From 09a28b67f1b904b4daaad1ad8b33069eefca0880 Mon Sep 17 00:00:00 2001
From: André Draszik <andre.draszik@jci.com>
Date: Fri, 27 Jul 2018 14:16:16 +0100
Subject: ca-certificates-java: update to v20180516
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is the latest available version and contains
some fixes for Java 10 & Java 11

Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Leitner <richard.leitner@skidata.com>
---
 .../ca-certificates-java_20180516.bb               | 107 +++++++++++++++++++++
 1 file changed, 107 insertions(+)
 create mode 100644 recipes-core/ca-certificates-java/ca-certificates-java_20180516.bb

(limited to 'recipes-core/ca-certificates-java/ca-certificates-java_20180516.bb')

diff --git a/recipes-core/ca-certificates-java/ca-certificates-java_20180516.bb b/recipes-core/ca-certificates-java/ca-certificates-java_20180516.bb
new file mode 100644
index 0000000..2db1915
--- /dev/null
+++ b/recipes-core/ca-certificates-java/ca-certificates-java_20180516.bb
@@ -0,0 +1,107 @@
+SUMMARY = "Common CA certificates (JKS trustStore)"
+DESCRIPTION = "This package uses the hooks of the ca-certificates \
+package to update the cacerts JKS trustStore used for many java runtimes."
+LICENSE = "GPLv2+"
+LIC_FILES_CHKSUM = "\
+	file://debian/copyright;md5=ab0f6b6900f6564dc3e273dfa36fcc72 \
+	file://src/main/java/org/debian/security/InvalidKeystorePasswordException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
+	file://src/main/java/org/debian/security/KeyStoreHandler.java;endline=18;md5=3fd0e26abbca2ec481cf3698431574ae \
+	file://src/main/java/org/debian/security/UnableToSaveKeystoreException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
+	file://src/main/java/org/debian/security/UnknownInputException.java;endline=17;md5=f9150bf1ca3139a38ddb54f9e1c0eb9b \
+	file://src/main/java/org/debian/security/UpdateCertificates.java;endline=18;md5=3fd0e26abbca2ec481cf3698431574ae \
+"
+DEPENDS = "virtual/javac-native fastjar-native"
+# We can't use virtual/javac-native, because that would create a
+# keystore that can't be read on the target (as virtual/javac-native
+# usually is either too old, or plain incompatible with this)
+PACKAGE_WRITE_DEPS += "openjdk-8-native"
+
+SRC_URI = "\
+	git://salsa.debian.org/java-team/ca-certificates-java.git \
+	file://0001-UpdateCertificates-handle-SYSROOT-environment-variab.patch \
+	file://${BPN}.hook.in \
+"
+
+SRCREV = "793b846dcd4e79371bbe8069e4125ec2fd462e57"
+
+inherit java allarch
+
+S = "${WORKDIR}/git"
+B = "${WORKDIR}/build"
+
+JARFILENAME = "${BPN}.jar"
+
+python () {
+    runtime = d.getVar("PREFERRED_RPROVIDER_java2-runtime") or ""
+    if not runtime in ("openjdk-8", "openjre-8"):
+        raise bb.parse.SkipRecipe("PREFERRED_RPROVIDER_java2-runtime '%s' unsupported" % runtime)
+}
+
+do_patch_append () {
+    bb.build.exec_func('do_fix_sysconfdir', d)
+}
+
+do_fix_sysconfdir () {
+	sed -e 's|/etc/ssl/certs/java|${sysconfdir}/ssl/certs/java|g' \
+	    -i ${S}/src/main/java/org/debian/security/UpdateCertificates.java
+}
+
+do_compile () {
+	mkdir -p build # simplify in-tree builds (externalsrc)
+	javac -g \
+	    -source 1.7 -target 1.7 -encoding ISO8859-1 \
+	    -d build \
+	    -sourcepath ${S}/src/main/java \
+	    $(find ${S}/src/main/java -name '*.java' -type f)
+
+	# needs to end with two empty lines
+	cat << EOF > ${B}/manifest
+Manifest-Version: 1.0
+Main-Class: org.debian.security.UpdateCertificates
+
+EOF
+	fastjar -cfm ${JARFILENAME} ${B}/manifest -C build .
+}
+
+do_install () {
+	oe_jarinstall ${JARFILENAME}
+
+	mkdir -p ${D}${sysconfdir}/ssl/certs/java
+	install -Dm0755 ${WORKDIR}/${BPN}.hook.in ${D}${sysconfdir}/ca-certificates/update.d/${BPN}-hook
+	sed -e 's|@@datadir_java@@|${datadir_java}|' \
+	    -e 's|@@libdir_jvm@@|${libdir_jvm}|' \
+	    -e 's|@@JARFILENAME@@|${JARFILENAME}|' \
+	    -i ${D}${sysconfdir}/ca-certificates/update.d/${BPN}-hook
+
+	install -d -m0755 ${D}${sbindir}
+	ln -s ${@os.path.relpath("${sysconfdir}/ca-certificates/update.d/${BPN}-hook", "${sbindir}")} \
+	      ${D}${sbindir}/create-ca-certificates-java
+}
+
+pkg_postinst_${PN} () {
+	if [ -n "$D" ] ; then
+	    # In this case we want to use the Java in the image recipe's
+	    # native sysroot (native Java, not qemu target Java) to
+	    # generate the trustStore.
+	    # None of the supported Java versions are in PATH, though, so
+	    # we have to find a satisfactory one ourselves below $libdir_jvm.
+	    # We really need the $NATIVE_ROOT variable for that to work,
+	    # as STAGING_LIBDIR_JVM_NATIVE resolves to this recipe's native
+	    # sysroot during recipe build time, so it's of no use during
+	    # image build time.
+	    if [ -z $NATIVE_ROOT ] ; then
+		echo "$0: NATIVE_ROOT not known"
+		false
+	    fi
+	    JVM_LIBDIR=$NATIVE_ROOT${libdir_jvm}
+	fi
+	JVM_LIBDIR=$JVM_LIBDIR $D${sbindir}/create-ca-certificates-java
+}
+
+RDEPENDS_${PN} = "ca-certificates"
+RDEPENDS_${PN}_append_class-target = " java2-runtime"
+RDEPENDS_${PN}_append_class-native = " virtual/java-native"
+
+FILES_${PN} += "${datadir_java}"
+
+BBCLASSEXTEND = "native"
-- 
cgit v1.2.3-54-g00ecf