blob: 460d39abca25637a0d2b37453864ceb779550c7a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
SUMMARY = "Common CA certificates (JKS trustStore)"
DESCRIPTION = "This package uses the hooks of the ca-certificates \
package to update the cacerts JKS trustStore used for many java runtimes."
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "\
file://debian/copyright;md5=ab0f6b6900f6564dc3e273dfa36fcc72 \
file://src/main/java/org/debian/security/InvalidKeystorePasswordException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
file://src/main/java/org/debian/security/KeyStoreHandler.java;endline=18;md5=3fd0e26abbca2ec481cf3698431574ae \
file://src/main/java/org/debian/security/UnableToSaveKeystoreException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
file://src/main/java/org/debian/security/UnknownInputException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
file://src/main/java/org/debian/security/UpdateCertificates.java;endline=18;md5=3fd0e26abbca2ec481cf3698431574ae \
"
DEPENDS = "virtual/javac-native fastjar-native"
# We can't use virtual/javac-native, because that would create a
# keystore that can't be read on the target (as virtual/javac-native
# usually is either too old, or plain incompatible with this)
PACKAGE_WRITE_DEPS += "openjdk-8-native"
SRC_URI = "\
git://salsa.debian.org/java-team/ca-certificates-java.git \
file://0001-UpdateCertificates-handle-SYSROOT-environment-variab.patch \
file://${BPN}.hook.in \
"
SRCREV = "793b846dcd4e79371bbe8069e4125ec2fd462e57"
inherit java
S = "${WORKDIR}/git"
B = "${WORKDIR}/build"
JARFILENAME = "${BPN}.jar"
python () {
runtime = d.getVar("PREFERRED_RPROVIDER_java2-runtime") or ""
if not runtime in ("openjdk-8", "openjre-8"):
raise bb.parse.SkipRecipe("PREFERRED_RPROVIDER_java2-runtime '%s' unsupported" % runtime)
}
do_patch:append () {
bb.build.exec_func('do_fix_sysconfdir', d)
}
do_fix_sysconfdir () {
sed -e 's|/etc/ssl/certs/java|${sysconfdir}/ssl/certs/java|g' \
-i ${S}/src/main/java/org/debian/security/UpdateCertificates.java
}
do_compile () {
mkdir -p build # simplify in-tree builds (externalsrc)
javac -g \
-source 1.7 -target 1.7 -encoding ISO8859-1 \
-d build \
-sourcepath ${S}/src/main/java \
$(find ${S}/src/main/java -name '*.java' -type f)
# needs to end with two empty lines
cat << EOF > ${B}/manifest
Manifest-Version: 1.0
Main-Class: org.debian.security.UpdateCertificates
EOF
fastjar -cfm ${JARFILENAME} ${B}/manifest -C build .
}
do_install () {
oe_jarinstall ${JARFILENAME}
mkdir -p ${D}${sysconfdir}/ssl/certs/java
install -Dm0755 ${WORKDIR}/${BPN}.hook.in ${D}${sysconfdir}/ca-certificates/update.d/${BPN}-hook
sed -e 's|@@datadir_java@@|${datadir_java}|' \
-e 's|@@libdir_jvm@@|${libdir_jvm}|' \
-e 's|@@JARFILENAME@@|${JARFILENAME}|' \
-i ${D}${sysconfdir}/ca-certificates/update.d/${BPN}-hook
install -d -m0755 ${D}${sbindir}
ln -s ${@os.path.relpath("${sysconfdir}/ca-certificates/update.d/${BPN}-hook", "${sbindir}")} \
${D}${sbindir}/create-ca-certificates-java
}
pkg_postinst:${PN} () {
if [ -n "$D" ] ; then
# In this case we want to use the Java in the image recipe's
# native sysroot (native Java, not qemu target Java) to
# generate the trustStore.
# None of the supported Java versions are in PATH, though, so
# we have to find a satisfactory one ourselves below $libdir_jvm.
# We really need the $NATIVE_ROOT variable for that to work,
# as STAGING_LIBDIR_JVM_NATIVE resolves to this recipe's native
# sysroot during recipe build time, so it's of no use during
# image build time.
if [ -z $NATIVE_ROOT ] ; then
echo "$0: NATIVE_ROOT not known"
false
fi
JVM_LIBDIR=$NATIVE_ROOT${libdir_jvm}
fi
JVM_LIBDIR=$JVM_LIBDIR $D${sbindir}/create-ca-certificates-java
}
RDEPENDS:${PN} = "ca-certificates"
RDEPENDS:${PN}:append:class-target = " java2-runtime"
RDEPENDS:${PN}:append:class-native = " virtual/java-native"
FILES:${PN} += "${datadir_java}"
BBCLASSEXTEND = "native"
|