Resolves: rhbz#2021362
Remove blacklist directory from release and documentation. Add requires for the version of p11_kit that uses the blocklist directory.
This commit is contained in:
Bob Relyea
parent
7ce59a8b26
commit
09eff8709a
@ -38,7 +38,7 @@ Name: ca-certificates
|
||||
Version: 2020.2.50
|
||||
# for y-stream, please always use 91 <= release < 100 (91,92,93)
|
||||
# for z-stream release branches, please use 90 <= release < 91 (90.0, 90.1, ...)
|
||||
Release: 93%{?dist}
|
||||
Release: 94%{?dist}
|
||||
License: Public Domain
|
||||
|
||||
URL: https://fedoraproject.org/wiki/CA-Certificates
|
||||
@ -71,10 +71,10 @@ Requires(post): coreutils
|
||||
Requires: bash
|
||||
Requires: grep
|
||||
Requires: sed
|
||||
Requires(post): p11-kit >= 0.23.19
|
||||
Requires(post): p11-kit-trust >= 0.23.19
|
||||
Requires: p11-kit >= 0.23.19
|
||||
Requires: p11-kit-trust >= 0.23.19
|
||||
Requires(post): p11-kit >= 0.24
|
||||
Requires(post): p11-kit-trust >= 0.24
|
||||
Requires: p11-kit >= 0.24
|
||||
Requires: p11-kit-trust >= 0.24
|
||||
|
||||
BuildRequires: perl-interpreter
|
||||
BuildRequires: python3
|
||||
@ -185,7 +185,6 @@ mkdir -p -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/ssl
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source/anchors
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source/blocklist
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source/blacklist
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted/pem
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted/openssl
|
||||
@ -194,7 +193,6 @@ mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted/edk2
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source/anchors
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source/blocklist
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source/blacklist
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-legacy
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{_bindir}
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT%{_mandir}/man8
|
||||
@ -344,7 +342,6 @@ fi
|
||||
%dir %{catrustdir}/source
|
||||
%dir %{catrustdir}/source/anchors
|
||||
%dir %{catrustdir}/source/blocklist
|
||||
%dir %{catrustdir}/source/blacklist
|
||||
%dir %{catrustdir}/extracted
|
||||
%dir %{catrustdir}/extracted/pem
|
||||
%dir %{catrustdir}/extracted/openssl
|
||||
@ -353,7 +350,6 @@ fi
|
||||
%dir %{_datadir}/pki/ca-trust-source
|
||||
%dir %{_datadir}/pki/ca-trust-source/anchors
|
||||
%dir %{_datadir}/pki/ca-trust-source/blocklist
|
||||
%dir %{_datadir}/pki/ca-trust-source/blacklist
|
||||
%dir %{_datadir}/pki/ca-trust-legacy
|
||||
|
||||
%config(noreplace) %{catrustdir}/ca-legacy.conf
|
||||
@ -399,6 +395,9 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Nov 1 2021 Bob Relyea <rrelyea@redhat.com> - 2020.2.50-94
|
||||
- remove blacklist directory and references now that p11-kit has been updated.
|
||||
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2020.2.50-93
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
@ -98,13 +98,13 @@ subdirectory in the /etc hierarchy.
|
||||
* add it as a new file to directory /etc/pki/ca-trust/source/anchors/
|
||||
* run 'update-ca-trust extract'
|
||||
|
||||
.*QUICK HELP 2*: If your certificate is in the extended BEGIN TRUSTED file format (which may contain distrust/blacklist trust flags, or trust flags for usages other than TLS) then:
|
||||
.*QUICK HELP 2*: If your certificate is in the extended BEGIN TRUSTED file format (which may contain distrust/blocklist trust flags, or trust flags for usages other than TLS) then:
|
||||
* add it as a new file to directory /etc/pki/ca-trust/source/
|
||||
* run 'update-ca-trust extract'
|
||||
|
||||
.In order to offer simplicity and flexibility, the way certificate files are treated depends on the subdirectory they are installed to.
|
||||
* simple trust anchors subdirectory: /usr/share/pki/ca-trust-source/anchors/ or /etc/pki/ca-trust/source/anchors/
|
||||
* simple blacklist (distrust) subdirectory: /usr/share/pki/ca-trust-source/blacklist/ or /etc/pki/ca-trust/source/blacklist/
|
||||
* simple blocklist (distrust) subdirectory: /usr/share/pki/ca-trust-source/blocklist/ or /etc/pki/ca-trust/source/blocklist/
|
||||
* extended format directory: /usr/share/pki/ca-trust-source/ or /etc/pki/ca-trust/source/
|
||||
|
||||
.In the main directories /usr/share/pki/ca-trust-source/ or /etc/pki/ca-trust/source/ you may install one or multiple files in the following file formats:
|
||||
@ -134,7 +134,7 @@ you may install one or multiple certificates in either the DER file
|
||||
format or in the PEM (BEGIN/END CERTIFICATE) file format.
|
||||
Each certificate will be treated as *trusted* for all purposes.
|
||||
|
||||
In the blacklist subdirectories /usr/share/pki/ca-trust-source/blacklist/ or /etc/pki/ca-trust/source/blacklist/
|
||||
In the blocklist subdirectories /usr/share/pki/ca-trust-source/blocklist/ or /etc/pki/ca-trust/source/blocklist/
|
||||
you may install one or multiple certificates in either the DER file
|
||||
format or in the PEM (BEGIN/END CERTIFICATE) file format.
|
||||
Each certificate will be treated as *distrusted* for all purposes.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user