[gentoo-commits] repo/gentoo:master commit in: app-misc/ca-certificates/

Fri, 28 Oct 2016 02:29:15 -0700 

commit:     171217a85eefea54a12de02af2bf684af0ff042e
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Fri Oct 28 09:28:33 2016 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Fri Oct 28 09:28:48 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=171217a8

app-misc/ca-certificates: Make removal of untrusted certs optional.

Package-Manager: portage-2.3.2
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

 ...7.1-r1.ebuild => ca-certificates-20160104.3.27.1-r2.ebuild} | 10 ++++++----
 app-misc/ca-certificates/metadata.xml                          |  3 +++
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/app-misc/ca-certificates/ca-certificates-20160104.3.27.1-r1.ebuild 
b/app-misc/ca-certificates/ca-certificates-20160104.3.27.1-r2.ebuild
similarity index 96%
rename from app-misc/ca-certificates/ca-certificates-20160104.3.27.1-r1.ebuild
rename to app-misc/ca-certificates/ca-certificates-20160104.3.27.1-r2.ebuild
index 93d3a8f..c1d332a 100644
--- a/app-misc/ca-certificates/ca-certificates-20160104.3.27.1-r1.ebuild
+++ b/app-misc/ca-certificates/ca-certificates-20160104.3.27.1-r2.ebuild
@@ -58,7 +58,7 @@ fi
 LICENSE="MPL-1.1"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 
~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd 
~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux 
~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint 
~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
-IUSE=""
+IUSE="insecure_certs"
 ${PRECOMPILED} || IUSE+=" cacert"
 
 DEPEND=""
@@ -136,9 +136,11 @@ src_compile() {
                mv usr/share/doc/{ca-certificates,${PF}} || die
        fi
 
-       # Remove untrusted certs from StartCom and WoSign (bug #598072)
-       rm "${c}"/mozilla/StartCom* || die
-       rm "${c}"/mozilla/WoSign* || die
+       if ! use insecure_certs ; then
+               # Remove untrusted certs from StartCom and WoSign (bug #598072)
+               rm "${c}"/mozilla/StartCom* || die
+               rm "${c}"/mozilla/WoSign* || die
+       fi
 
        (
        echo "# Automatically generated by ${CATEGORY}/${PF}"

diff --git a/app-misc/ca-certificates/metadata.xml 
b/app-misc/ca-certificates/metadata.xml
index f11c10f..f516f07 100644
--- a/app-misc/ca-certificates/metadata.xml
+++ b/app-misc/ca-certificates/metadata.xml
@@ -10,5 +10,8 @@
     Include root certs from CAcert (http://www.cacert.org/) and
     Software in the Public Interest (http://www.spi-inc.org/)
   </flag>
+  <flag name="insecure_certs">
+    Install certs which are known to *not* being trustworthy.
+  </flag>
 </use>
 </pkgmetadata>

Reply via email to