17 # for details, see http://www.debian.org/doc/debian-policy/ or |
17 # for details, see http://www.debian.org/doc/debian-policy/ or |
18 # the debian-policy package |
18 # the debian-policy package |
19 |
19 |
20 CONF=/etc/ca-certificates.conf |
20 CONF=/etc/ca-certificates.conf |
21 DIR=/usr/share/ca-certificates |
21 DIR=/usr/share/ca-certificates |
22 CRTS=$DIR/schlittermann-ca* |
22 CRTS=$DIR/schlittermann/*.crt |
23 |
23 |
24 hash() { openssl x509 -noout -in "$1" -hash; } |
24 hash() { openssl x509 -noout -in "$1" -hash; } |
25 |
25 |
26 case "$1" in |
26 case "$1" in |
27 configure) |
27 configure) |
|
28 # aus der ca-certificates.conf entfernen |
|
29 tmp=`mktemp` |
|
30 grep -v '^schlittermann-ca\.crt$' $CONF > $tmp |
|
31 cp $tmp $CONF |
|
32 rm -f $tmp |
|
33 |
28 # zuerst mal gucken, ob's nicht zufällig schon in /etc/ssl/certs |
34 # zuerst mal gucken, ob's nicht zufällig schon in /etc/ssl/certs |
29 # mit rumliegt von früher |
35 # mit rumliegt von früher |
30 |
36 |
31 for CRT in $CRTS; do |
37 for CRT in $CRTS; do |
32 CRT=$(basename $CRT) |
38 CRT=$(basename $CRT) |
33 HASH=`hash $DIR/$CRT` |
39 HASH=`hash $DIR/$CRT 2>/dev/null || echo 0` |
34 echo "$DIR/$CRT: $HASH" |
40 echo "$DIR/$CRT: $HASH" |
35 |
41 |
36 for p in /etc/ssl/certs/*.crt; do |
42 for p in /etc/ssl/certs/*.crt; do |
37 test -e "$p" || { rm -f "$p"; continue; } |
43 test -e "$p" || { rm -f "$p"; continue; } # dangling symlinks |
38 test "$HASH" = `hash "$p"` || continue |
44 test "$HASH" = `hash "$p"` || continue |
39 test -L "$p" || { rm -v "$p"; continue; } |
45 test -L "$p" || { rm -v "$p"; continue; } |
40 test `readlink "$p"` = "$DIR/$CRT" || { rm "$p"; continue; } |
46 test `readlink "$p"` = "$DIR/$CRT" || { rm "$p"; continue; } |
41 done |
47 done |
42 grep -q "$CRT" "$CONF" || echo "$CRT" >> "$CONF" |
48 grep -F -q "schlittermann/$CRT" "$CONF" || echo "schlittermann/$CRT" >> "$CONF" |
43 done |
49 done |
44 |
50 |
45 update-ca-certificates |
51 update-ca-certificates |
46 ;; |
52 ;; |
47 |
53 |