38
38
CERTSCONF=/etc/ca-certificates.conf
39
39
CERTSDIR=/usr/share/ca-certificates
40
40
CERTBUNDLE=ca-certificates.crt
41
ETCCERTSDIR=/etc/ssl/certs
42
43
if [ "$fresh" = 1 ]; then
43
echo -n "Clearing symlinks in /etc/ssl/certs..."
44
echo -n "Clearing symlinks in $ETCCERTSDIR..."
44
45
find . -type l -print | while read symlink
46
47
case $(readlink $symlink) in
56
echo -n "Updating certificates in /etc/ssl/certs...."
57
echo -n "Updating certificates in $ETCCERTSDIR...."
58
59
bundletmp=`mktemp "${CERTBUNDLE}.tmp.XXXXXX"`
59
sed -ne 's/^!//p' $CERTSCONF | while read crt
60
removed="$(sed -ne 's/^!//p' $CERTSCONF | while read crt
61
62
if test "$crt" = ""; then continue; fi
62
63
pem=$(basename "$crt" .crt).pem
63
if test -e "$pem"; then rm -f "$pem"; fi
64
if test -e "$pem"; then
66
echo "-$ETCCERTSDIR/$pem"
66
sed -e '/^#/d' -e '/^!/d' $CERTSCONF | while read crt
70
added="$(sed -e '/^#/d' -e '/^!/d' $CERTSCONF | while read crt
68
72
if test "$crt" = ""; then continue; fi
69
73
if ! test -f "$CERTSDIR/$crt"; then continue; fi
70
74
pem=$(basename "$crt" .crt).pem
75
if ! test -e "$pem"; then echo "+$ETCCERTSDIR/$pem"; fi
71
76
ln -sf "$CERTSDIR/$crt" "$pem"
72
77
cat "$CERTSDIR/$crt" >> "$bundletmp"
74
79
chmod 0644 "$bundletmp"
75
80
mv -f "$bundletmp" "$CERTBUNDLE"
77
if [ "$verbose" = 0 ]; then
78
c_rehash . > /dev/null 2>&1
82
if [ -n "$added" ] || [ -n "$removed" ]; then
83
# only run if set of files has changed
85
if [ "$verbose" = 0 ]; then
86
c_rehash . > /dev/null 2>&1
92
HOOKSDIR=/etc/ca-certificates/update.d
93
echo -n "Running hooks in $HOOKSDIR...."
95
[ "$verbose" = 0 ] || VERBOSE_ARG=--verbose
96
eval run-parts $VERB_ARG --test -- $HOOKSDIR | while read hook; do
97
printf -- "${removed:+$removed\n}${added:+$added\n}" | eval $hook