mozilla-rootcerts: Move MESSAGE content into documentation

Drop MESSAGE content pointing out mozilla-rootcerts-openssl that is
duplicative with DESCR.

Move MESSAGE content about installation for gnupg2 into a
documentation file; this is simply normal documentation about how to
use an installed package.  Mention this documentation in DESCR, so
that prospective users get the right sense of what the package can do.
This commit is contained in:
gdt 2020-11-27 16:18:35 +00:00
parent 88b25a6482
commit faf4404055
5 changed files with 20 additions and 24 deletions

View file

@ -13,3 +13,6 @@ usable by SSL/TLS implementations.
Use the 'mozilla-rootcerts install' script or mozilla-rootcerts-openssl
package if you want to use these certificates.
This package includes instructions for configuring gnupg2 to use the
certificates.

View file

@ -1,20 +0,0 @@
===========================================================================
$NetBSD: MESSAGE,v 1.5 2014/08/10 10:47:42 wiz Exp $
Execute this command to extract and rehash all CA root certificates
distributed by the Mozilla Project, so that they can be used by third
party applications using OpenSSL. It also creates a single file
certificate bundle in PEM format which can be used by applications using
GnuTLS.
# mozilla-rootcerts install
To mark these certificates as trusted for users of gnupg2, do
the following (assuming default PKG_SYSCONFBASE and a Bourne shell):
# mkdir -p /usr/pkg/etc/gnupg
# cd /usr/pkg/etc/gnupg
# for c in /etc/openssl/certs/*.pem; do
> openssl x509 -in $c -noout -fingerprint|sed 's|^.*=\(.*\)|\1 S|'
> done > trustlist.txt
===========================================================================

View file

@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.39 2020/06/12 10:35:11 maya Exp $
# $NetBSD: Makefile,v 1.40 2020/11/27 16:18:35 gdt Exp $
DISTNAME= mozilla-rootcerts-1.0.${CERTDATA_DATE}
PKGREVISION= 1
PKGREVISION= 2
CATEGORIES= security
MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/4f0b2cc28b1482e285bcfceec472a568f3843299/security/nss/lib/ckfw/builtins/certdata.txt
EXTRACT_SUFX= # empty
@ -43,7 +43,7 @@ SUBST_FILES.paths= ${CERT_SCRIPT}
SUBST_VARS.paths= AWK DATADIR ECHO EXPR LN LS MKDIR PREFIX RM SH SSLDIR
SUBST_SED.paths= -e 's,@OPENSSL@,${TOOLS_PATH.openssl},g'
INSTALLATION_DIRS= sbin ${DATADIR}
INSTALLATION_DIRS= sbin ${DATADIR} share/doc/${PKGBASE}
do-extract:
${CP} ${FILESDIR}/${CERT_SCRIPT} ${WRKSRC}
@ -60,5 +60,6 @@ do-install:
${DESTDIR}${PREFIX}/sbin/mozilla-rootcerts
${INSTALL_DATA} ${WRKSRC}/certdata.txt ${DESTDIR}${DATADIR}/certdata.txt
${INSTALL_DATA} ${WRKSRC}/cacert.pem ${DESTDIR}${DATADIR}/cacert.pem
${INSTALL_DATA} files/gnupg2 ${DESTDIR}/${PREFIX}/share/doc/${PKGBASE}
.include "../../mk/bsd.pkg.mk"

View file

@ -1,4 +1,5 @@
@comment $NetBSD: PLIST,v 1.3 2016/02/06 10:22:54 tron Exp $
@comment $NetBSD: PLIST,v 1.4 2020/11/27 16:18:35 gdt Exp $
sbin/mozilla-rootcerts
share/doc/mozilla-rootcerts/gnupg2
share/mozilla-rootcerts/cacert.pem
share/mozilla-rootcerts/certdata.txt

View file

@ -0,0 +1,11 @@
$NetBSD: gnupg2,v 1.1 2020/11/27 16:18:35 gdt Exp $
To configure the mozilla-rootcerts certificates as trusted for users
of gnupg2, do the following (assuming default PKG_SYSCONFBASE and a
Bourne shell):
# mkdir -p /usr/pkg/etc/gnupg
# cd /usr/pkg/etc/gnupg
# for c in /etc/openssl/certs/*.pem; do
> openssl x509 -in $c -noout -fingerprint|sed 's|^.*=\(.*\)|\1 S|'
> done > trustlist.txt