ca-certificates: upgraded package to upstream
Upgraded app-misc/ca-certificates to version 20180409.3.37 on amd64, arm
BUG=chromium:878434
TEST=Device Enterprise Enrollment, EAP-TLS, and Client Cert Auth work
CQ-DEPEND=CL:1194587
Change-Id: I972db82e29144df2ce138487caf14873a270ad89
Reviewed-on: https://chromium-review.googlesource.com/1194588
Commit-Ready: Ryan Sleevi <rsleevi@chromium.org>
Tested-by: Ryan Sleevi <rsleevi@chromium.org>
Reviewed-by: Daniel Wang <wonderfly@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
diff --git a/app-misc/ca-certificates/Manifest b/app-misc/ca-certificates/Manifest
index fbe1ac5..95da1ef 100644
--- a/app-misc/ca-certificates/Manifest
+++ b/app-misc/ca-certificates/Manifest
@@ -1,3 +1,3 @@
-DIST ca-certificates_20170717.tar.xz 293028 SHA256 e487639b641fa75445174734dd6e9d600373e3248b3d86a7e3c6d0f6977decd2 SHA512 dfeb5a19bb33bcb127a159b73fcc63b41c99827d77eb4a6069def0cffc7ae8dd10dab97c1ddfdd5b70d0c93e650a51ed5dcd03908516e7ca8b3022bf46eeb7e6 WHIRLPOOL 3b0877a7e85efccef67f92e0f6eb066e98b42982fd68ba92da131d2f96d4c235685ac913d038e2af621cb9cada5cf1409a871b8557d49539d722e10171e2aa7a
-DIST nss-3.36.1.tar.gz 23026430 SHA256 6025441d528ff6a7f1a4b673b6ee7d3540731ada3f78d5acd5c3b3736b222bff SHA512 096fe4360b6d584a746ac6156830f8cff821fd173bd889d7a396238919328a227fa4ebb46f738970a4001773046f3dd4f4675b85ff6de8420a4a7657b3ba0c65 WHIRLPOOL 0f61c092e4e2e8e130837d280ef6de1c3b67efdd565f05dd9efa2ca5ea163f2eb6816e7a640f0b4bd2a700038b3eff235547647466b674fadeac6835f9bca74c
+DIST ca-certificates_20180409.tar.xz 246908 SHA256 7af6f5bfc619fd29cbf0258c1d95107c38ce840ad6274e343e1e0d971fc72b51 SHA512 e0742da19416d367618547107cc0f1cc045d5ba62c30fb7238e0e36ec0d19ea48e2ffdee2c68a9f06954025c58db9a5376f149e221ede95a3a029cda39d86a53 WHIRLPOOL d53c4dc4acdb64c0b0cb8300aa1800db3a96b3584fa1a328f4114bce16c621bbc6b5f4fa1f78ee6d0901c90ae08adcc7ddb5426b054eb115c2c690a87c40056a
+DIST nss-3.37.tar.gz 23027581 SHA256 5821969e85d241833e96cb82bd4211ddea6d87003f2cccce25e0eab4aefa6268 SHA512 ad5175f126705f57092ac80421ac005bcc32bb18a4a44a527df25994fa90b3bc18af08506683564f619a22076f71232e2b3c9e6e25d6312d0bfed63684139103 WHIRLPOOL 135c4c9984bf52a2df44308a247984bf3cc6f9c1c85abcf0b0fbc215ff45e84b5a5ade0610872bed1f3df6fe8771e8f52998d0762b3ebc0b754e8fb8aafbd28c
DIST nss-cacert-class1-class3.patch 22950 SHA256 6bba29cee34276e2ca6436dabedfeba2b61fb46668c5d5ceabf0c871574649bf SHA512 a5aa740bf110a3f0262e3f1ef2fc739ac2b44f042e220039d48aee8e97cd764d5c10718220364f4098aba955882bd02cadb5481512388971a8290312f88a7df0 WHIRLPOOL 1246223b01292604e5609bb9c580f092dc5937bf8c98f6891b099e8bab960e03612b6617e30a55d6ff8817d88f190e03812fe8f89f84f25c20970493dc2f7700
diff --git a/app-misc/ca-certificates/ca-certificates-20170717.3.36.1.ebuild b/app-misc/ca-certificates/ca-certificates-20180409.3.37.ebuild
similarity index 89%
rename from app-misc/ca-certificates/ca-certificates-20170717.3.36.1.ebuild
rename to app-misc/ca-certificates/ca-certificates-20180409.3.37.ebuild
index 3d463f1..126365b 100644
--- a/app-misc/ca-certificates/ca-certificates-20170717.3.36.1.ebuild
+++ b/app-misc/ca-certificates/ca-certificates-20180409.3.37.ebuild
@@ -60,7 +60,7 @@
LICENSE="MPL-1.1"
SLOT="0"
KEYWORDS="*"
-IUSE="insecure_certs"
+IUSE=""
${PRECOMPILED} || IUSE+=" cacert"
DEPEND=""
@@ -105,7 +105,7 @@
if use cacert ; then
pushd "${S}"/nss-${NSS_VER} >/dev/null
- epatch "${DISTDIR}"/nss-cacert-class1-class3.patch
+ eapply -p0 "${DISTDIR}"/nss-cacert-class1-class3.patch
popd >/dev/null
fi
fi
@@ -116,6 +116,7 @@
sed -i \
-e '/="$ROOT/s:ROOT:ROOT'"${EPREFIX}"':' \
-e '/RELPATH="\.\./s:"$:'"${relp}"'":' \
+ -e 's/openssl rehash/c_rehash/' \
usr/sbin/update-ca-certificates || die
}
@@ -139,18 +140,6 @@
mv usr/share/doc/{ca-certificates,${PF}} || die
fi
- if ! use insecure_certs ; then
- elog "To prevent applications relying on system's trusted root certificate store"
- elog "from using CAs where at least one major browser vendor Gentoo is following"
- elog "has decided to apply trust level restrictions, the following"
- elog "certificate(s) were removed:"
- # Remove untrusted certs from StartCom and WoSign (bug #598072)
- elog "$(find "${c}" -type f \( \
- -iname '*startcom*' \
- -o -iname '*wosign*' \
- \) -printf '%P removed; see https://bugs.gentoo.org/598072 for details\n' -delete)"
- fi
-
(
echo "# Automatically generated by ${CATEGORY}/${PF}"
echo "# $(date -u)"
diff --git a/metadata/md5-cache/app-misc/ca-certificates-20170717.3.36.1 b/metadata/md5-cache/app-misc/ca-certificates-20180409.3.37
similarity index 73%
rename from metadata/md5-cache/app-misc/ca-certificates-20170717.3.36.1
rename to metadata/md5-cache/app-misc/ca-certificates-20180409.3.37
index 1711f7b..ed5aa90 100644
--- a/metadata/md5-cache/app-misc/ca-certificates-20170717.3.36.1
+++ b/metadata/md5-cache/app-misc/ca-certificates-20180409.3.37
@@ -3,11 +3,11 @@
DESCRIPTION=Common CA Certificates PEM files
EAPI=6
HOMEPAGE=https://packages.debian.org/sid/ca-certificates
-IUSE=insecure_certs cacert
+IUSE=cacert
KEYWORDS=*
LICENSE=MPL-1.1
RDEPEND=app-misc/c_rehash sys-apps/debianutils
SLOT=0
-SRC_URI=mirror://debian/pool/main/c/ca-certificates/ca-certificates_20170717.tar.xz https://archive.mozilla.org/pub/security/nss/releases/NSS_3_36_1_RTM/src/nss-3.36.1.tar.gz cacert? ( https://dev.gentoo.org/~axs/distfiles/nss-cacert-class1-class3.patch )
+SRC_URI=mirror://debian/pool/main/c/ca-certificates/ca-certificates_20180409.tar.xz https://archive.mozilla.org/pub/security/nss/releases/NSS_3_37_RTM/src/nss-3.37.tar.gz cacert? ( https://dev.gentoo.org/~axs/distfiles/nss-cacert-class1-class3.patch )
_eclasses_=estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 06133990e861be0fe60c2b428fd025d9 multilib 97f470f374f2e94ccab04a2fb21d811e python-any-r1 8eb13cdf35f6e43c48107b911900b2cc python-utils-r1 ec7e05a608c9ab8ae4d180d10bd61600 toolchain-funcs 1e35303c63cd707f6c3422b4493d5607 versionator 26ca8a8bd95d6a74122c08ba98a4ee72
-_md5_=ae8d6dfae9d0e12a4fbd7d05c2fceeef
+_md5_=58c619a076746553fc5cb2f2ca84aad2
