aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-core/ca-certificates-java/ca-certificates-java_20180516.bb
blob: 2405b30f7553d7eaf080c29df72104dbd45e0d63 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
SUMMARY = "Common CA certificates (JKS trustStore)"
DESCRIPTION = "This package uses the hooks of the ca-certificates \
package to update the cacerts JKS trustStore used for many java runtimes."
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "\
	file://debian/copyright;md5=ab0f6b6900f6564dc3e273dfa36fcc72 \
	file://src/main/java/org/debian/security/InvalidKeystorePasswordException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
	file://src/main/java/org/debian/security/KeyStoreHandler.java;endline=18;md5=3fd0e26abbca2ec481cf3698431574ae \
	file://src/main/java/org/debian/security/UnableToSaveKeystoreException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
	file://src/main/java/org/debian/security/UnknownInputException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
	file://src/main/java/org/debian/security/UpdateCertificates.java;endline=18;md5=3fd0e26abbca2ec481cf3698431574ae \
"
DEPENDS = "virtual/javac-native fastjar-native"
# We can't use virtual/javac-native, because that would create a
# keystore that can't be read on the target (as virtual/javac-native
# usually is either too old, or plain incompatible with this)
PACKAGE_WRITE_DEPS += "openjdk-8-native"

SRC_URI = "\
	git://salsa.debian.org/java-team/ca-certificates-java.git;branch=master;protocol=https \
	file://0001-UpdateCertificates-handle-SYSROOT-environment-variab.patch \
	file://${BPN}.hook.in \
"

SRCREV = "793b846dcd4e79371bbe8069e4125ec2fd462e57"

inherit java

S = "${WORKDIR}/git"
B = "${WORKDIR}/build"

JARFILENAME = "${BPN}.jar"

python () {
    runtime = d.getVar("PREFERRED_RPROVIDER_java2-runtime") or ""
    if not runtime in ("openjdk-8", "openjre-8"):
        raise bb.parse.SkipRecipe("PREFERRED_RPROVIDER_java2-runtime '%s' unsupported" % runtime)
}

do_patch:append () {
    bb.build.exec_func('do_fix_sysconfdir', d)
}

do_fix_sysconfdir () {
	sed -e 's|/etc/ssl/certs/java|${sysconfdir}/ssl/certs/java|g' \
	    -i ${S}/src/main/java/org/debian/security/UpdateCertificates.java
}

do_compile () {
	mkdir -p build # simplify in-tree builds (externalsrc)
	javac -g \
	    -source 1.7 -target 1.7 -encoding ISO8859-1 \
	    -d build \
	    -sourcepath ${S}/src/main/java \
	    $(find ${S}/src/main/java -name '*.java' -type f)

	# needs to end with two empty lines
	cat << EOF > ${B}/manifest
Manifest-Version: 1.0
Main-Class: org.debian.security.UpdateCertificates

EOF
	fastjar -cfm ${JARFILENAME} ${B}/manifest -C build .
}

do_install () {
	oe_jarinstall ${JARFILENAME}

	mkdir -p ${D}${sysconfdir}/ssl/certs/java
	install -Dm0755 ${WORKDIR}/${BPN}.hook.in ${D}${sysconfdir}/ca-certificates/update.d/${BPN}-hook
	sed -e 's|@@datadir_java@@|${datadir_java}|' \
	    -e 's|@@libdir_jvm@@|${libdir_jvm}|' \
	    -e 's|@@JARFILENAME@@|${JARFILENAME}|' \
	    -i ${D}${sysconfdir}/ca-certificates/update.d/${BPN}-hook

	install -d -m0755 ${D}${sbindir}
	ln -s ${@os.path.relpath("${sysconfdir}/ca-certificates/update.d/${BPN}-hook", "${sbindir}")} \
	      ${D}${sbindir}/create-ca-certificates-java
}

pkg_postinst:${PN} () {
	if [ -n "$D" ] ; then
	    # In this case we want to use the Java in the image recipe's
	    # native sysroot (native Java, not qemu target Java) to
	    # generate the trustStore.
	    # None of the supported Java versions are in PATH, though, so
	    # we have to find a satisfactory one ourselves below $libdir_jvm.
	    # We really need the $NATIVE_ROOT variable for that to work,
	    # as STAGING_LIBDIR_JVM_NATIVE resolves to this recipe's native
	    # sysroot during recipe build time, so it's of no use during
	    # image build time.
	    if [ -z $NATIVE_ROOT ] ; then
		echo "$0: NATIVE_ROOT not known"
		false
	    fi
	    JVM_LIBDIR=$NATIVE_ROOT${libdir_jvm}
	fi
	JVM_LIBDIR=$JVM_LIBDIR $D${sbindir}/create-ca-certificates-java
}

RDEPENDS:${PN} = "ca-certificates"
RDEPENDS:${PN}:append:class-target = " java2-runtime"

FILES:${PN} += "${datadir_java}"

BBCLASSEXTEND = "native"