+
+ [ Damien Raude-Morvan ]
+ * Add myself to Uploaders.
+ * Use dh_gencontrol and dpkg-vendor to allow:
+ - New substvar ${nss:Depends} for libnss3-1d versionning.
+ - New @NSS_LIB@ parameter for debian/*.in files.
+ * Bump Standards-Version to 3.9.3:
+ - Add recommended build-arch / build-indep targets.
+
+ -- Damien Raude-Morvan <drazzib at debian.org> Sat, 25 Feb 2012 15:06:32 +0100
+
+ca-certificates-java (20111223) unstable; urgency=low
+
+ * Support new multiarch JRE packages in postinst.
+
+ -- Torsten Werner <twerner at debian.org> Fri, 23 Dec 2011 13:46:15 +0100
+
+ca-certificates-java (20110912) unstable; urgency=low
+
+ * Support new multiarch JRE packages in jks-keystore. (Closes: #641306)
+ * Support OpenJDK 7. (Closes: #641305)
+
+ -- Torsten Werner <twerner at debian.org> Mon, 12 Sep 2011 21:23:22 +0200
+
+ca-certificates-java (20110816) unstable; urgency=low
+
+ * Upgrade Recommends: libnss3-1d to a versioned Depends due to multiarch
+ changes. (Closes: #635571)
+ * Use the locale C.UTF-8 for the hook script to be more robust.
+
+ -- Torsten Werner <twerner at debian.org> Tue, 16 Aug 2011 11:00:33 +0200
+
+ca-certificates-java (20110531) unstable; urgency=low
+
+ * Prepare for multiarch libnss3 update.
+
+ -- Matthias Klose <doko at ubuntu.com> Tue, 31 May 2011 15:20:52 +0200
+
+ca-certificates-java (20110426) unstable; urgency=low
+
+ * Test for existing file in postinst before copying it. (Closes: #624152)
+ * Add Vcs headers to debian/control.
+
+ -- Torsten Werner <twerner at debian.org> Tue, 26 Apr 2011 09:23:03 +0200
+
+ca-certificates-java (20110425) unstable; urgency=low
+
+ * Add Java code to update the keystore and support UTF-8 encoded filenames.
+ (Closes: #607245, #623671)
+ * Change Maintainer to Debian Java Maintainers and add myself to Uploaders.
+ * Update Build-Depends.
+ * Replace old inconsistent keystore aliases. (Closes: #623888)
+ * Add support for openjdk-7 and remove support for old cacao VM.
+ * Add a NEWS file explaining the update.
+ * Update README.Debian.
+
+ -- Torsten Werner <twerner at debian.org> Mon, 25 Apr 2011 15:28:55 +0200
+
+ca-certificates-java (20100412) unstable; urgency=low
+
+ * Upload to unstable.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 12 Apr 2010 03:15:47 +0200
+
+ca-certificates-java (20100406ubuntu1) lucid; urgency=low
+
+ * Make the installation and import of certificates more robust,
+ if the NSS based security provider is disabled or not built.
+
+ -- Matthias Klose <doko at ubuntu.com> Sun, 11 Apr 2010 20:54:43 +0200
+
+ca-certificates-java (20100406) unstable; urgency=low
+
+ * Explicitely fail the installation, if /proc is not mounted.
+ Currently required by the java tools, changed in OpenJDK7.
+ Closes: #576453. LP: #556044.
+ * Print name of JVM in case of errors.
+ * Set priority to optional, set section to java. Closes: #566855.
+ * Remove /etc/ssl/certs on package purge, if empty. Closes: #566853.
+
+ -- Matthias Klose <doko at debian.org> Tue, 06 Apr 2010 21:41:39 +0200
+
+ca-certificates-java (20091021) unstable; urgency=low
+
+ * Clarify output for keytool errors (although it shouldnn't be
+ necessary anymore). Closes: #540490.
+
+ -- Matthias Klose <doko at ubuntu.com> Wed, 21 Oct 2009 22:00:53 +0200
+
+ca-certificates-java (20090928) karmic; urgency=low
+
+ * Rebuild with OpenJDK supporting PKCS11 cryptography, rebuild with
+ ca-certificates 20090814.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 28 Sep 2009 16:47:09 +0200
+
+ca-certificates-java (20090629) unstable; urgency=low
+
+ * debian/rules, debian/postinst, debian/jks-keystore.hook: Filter out
+ SHA384withECDSA certificates since keytool won't support them.
+ LP: #392104, closes: #534520.
+ * Fix typo in hook. Closes: #534533.
+ * Use java6-runtime-headless as alternative dependency. Closes: #512293.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 29 Jun 2009 11:27:59 +0200
+
+ca-certificates-java (20081028) unstable; urgency=low
+
+ * Ignore LANG and LC_ALL setting when running keytool. LP: #289934.
+
+ -- Matthias Klose <doko at debian.org> Tue, 28 Oct 2008 07:20:16 +0100
+
+ca-certificates-java (20081027) unstable; urgency=medium
+
+ * Merge from Ubuntu:
+ - Don't try to import certificates, which are listed in
+ /etc/ca-certificates.conf, but not available on the system.
+ Just warn about those. LP: #289091.
+ - Need to run keytool, when the jre is unpacked, but not yet configured.
+ Create a temporary jvm.cfg for the time in that postinst and the
+ jks-keystore.hook are run, and remove it afterwards. LP: #289199.
+
+ -- Matthias Klose <doko at debian.org> Mon, 27 Oct 2008 13:58:14 +0100
+
+ca-certificates-java (20081024) unstable; urgency=low
+
+ * Install /etc/default/cacerts with mode 600.
+
+ -- Matthias Klose <doko at debian.org> Fri, 24 Oct 2008 15:10:48 +0200
+
+ca-certificates-java (20081022) unstable; urgency=low
+
+ * debian/jks-keystore.hook:
+ - Don't stop after first error during the update. LP: #244412.
+ Closes: #489748.
+ - Call keytool with -noprompt.
+ * On initial install, add locally added certificates. LP: #244410.
+ Closes: #489748.
+ * Install /etc/default/cacerts to set options:
+ - storepass, holding the password for the keystore.
+ - updates, to enable/disable updates of the keystore.
+ * Only use the keytool command from OpenJDK or Sun Java. Closes: #496587.
+
+ -- Matthias Klose <doko at ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200
+
+ca-certificates-java (20080712) unstable; urgency=low
+
+ * Upload to main.
+
+ -- Matthias Klose <doko at ubuntu.com> Sat, 12 Jul 2008 12:19:00 +0200
+
+ca-certificates-java (20080711) unstable; urgency=low
+
+ * debian/jks-keystore.hook: Fix typo. Closes: #489747, LP: #244408.
+
+ -- Matthias Klose <doko at ubuntu.com> Fri, 11 Jul 2008 20:38:04 +0200
+
+ca-certificates-java (20080514) unstable; urgency=low
+
+ * Initial release.
+
+ -- Matthias Klose <doko at ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000
+
Deleted: tags/ca-certificates-java/20130815/debian/control
===================================================================
--- trunk/ca-certificates-java/debian/control 2013-08-13 21:42:16 UTC (rev 17144)
+++ tags/ca-certificates-java/20130815/debian/control 2013-08-15 12:46:11 UTC (rev 17146)
@@ -1,25 +0,0 @@
-Source: ca-certificates-java
-Section: java
-Priority: optional
-Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
-Uploaders: Matthias Klose <doko at ubuntu.com>,
- Torsten Werner <twerner at debian.org>,
- Damien Raude-Morvan <drazzib at debian.org>,
- James Page <james.page at ubuntu.com>
-Build-Depends: debhelper (>= 6), default-jdk, javahelper, junit4
-Standards-Version: 3.9.3
-DM-Upload-Allowed: yes
-Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/ca-certificates-java
-Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/ca-certificates-java/
-
-Package: ca-certificates-java
-Architecture: all
-Multi-Arch: foreign
-Depends: ca-certificates (>= 20090814),
- ${jre:Depends} | java6-runtime-headless,
- ${misc:Depends},
- ${nss:Depends}
-# We need a versioned Depends due to multiarch changes (bug #635571).
-Description: Common CA certificates (JKS keystore)
- This package uses the hooks of the ca-certificates package to update the
- cacerts JKS keystore used for many java runtimes.
Copied: tags/ca-certificates-java/20130815/debian/control (from rev 17145, trunk/ca-certificates-java/debian/control)
===================================================================
--- tags/ca-certificates-java/20130815/debian/control (rev 0)
+++ tags/ca-certificates-java/20130815/debian/control 2013-08-15 12:46:11 UTC (rev 17146)
@@ -0,0 +1,24 @@
+Source: ca-certificates-java
+Section: java
+Priority: optional
+Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
+Uploaders: Matthias Klose <doko at ubuntu.com>,
+ Torsten Werner <twerner at debian.org>,
+ Damien Raude-Morvan <drazzib at debian.org>,
+ James Page <james.page at ubuntu.com>
+Build-Depends: debhelper (>= 6), default-jdk, javahelper, junit4
+Standards-Version: 3.9.4
+Vcs-Svn: svn://anonscm.debian.org/pkg-java/trunk/ca-certificates-java
+Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-java/trunk/ca-certificates-java/
+
+Package: ca-certificates-java
+Architecture: all
+Multi-Arch: foreign
+Depends: ca-certificates (>= 20121114),
+ ${jre:Depends} | java6-runtime-headless,
+ ${misc:Depends},
+ ${nss:Depends}
+# We need a versioned Depends due to multiarch changes (bug #635571).
+Description: Common CA certificates (JKS keystore)
+ This package uses the hooks of the ca-certificates package to update the
+ cacerts JKS keystore used for many java runtimes.
Deleted: tags/ca-certificates-java/20130815/debian/jks-keystore.hook.in
===================================================================
--- trunk/ca-certificates-java/debian/jks-keystore.hook.in 2013-08-13 21:42:16 UTC (rev 17144)
+++ tags/ca-certificates-java/20130815/debian/jks-keystore.hook.in 2013-08-15 12:46:11 UTC (rev 17146)
@@ -1,88 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# use the locale C.UTF-8
-unset LC_ALL
-LC_CTYPE=C.UTF-8
-export LC_CTYPE
-
-storepass='changeit'
-if [ -f /etc/default/cacerts ]; then
- . /etc/default/cacerts
-fi
-
-arch=`dpkg --print-architecture`
-JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
-
-nsslib_name()
-{
- if dpkg --assert-multi-arch 2>/dev/null; then
- echo "@NSS_LIB@:${arch}"
- else
- echo "@NSS_LIB@"
- fi
-}
-
-echo ""
-if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then
- echo "updates of cacerts keystore disabled."
- exit 0
-fi
-
-if ! mountpoint -q /proc; then
- echo >&2 "the keytool command requires a mounted proc fs (/proc)."
- exit 1
-fi
-
-for jvm in java-6-openjdk-$arch java-6-openjdk \
- java-7-openjdk-$arch java-7-openjdk java-6-sun; do
-if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
- break
-fi
-done
-export JAVA_HOME=/usr/lib/jvm/$jvm
-PATH=$JAVA_HOME/bin:$PATH
-
-temp_jvm_cfg=
-if [ ! -f /etc/${jvm%-$arch}/jvm-$arch.cfg ]; then
- # the jre is not yet configured, but jvm.cfg is needed to run it
- temp_jvm_cfg=/etc/${jvm%-$arch}/jvm-$arch.cfg
- mkdir -p /etc/${jvm%-$arch}
- printf -- "-server KNOWN\n" > $temp_jvm_cfg
-fi
-
-if dpkg-query --version >/dev/null; then
- nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p')
- nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/${jvm%-$arch}/security/nss.cfg)
- if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
- ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
- fi
- softokn3pkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libsoftokn3\.so$,\1,p')
- if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] && [ "$softokn3pkg" != "$nssjdk" ]; then
- ln -sf $softokn3pkg/libsoftokn3.so $nssjdk/libsoftokn3.so
- fi
-fi
-
-do_cleanup()
-{
- [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
- if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]
- then
- rm -f $nssjdk/libnss3.so
- fi
- if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] \
- && [ "$softokn3pkg" != "$nssjdk" ]
- then
- rm -f $nssjdk/libsoftokn3.so
- fi
-}
-
-if java -jar $JAR -storepass "$storepass"; then
- do_cleanup
-else
- do_cleanup
- exit 1
-fi
-
-echo "done."
Copied: tags/ca-certificates-java/20130815/debian/jks-keystore.hook.in (from rev 17145, trunk/ca-certificates-java/debian/jks-keystore.hook.in)
===================================================================
--- tags/ca-certificates-java/20130815/debian/jks-keystore.hook.in (rev 0)
+++ tags/ca-certificates-java/20130815/debian/jks-keystore.hook.in 2013-08-15 12:46:11 UTC (rev 17146)
@@ -0,0 +1,89 @@
+#!/bin/sh
+
+set -e
+
+# use the locale C.UTF-8
+unset LC_ALL
+LC_CTYPE=C.UTF-8
+export LC_CTYPE
+
+storepass='changeit'
+if [ -f /etc/default/cacerts ]; then
+ . /etc/default/cacerts
+fi
+
+arch=`dpkg --print-architecture`
+JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
+
+nsslib_name()
+{
+ if dpkg --assert-multi-arch 2>/dev/null; then
+ echo "@NSS_LIB@:${arch}"
+ else
+ echo "@NSS_LIB@"
+ fi
+}
+
+echo ""
+if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ] || [ ! -e $JAR ]; then
+ echo "updates of cacerts keystore disabled."
+ exit 0
+fi
+
+if ! mountpoint -q /proc; then
+ echo >&2 "the keytool command requires a mounted proc fs (/proc)."
+ exit 1
+fi
+
+for jvm in java-6-openjdk-$arch java-6-openjdk \
+ java-7-openjdk-$arch java-7-openjdk java-6-sun; do
+if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
+ break
+fi
+done
+export JAVA_HOME=/usr/lib/jvm/$jvm
+PATH=$JAVA_HOME/bin:$PATH
+
+temp_jvm_cfg=
+if [ ! -f /etc/${jvm%-$arch}/jvm-$arch.cfg ]; then
+ # the jre is not yet configured, but jvm.cfg is needed to run it
+ temp_jvm_cfg=/etc/${jvm%-$arch}/jvm-$arch.cfg
+ mkdir -p /etc/${jvm%-$arch}
+ printf -- "-server KNOWN\n" > $temp_jvm_cfg
+fi
+
+if dpkg-query --version >/dev/null; then
+ nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1)
+ nsscfg=/etc/${jvm%-$arch}/security/nss.cfg
+ nssjdk=$(test ! -f $nsscfg || sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' $nsscfg)
+ if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
+ ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
+ fi
+ softokn3pkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libsoftokn3\.so$,\1,p'|head -n 1)
+ if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] && [ "$softokn3pkg" != "$nssjdk" ]; then
+ ln -sf $softokn3pkg/libsoftokn3.so $nssjdk/libsoftokn3.so
+ fi
+fi
+
+do_cleanup()
+{
+ [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
+ if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]
+ then
+ rm -f $nssjdk/libnss3.so
+ fi
+ if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] \
+ && [ "$softokn3pkg" != "$nssjdk" ]
+ then
+ rm -f $nssjdk/libsoftokn3.so
+ fi
+}
+
+if java -jar $JAR -storepass "$storepass"; then
+ do_cleanup
+else
+ do_cleanup
+ exit 1
+fi
+
+echo "done."
Deleted: tags/ca-certificates-java/20130815/debian/postinst.in
===================================================================
--- trunk/ca-certificates-java/debian/postinst.in 2013-08-13 21:42:16 UTC (rev 17144)
+++ tags/ca-certificates-java/20130815/debian/postinst.in 2013-08-15 12:46:11 UTC (rev 17146)
@@ -1,125 +0,0 @@
-#!/bin/bash
-
-set -e
-
-# use the locale C.UTF-8
-unset LC_ALL
-LC_CTYPE=C.UTF-8
-export LC_CTYPE
-
-storepass='changeit'
-if [ -f /etc/default/cacerts ]; then
- . /etc/default/cacerts
-fi
-
-arch=`dpkg --print-architecture`
-JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
-
-nsslib_name()
-{
- if dpkg --assert-multi-arch 2>/dev/null; then
- echo "@NSS_LIB@:${arch}"
- else
- echo "@NSS_LIB@"
- fi
-}
-
-setup_path()
-{
- for jvm in java-6-openjdk-$arch java-6-openjdk \
- java-7-openjdk-$arch java-7-openjdk java-6-sun; do
- if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
- break
- fi
- done
- export JAVA_HOME=/usr/lib/jvm/$jvm
- PATH=$JAVA_HOME/bin:$PATH
-}
-
-first_install()
-{
- if which dpkg-query --version >/dev/null; then
- nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p')
- nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/${jvm%-$arch}/security/nss.cfg)
- if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
- ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
- fi
- fi
-
- # Forcibly remove diginotar cert (LP: #920758)
- if [ -n "$FIXOLD" ]; then
- echo -e "-diginotar_root_ca\n-diginotar_root_ca_pem" | \
- java -jar $JAR -storepass "$storepass"
- fi
-
- find /etc/ssl/certs -name \*.pem | \
- while read filename; do
- alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _)
- alias=${alias%*_}
- if [ -n "$FIXOLD" ]; then
- echo "-${alias}"
- echo "-${alias}_pem"
- fi
- echo "+${filename}"
- done | \
- java -jar $JAR -storepass "$storepass"
- echo "done."
-}
-
-do_cleanup()
-{
- [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
- if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]
- then
- rm -f $nssjdk/libnss3.so
- fi
-}
-
-case "$1" in
- configure)
- if dpkg --compare-versions "$2" lt "20110912ubuntu6"; then
- FIXOLD="true"
- if [ -e /etc/ssl/certs/java/cacerts ]; then
- cp -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old
- fi
- fi
- if [ -z "$2" -o -n "$FIXOLD" ]; then
- setup_path
-
- if ! mountpoint -q /proc; then
- echo >&2 "the keytool command requires a mounted proc fs (/proc)."
- exit 1
- fi
-
- temp_jvm_cfg=
- if [ ! -f /etc/${jvm%-$arch}/jvm-$arch.cfg ]; then
- # the jre is not yet configured, but jvm.cfg is needed to run it
- temp_jvm_cfg=/etc/${jvm%-$arch}/jvm-$arch.cfg
- mkdir -p /etc/${jvm%-$arch}
- printf -- "-server KNOWN\n" > $temp_jvm_cfg
- fi
-
- if first_install; then
- do_cleanup
- else
- do_cleanup
- exit 1
- fi
- fi
- chmod 600 /etc/default/cacerts || true
- ;;
-
- abort-upgrade|abort-remove|abort-deconfigure)
- ;;
-
- *)
- echo "postinst called with unknown argument \`$1'" >&2
- exit 1
- ;;
-esac
-
-#DEBHELPER#
-
-exit 0
-
-
Copied: tags/ca-certificates-java/20130815/debian/postinst.in (from rev 17145, trunk/ca-certificates-java/debian/postinst.in)
===================================================================
--- tags/ca-certificates-java/20130815/debian/postinst.in (rev 0)
+++ tags/ca-certificates-java/20130815/debian/postinst.in 2013-08-15 12:46:11 UTC (rev 17146)
@@ -0,0 +1,126 @@
+#!/bin/bash
+
+set -e
+
+# use the locale C.UTF-8
+unset LC_ALL
+LC_CTYPE=C.UTF-8
+export LC_CTYPE
+
+storepass='changeit'
+if [ -f /etc/default/cacerts ]; then
+ . /etc/default/cacerts
+fi
+
+arch=`dpkg --print-architecture`
+JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
+
+nsslib_name()
+{
+ if dpkg --assert-multi-arch 2>/dev/null; then
+ echo "@NSS_LIB@:${arch}"
+ else
+ echo "@NSS_LIB@"
+ fi
+}
+
+setup_path()
+{
+ for jvm in java-6-openjdk-$arch java-6-openjdk \
+ java-7-openjdk-$arch java-7-openjdk java-6-sun; do
+ if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
+ break
+ fi
+ done
+ export JAVA_HOME=/usr/lib/jvm/$jvm
+ PATH=$JAVA_HOME/bin:$PATH
+}
+
+first_install()
+{
+ if which dpkg-query >/dev/null; then
+ nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1)
+ nsscfg=/etc/${jvm%-$arch}/security/nss.cfg
+ nssjdk=$(test ! -f $nsscfg || sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' $nsscfg)
+ if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
+ ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
+ fi
+ fi
+
+ # Forcibly remove diginotar cert (LP: #920758)
+ if [ -n "$FIXOLD" ]; then
+ echo -e "-diginotar_root_ca\n-diginotar_root_ca_pem" | \
+ java -jar $JAR -storepass "$storepass"
+ fi
+
+ find /etc/ssl/certs -name \*.pem | \
+ while read filename; do
+ alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _)
+ alias=${alias%*_}
+ if [ -n "$FIXOLD" ]; then
+ echo "-${alias}"
+ echo "-${alias}_pem"
+ fi
+ echo "+${filename}"
+ done | \
+ java -jar $JAR -storepass "$storepass"
+ echo "done."
+}
+
+do_cleanup()
+{
+ [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
+ if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]
+ then
+ rm -f $nssjdk/libnss3.so
+ fi
+}
+
+case "$1" in
+ configure)
+ if dpkg --compare-versions "$2" lt "20110912ubuntu6"; then
+ FIXOLD="true"
+ if [ -e /etc/ssl/certs/java/cacerts ]; then
+ cp -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old
+ fi
+ fi
+ if [ -z "$2" -o -n "$FIXOLD" ]; then
+ setup_path
+
+ if ! mountpoint -q /proc; then
+ echo >&2 "the keytool command requires a mounted proc fs (/proc)."
+ exit 1
+ fi
+
+ temp_jvm_cfg=
+ if [ ! -f /etc/${jvm%-$arch}/jvm-$arch.cfg ]; then
+ # the jre is not yet configured, but jvm.cfg is needed to run it
+ temp_jvm_cfg=/etc/${jvm%-$arch}/jvm-$arch.cfg
+ mkdir -p /etc/${jvm%-$arch}
+ printf -- "-server KNOWN\n" > $temp_jvm_cfg
+ fi
+
+ if first_install; then
+ do_cleanup
+ else
+ do_cleanup
+ exit 1
+ fi
+ fi
+ chmod 600 /etc/default/cacerts || true
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
+
+
More information about the pkg-java-commits
mailing list