#!/bin/sh
#------------------------------------------------
# woof pinstall.sh for ca-certificates compat pkg

setvar CWD = "$(pwd)"
cd ./usr/share/ca-certificates
find -type f | cut -c 3- > ../../../etc/ca-certificates.conf
cd $CWD

# From update-ca-certificates...
# Edited to work in cross builds.

setvar CERTSCONF = "${CWD}/etc/ca-certificates.conf"
setvar CERTSDIR = "${CWD}/usr/share/ca-certificates"
setvar CERTBUNDLE = 'ca-certificates.crt'
setvar ETCCERTSDIR = "${CWD}/etc/ssl/certs"

# Helper files.  (Some of them are not simple arrays because we spawn
# subshells later on.)
setvar TEMPBUNDLE = "$(mktemp -t "${CERTBUNDLE}.tmp.XXXXXX")"

# Adds a certificate to the list of trusted ones.  This includes a symlink
# in /etc/ssl/certs to the certificate file and its inclusion into the
# bundle.
proc add {
  setvar CERT = "$1"
  setvar PEM = ""$ETCCERTSDIR/$(basename "$CERT" .crt | sed -e 's/ /_/g' \
                                                  -e 's/[()]/=/g' \
                                                  -e 's/,/_/g').pem""
  if ! test -e $PEM || test $(readlink "$PEM") != $CERT
   {
    ln -sf $CERT $PEM
  }
  # Add trailing newline to certificate, if it is missing (#635570)
  sed -e '$a\' $CERT >> "$TEMPBUNDLE"
}

cd $ETCCERTSDIR
echo -n "Updating certificates in $ETCCERTSDIR... "

sed -e '/^$/d' -e '/^#/d' -e '/^!/d' $CERTSCONF | while read crt
{
  if ! test -f "$CERTSDIR/$crt"
  {
   echo "W: $CERTSDIR/$crt not found, but listed in $CERTSCONF." >&2
   continue
  }
  add "$CERTSDIR/$crt"
}

rm -f $CERTBUNDLE

c_rehash . > /dev/null

chmod 0644 $TEMPBUNDLE
mv -f $TEMPBUNDLE $CERTBUNDLE

cd $CWD

# END OF ca-certicates pinstall.sh ..
#------------------------------------------------