1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
#!/bin/bash
set -e
# use the locale C.UTF-8
unset LC_ALL
LC_CTYPE=C.UTF-8
export LC_CTYPE
storepass='changeit'
if [ -f /etc/default/cacerts ]; then
. /etc/default/cacerts
fi
arch=`dpkg --print-architecture`
JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
nsslib_name()
{
if dpkg --assert-multi-arch 2>/dev/null; then
echo "@NSS_LIB@:${arch}"
else
echo "@NSS_LIB@"
fi
}
setup_path()
{
for jvm in java-6-openjdk-$arch java-6-openjdk \
java-7-openjdk-$arch java-7-openjdk java-6-sun; do
if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
break
fi
done
export JAVA_HOME=/usr/lib/jvm/$jvm
PATH=$JAVA_HOME/bin:$PATH
}
first_install()
{
if which dpkg-query >/dev/null; then
nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1)
nsscfg=/etc/${jvm%-$arch}/security/nss.cfg
nssjdk=$(test ! -f $nsscfg || sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' $nsscfg)
if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
fi
fi
# Forcibly remove diginotar cert (LP: #920758)
if [ -n "$FIXOLD" ]; then
echo -e "-diginotar_root_ca\n-diginotar_root_ca_pem" | \
java -Xmx64m -jar $JAR -storepass "$storepass"
fi
find /etc/ssl/certs -name \*.pem | \
while read filename; do
alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _)
alias=${alias%*_}
if [ -n "$FIXOLD" ]; then
echo "-${alias}"
echo "-${alias}_pem"
fi
echo "+${filename}"
done | \
java -Xmx64m -jar $JAR -storepass "$storepass"
echo "done."
}
do_cleanup()
{
[ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]
then
rm -f $nssjdk/libnss3.so
fi
}
case "$1" in
configure)
if dpkg --compare-versions "$2" lt "20110912ubuntu6"; then
FIXOLD="true"
if [ -e /etc/ssl/certs/java/cacerts ]; then
cp -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old
fi
fi
if [ -z "$2" -o -n "$FIXOLD" ]; then
setup_path
if ! mountpoint -q /proc; then
echo >&2 "the keytool command requires a mounted proc fs (/proc)."
exit 1
fi
temp_jvm_cfg=
if [ ! -f /etc/${jvm%-$arch}/jvm-$arch.cfg ]; then
# the jre is not yet configured, but jvm.cfg is needed to run it
temp_jvm_cfg=/etc/${jvm%-$arch}/jvm-$arch.cfg
mkdir -p /etc/${jvm%-$arch}
printf -- "-server KNOWN\n" > $temp_jvm_cfg
fi
if first_install; then
do_cleanup
else
do_cleanup
exit 1
fi
fi
chmod 600 /etc/default/cacerts || true
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
#DEBHELPER#
exit 0
|
