| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates the ca-certificates and ca-bundle package.
This version changed the files directory again, to work/, so
PKG_BUILD_DIR was brought back.
A list of changes from Debian's change-log entry for 20200601 [0]:
* mozilla/{certdata.txt,nssckbi.h}:
Update Mozilla certificate authority bundle to version 2.40.
Closes: #956411, #955038
* mozilla/blacklist.txt
Add distrusted Symantec CA list to blacklist for explicit removal.
Closes: #911289
Blacklist expired root certificate, "AddTrust External Root"
Closes: #961907
The following certificate authorities were added (+):
+ "Certigna Root CA"
+ "emSign ECC Root CA - C3"
+ "emSign ECC Root CA - G3"
+ "emSign Root CA - C1"
+ "emSign Root CA - G1"
+ "Entrust Root Certification Authority - G4"
+ "GTS Root R1"
+ "GTS Root R2"
+ "GTS Root R3"
+ "GTS Root R4"
+ "Hongkong Post Root CA 3"
+ "UCA Extended Validation Root"
+ "UCA Global G2 Root"
The following certificate authorities were removed (-):
- "AddTrust External Root"
- "Certinomis - Root CA"
- "Certplus Class 2 Primary CA"
- "Deutsche Telekom Root CA 2"
- "GeoTrust Global CA"
- "GeoTrust Primary Certification Authority"
- "GeoTrust Primary Certification Authority - G2"
- "GeoTrust Primary Certification Authority - G3"
- "GeoTrust Universal CA"
- "thawte Primary Root CA"
- "thawte Primary Root CA - G2"
- "thawte Primary Root CA - G3"
- "VeriSign Class 3 Public Primary Certification Authority - G4"
- "VeriSign Class 3 Public Primary Certification Authority - G5"
- "VeriSign Universal Root Certification Authority"
[0] <https://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20200601_changelog>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|
|
|
|
|
|
|
|
| |
- both packages provide ca-certs
- make ca-bundle the default provider
This should allow easy transition between these two forms of CA certificates storage
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
- Tested on Turris MOX, OpenWrt master
- Removed PKG_BUILD_DIR
In build_dir there were two folders
ca-certificates and ca-certificates-20190110 and it failed as files
were in ca-certificates-20190110
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
|
|
|
|
|
|
| |
remove myself as PKG_MAINTAINER
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation
Fixes openwrt/packages#6152
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
| |
ca-certificates: Update to Version 20180409
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
|
|
|
|
| |
Update to 20170717
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
|
|
| |
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
|
|
|
|
| |
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
|
|
| |
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
|
|
|
|
|
|
| |
Some SSL applications requires a certificates bundle rather
than a directory containing certificates. For thos applications
we build the ca-bundle package
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
|
|
|
|
|
|
|
|
|
|
| |
- update to latest version 20160104
- remove cpu dependency (PKGARCH:=all)
- set myself as package maintainer
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 48271
|
|
|
|
|
|
|
|
| |
update to version 20151214
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 48000
|
|
|
|
|
|
|
|
| |
update to version 20150426
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 45858
|
|
|
|
|
|
| |
Signed-off-by: Nicolas Thill <nico@openwrt.org>
SVN-Revision: 45250
|
|
|
|
|
|
| |
Signed-off-by: Nicolas Thill <nico@openwrt.org>
SVN-Revision: 44498
|
|
|
|
|
|
|
|
| |
turns out that r43155 adds duplicate info.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43167
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.
I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.
However, I can not garantee that I always picked the correct information
and/or did not miss license information.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 43155
|
|
|
|
|
|
|
|
| |
Update to Version 20141019
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 43111
|
|
|
|
|
|
|
|
|
|
|
| |
Implementing "add-cert.sh" functionality described at
http://wiki.openwrt.org/doc/howto/wget-ssl-certs into Makefile
otherwise you need to create symbolic links for certificate hashes
yourself.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 42660
|
|
|
|
| |
SVN-Revision: 40894
|
|
|
|
|
|
|
|
| |
symlink (fixes #15351)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 40007
|
|
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 39984
|